CVE-2022-40899
HIGH WAF: Medium
CVSS 7.5
Published: 2022-12-23
CWE-400
An issue discovered in Python Charmers Future 0.18.2 and earlier allows remote attackers to cause a denial of service via crafted Set-Cookie header from malicious web server.
WAF Coverage Analysis
Uncontrolled Resource Consumption
Medium WAF Coverage
OWASP: A05:2021 Security Misconfiguration
912xxx - DOS Protection
Affected Software
| Vendor | Product | Version |
|---|---|---|
| pythoncharmers | python-future | up to 0.18.2 |
References
- github.com (Third Party Advisory)
- github.com (Issue Tracking, Patch, Third Party Advisory)
- github.com (Exploit, Patch, Third Party Advisory)
- pypi.org (Product, Third Party Advisory)
- pyup.io (Exploit, Vendor Advisory)