CVE-2025-58068
- EPSS 0.05%
- Published 29.08.2025 21:12:24
- Last modified 24.09.2025 18:16:58
Eventlet is a concurrent networking library for Python. Prior to version 0.40.3, the Eventlet WSGI parser is vulnerable to HTTP Request Smuggling due to improper handling of HTTP trailer sections. This vulnerability could enable attackers to, bypass ...
- EPSS 4.86%
- Published 11.04.2024 14:15:12
- Last modified 17.06.2025 20:50:56
eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. In other words, dnspyth...
CVE-2021-21419
- EPSS 0.1%
- Published 07.05.2021 15:15:07
- Last modified 21.11.2024 05:48:19
Eventlet is a concurrent networking library for Python. A websocket peer may exhaust memory on Eventlet side by sending very large websocket frames. Malicious peer may exhaust memory on Eventlet side by sending highly compressed data frame. A patch i...