|Category:||Debian Local Security Checks|
|Title:||Debian LTS: Security Advisory for python-httplib2 (DLA-2232-1)|
|Summary:||The remote host is missing an update for the 'python-httplib2'; package(s) announced via the DLA-2232-1 advisory.|
The remote host is missing an update for the 'python-httplib2'
package(s) announced via the DLA-2232-1 advisory.
In httplib2, an attacker controlling unescaped part of uri for
`httplib2.Http.request()` could change request headers and body, send
additional hidden requests to same server. This vulnerability impacts
software that uses httplib2 with uri constructed by string
concatenation, as opposed to proper urllib building with escaping.
'python-httplib2' package(s) on Debian Linux.
For Debian 8 'Jessie', this problem has been fixed in version
We recommend that you upgrade your python-httplib2 packages.
Common Vulnerability Exposure (CVE) ID: CVE-2020-11078|
|Copyright||Copyright (C) 2020 Greenbone Networks GmbH|
|This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.