Safety vulnerability ID: 45718
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Python 2.5.6c1, 2.6.7rc2, 2.7.2, 3.2.4 and 3.3.1 include a fix for CVE-2011-4940: The list_directory function in Lib/SimpleHTTPServer.py in SimpleHTTPServer in Python before 2.5.6c1, 2.6.x before 2.6.7 rc2, and 2.7.x before 2.7.2 does not place a charset parameter in the Content-Type HTTP header, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks against Internet Explorer 7 via UTF-7 encoding.
https://python-security.readthedocs.io/vuln/simplehttpserver-utf-7.html
Latest version: 0.9.8
This vulnerability has no description
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application