Test ID:	1.3.6.1.4.1.25623.1.0.845172
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-5201-1)
Summary:	The remote host is missing an update for the 'python3.8, python3.9' package(s) announced via the USN-5201-1 advisory.
Description:	Summary: The remote host is missing an update for the 'python3.8, python3.9' package(s) announced via the USN-5201-1 advisory. Vulnerability Insight: It was discovered that the Python urllib http client could enter into an infinite loop when incorrectly handling certain server responses (100 Continue response). Specially crafted traffic from a malicious HTTP server could cause a denial of service (Dos) condition for a client. Affected Software/OS: 'python3.8, python3.9' package(s) on Ubuntu 20.04, Ubuntu 21.04. Solution: Please install the updated package(s). CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2021-3737 https://security.netapp.com/advisory/ntap-20220407-0009/ https://bugs.python.org/issue44022 https://bugzilla.redhat.com/show_bug.cgi?id=1995162 https://github.com/python/cpython/pull/25916 https://github.com/python/cpython/pull/26503 https://python-security.readthedocs.io/vuln/urllib-100-continue-loop.html https://ubuntu.com/security/CVE-2021-3737 https://www.oracle.com/security-alerts/cpujul2022.html https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html
Copyright	Copyright (C) 2021 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.