CVE-2025-58068
- EPSS 0.05%
- Veröffentlicht 29.08.2025 21:12:24
- Zuletzt bearbeitet 24.09.2025 18:16:58
Eventlet is a concurrent networking library for Python. Prior to version 0.40.3, the Eventlet WSGI parser is vulnerable to HTTP Request Smuggling due to improper handling of HTTP trailer sections. This vulnerability could enable attackers to, bypass ...
- EPSS 4.86%
- Veröffentlicht 11.04.2024 14:15:12
- Zuletzt bearbeitet 17.06.2025 20:50:56
eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. In other words, dnspyth...
CVE-2021-21419
- EPSS 0.1%
- Veröffentlicht 07.05.2021 15:15:07
- Zuletzt bearbeitet 21.11.2024 05:48:19
Eventlet is a concurrent networking library for Python. A websocket peer may exhaust memory on Eventlet side by sending very large websocket frames. Malicious peer may exhaust memory on Eventlet side by sending highly compressed data frame. A patch i...