An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component, the authority regular expression exhibits catastrophic backtracking, causing a denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-03T23:50:42.973Z
Reserved: 2021-05-21T00:00:00
Link: CVE-2021-33503

No data.

Status : Modified
Published: 2021-06-29T11:15:07.847
Modified: 2024-11-21T06:08:58.030
Link: CVE-2021-33503
