[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2021-28861":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":24,"aliases":25,"duplicate_of":9,"upstream":26,"downstream":27,"duplicates":82,"related":83,"reserved_at":9,"published_at":100,"modified_at":101,"state":102,"summary":103,"references_raw":112,"kevs":198,"epss":199,"epss_history":202,"metrics":462,"affected":474},"CVE-2021-28861","Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation page states \"Warning: http.server is not recommended for production. It only implements basic security checks.\"",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-601","URL Redirection to Untrusted Site ('Open Redirect')","The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.","weakness","Draft","Base","Low",[20],{"id":21,"name":22,"techniques":23},"CAPEC-178","Cross-Site Flashing",[],[],[],[],[28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80],{"_key":29},"RHSA-2022:6766",{"_key":31},"RHSA-2022:8353",{"_key":33},"RHSA-2023:0833",{"_key":35},"RHSA-2023:2763",{"_key":37},"RHSA-2023:2764",{"_key":39},"SUSE-SU-2022:3483-1",{"_key":41},"SUSE-SU-2022:3511-1",{"_key":43},"SUSE-SU-2022:3511-2",{"_key":45},"SUSE-SU-2022:3512-2",{"_key":47},"SUSE-SU-2022:3553-1",{"_key":49},"SUSE-SU-2022:3593-1",{"_key":51},"SUSE-SU-2022:3940-1",{"_key":53},"SUSE-SU-2022:3473-1",{"_key":55},"SUSE-SU-2022:3485-1",{"_key":57},"SUSE-SU-2022:3512-1",{"_key":59},"SUSE-SU-2022:3544-1",{"_key":61},"OPENSUSE-SU-2024:12297-1",{"_key":63},"OPENSUSE-SU-2024:12300-1",{"_key":65},"OPENSUSE-SU-2024:12301-1",{"_key":67},"OPENSUSE-SU-2024:12321-1",{"_key":69},"DLA-3966-1",{"_key":71},"DLA-3980-1",{"_key":73},"MGASA-2022-0359",{"_key":75},"UBUNTU-CVE-2021-28861",{"_key":77},"USN-5888-1",{"_key":79},"DEBIAN-CVE-2021-28861",{"_key":81},"USN-5629-1",[],[84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99],{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},{"_key":67},{"_key":73},"2022-08-23T00:00:00.000Z","2025-12-17T21:30:32.380Z","Modified",{"cisa_kev":104,"cisa_ransomware":104,"cisa_vendor":9,"epss_severity":105,"epss_score":106,"severity":107,"severity_score":108,"severity_version":109,"severity_source":110,"severity_vector":111,"severity_status":102},false,"low",0.01395,"high",7.4,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",[113,120,126,130,134,138,142,146,150,154,158,162,166,170,174,178,182,186,190,194],{"url":114,"sources":115,"tags":117},"https://bugs.python.org/issue43223",[116,110],"cve.org",[118,119],"Issue Tracking","Vendor Advisory",{"url":121,"sources":122,"tags":123},"https://github.com/python/cpython/pull/93879",[116,110],[124,125],"Patch","Third Party Advisory",{"url":127,"sources":128,"tags":129},"https://github.com/python/cpython/pull/24848",[116,110],[124,125],{"url":131,"sources":132,"tags":133},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OKYE2DOI2X7WZXAWTQJZAXYIWM37HDCY/",[116,110],[119],{"url":135,"sources":136,"tags":137},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LTSPFIULY2GZJN3QYNFVM4JSU6H4D6J/",[116,110],[119],{"url":139,"sources":140,"tags":141},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S7G66SRWUM36ENQ3X6LAIG7HAB27D4XJ/",[116,110],[119],{"url":143,"sources":144,"tags":145},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DISZAFSIQ7IAPAEQTC7G2Z5QUA2V2PSW/",[116,110],[119],{"url":147,"sources":148,"tags":149},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QLE5INSVJUZJGY5OJXV6JREXWD7UDHYN/",[116,110],[119],{"url":151,"sources":152,"tags":153},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HPX4XHT2FGVQYLY2STT2MRVENILNZTTU/",[116,110],[119],{"url":155,"sources":156,"tags":157},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X46T4EFTIBXZRYTGASBDEZGYJINH2OWV/",[116,110],[119],{"url":159,"sources":160,"tags":161},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KRGKPYA5YHIXQAMRIXO5DSCX7D4UUW4Q/",[116,110],[119],{"url":163,"sources":164,"tags":165},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I3MQT5ZE3QH5PVDJMERTBOCILHK35CBE/",[116,110],[119],{"url":167,"sources":168,"tags":169},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2TRINJE3INWDVIHIABW4L2NP3RUSK7BJ/",[116,110],[119],{"url":171,"sources":172,"tags":173},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WXF6MQ74HVIDDSR5AE2UDR24I6D4FEPC/",[116,110],[119],{"url":175,"sources":176,"tags":177},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFGV7P2PYFBMK32OKHCAC2ZPJQV5AUDF/",[116,110],[119],{"url":179,"sources":180,"tags":181},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZEPOPUFC42KXXSLFPZ47ZZRGPOR7SQE/",[116,110],[119],{"url":183,"sources":184,"tags":185},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5OABQ5CMPQETJLFHROAXDIDXCMDTNVYG/",[116,110],[119],{"url":187,"sources":188,"tags":189},"https://security.gentoo.org/glsa/202305-02",[116,110],[119],{"url":191,"sources":192,"tags":193},"https://lists.debian.org/debian-lts-announce/2024/12/msg00000.html",[116,110],[],{"url":195,"sources":196,"tags":197},"https://lists.debian.org/debian-lts-announce/2024/11/msg00024.html",[116,110],[],[],{"date":200,"score":106,"percentile":201},"2026-06-04",0.80724,[203,207,210,213,216,219,222,225,228,230,233,236,239,242,245,249,252,255,259,262,265,268,271,275,278,281,283,286,289,292,294,296,299,302,305,308,311,314,317,320,322,325,328,331,334,337,340,343,346,348,350,353,356,359,363,366,369,372,375,378,381,384,387,390,393,396,399,402,404,406,408,411,414,417,420,423,426,428,431,433,435,438,441,444,446,449,451,454,456,459],{"date":204,"score":205,"percentile":206},"2025-11-04",0.0074,0.72123,{"date":208,"score":205,"percentile":209},"2025-11-05",0.72107,{"date":211,"score":205,"percentile":212},"2025-11-06",0.72104,{"date":214,"score":205,"percentile":215},"2025-11-07",0.72119,{"date":217,"score":205,"percentile":218},"2025-11-08",0.72117,{"date":220,"score":205,"percentile":221},"2025-11-09",0.7211,{"date":223,"score":205,"percentile":224},"2025-11-10",0.72099,{"date":226,"score":205,"percentile":227},"2025-11-11",0.72106,{"date":229,"score":205,"percentile":206},"2025-11-12",{"date":231,"score":205,"percentile":232},"2025-11-13",0.72131,{"date":234,"score":205,"percentile":235},"2025-11-14",0.72139,{"date":237,"score":205,"percentile":238},"2025-11-15",0.72138,{"date":240,"score":205,"percentile":241},"2025-11-16",0.72134,{"date":243,"score":205,"percentile":244},"2025-11-17",0.72129,{"date":246,"score":247,"percentile":248},"2025-11-18",0.01333,0.7825,{"date":250,"score":247,"percentile":251},"2025-11-19",0.78259,{"date":253,"score":247,"percentile":254},"2025-11-20",0.78267,{"date":256,"score":257,"percentile":258},"2025-11-21",0.01321,0.79277,{"date":260,"score":257,"percentile":261},"2025-11-22",0.79281,{"date":263,"score":257,"percentile":264},"2025-11-23",0.7927,{"date":266,"score":257,"percentile":267},"2025-11-24",0.79268,{"date":269,"score":257,"percentile":270},"2025-11-25",0.79272,{"date":272,"score":273,"percentile":274},"2025-11-26",0.01285,0.79009,{"date":276,"score":273,"percentile":277},"2025-11-27",0.79011,{"date":279,"score":273,"percentile":280},"2025-11-28",0.79003,{"date":282,"score":273,"percentile":277},"2025-11-29",{"date":284,"score":273,"percentile":285},"2025-11-30",0.7901,{"date":287,"score":273,"percentile":288},"2025-12-01",0.79102,{"date":290,"score":273,"percentile":291},"2025-12-02",0.79104,{"date":293,"score":273,"percentile":291},"2025-12-03",{"date":295,"score":273,"percentile":285},"2025-12-04",{"date":297,"score":273,"percentile":298},"2025-12-05",0.79015,{"date":300,"score":273,"percentile":301},"2025-12-06",0.79018,{"date":303,"score":273,"percentile":304},"2025-12-07",0.79019,{"date":306,"score":273,"percentile":307},"2025-12-08",0.79024,{"date":309,"score":273,"percentile":310},"2025-12-09",0.7904,{"date":312,"score":273,"percentile":313},"2025-12-10",0.79061,{"date":315,"score":273,"percentile":316},"2025-12-11",0.79076,{"date":318,"score":273,"percentile":319},"2025-12-12",0.79095,{"date":321,"score":273,"percentile":319},"2025-12-13",{"date":323,"score":273,"percentile":324},"2025-12-14",0.79092,{"date":326,"score":273,"percentile":327},"2025-12-15",0.79093,{"date":329,"score":273,"percentile":330},"2025-12-16",0.79103,{"date":332,"score":273,"percentile":333},"2025-12-17",0.7911,{"date":335,"score":106,"percentile":336},"2025-12-18",0.7993,{"date":338,"score":106,"percentile":339},"2025-12-19",0.7994,{"date":341,"score":106,"percentile":342},"2025-12-20",0.79933,{"date":344,"score":106,"percentile":345},"2025-12-21",0.79927,{"date":347,"score":106,"percentile":345},"2025-12-22",{"date":349,"score":106,"percentile":345},"2025-12-23",{"date":351,"score":106,"percentile":352},"2025-12-24",0.79941,{"date":354,"score":106,"percentile":355},"2025-12-25",0.79962,{"date":357,"score":106,"percentile":358},"2025-12-26",0.79958,{"date":360,"score":361,"percentile":362},"2025-12-27",0.01121,0.77796,{"date":364,"score":106,"percentile":365},"2025-12-28",0.79947,{"date":367,"score":106,"percentile":368},"2025-12-29",0.79945,{"date":370,"score":106,"percentile":371},"2025-12-30",0.79951,{"date":373,"score":106,"percentile":374},"2025-12-31",0.79964,{"date":376,"score":106,"percentile":377},"2026-01-01",0.80052,{"date":379,"score":106,"percentile":380},"2026-01-02",0.80049,{"date":382,"score":106,"percentile":383},"2026-01-03",0.80046,{"date":385,"score":106,"percentile":386},"2026-01-04",0.79953,{"date":388,"score":106,"percentile":389},"2026-01-05",0.7995,{"date":391,"score":106,"percentile":392},"2026-01-06",0.79954,{"date":394,"score":106,"percentile":395},"2026-01-07",0.79961,{"date":397,"score":106,"percentile":398},"2026-01-08",0.79972,{"date":400,"score":106,"percentile":401},"2026-01-09",0.79973,{"date":403,"score":106,"percentile":398},"2026-01-10",{"date":405,"score":106,"percentile":374},"2026-01-11",{"date":407,"score":106,"percentile":389},"2026-01-12",{"date":409,"score":106,"percentile":410},"2026-01-13",0.79949,{"date":412,"score":106,"percentile":413},"2026-01-14",0.7997,{"date":415,"score":106,"percentile":416},"2026-01-15",0.79971,{"date":418,"score":106,"percentile":419},"2026-01-16",0.7998,{"date":421,"score":106,"percentile":422},"2026-01-17",0.79987,{"date":424,"score":106,"percentile":425},"2026-01-18",0.79977,{"date":427,"score":106,"percentile":413},"2026-01-19",{"date":429,"score":106,"percentile":430},"2026-01-20",0.79969,{"date":432,"score":106,"percentile":425},"2026-01-21",{"date":434,"score":106,"percentile":422},"2026-01-22",{"date":436,"score":106,"percentile":437},"2026-01-23",0.80016,{"date":439,"score":106,"percentile":440},"2026-01-24",0.80026,{"date":442,"score":106,"percentile":443},"2026-01-25",0.80017,{"date":445,"score":106,"percentile":443},"2026-01-26",{"date":447,"score":106,"percentile":448},"2026-01-27",0.8002,{"date":450,"score":106,"percentile":437},"2026-01-28",{"date":452,"score":106,"percentile":453},"2026-01-29",0.80014,{"date":455,"score":106,"percentile":437},"2026-01-30",{"date":457,"score":106,"percentile":458},"2026-01-31",0.80021,{"date":460,"score":106,"percentile":461},"2026-02-01",0.80112,[463,470],{"source":116,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":464,"cvss_v4_0":9},{"baseScore":465,"baseSeverity":466,"vectorString":467,"impactScore":468,"exploitabilityScore":469},6.5,"MEDIUM","CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",6,7.2,{"source":110,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":471,"cvss_v4_0":9},{"baseScore":108,"baseSeverity":472,"vectorString":111,"impactScore":473,"exploitabilityScore":469},"HIGH",6.7,[475,487],{"ecosystem":9,"name":476,"vendor":477,"product":476,"cpe_part":478,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":479},"fedora","fedoraproject","o",[480,483,485],{"version":481,"is_range":104,"range_type":482,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"35","cpe",{"version":484,"is_range":104,"range_type":482,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"36",{"version":486,"is_range":104,"range_type":482,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"37",{"ecosystem":9,"name":488,"vendor":488,"product":488,"cpe_part":489,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":490},"python","a",[491,498,502,506,510,512,514,516,518,520,522,524,526,528],{"version":492,"is_range":493,"range_type":482,"version_start":494,"version_start_type":495,"version_end":496,"version_end_type":497,"fixed_in":9},"gte3.0.0_lt3.7.14",true,"3.0.0","including","3.7.14","excluding",{"version":499,"is_range":493,"range_type":482,"version_start":500,"version_start_type":495,"version_end":501,"version_end_type":497,"fixed_in":9},"gte3.8.0_lt3.8.14","3.8.0","3.8.14",{"version":503,"is_range":493,"range_type":482,"version_start":504,"version_start_type":495,"version_end":505,"version_end_type":497,"fixed_in":9},"gte3.9.0_lt3.9.14","3.9.0","3.9.14",{"version":507,"is_range":493,"range_type":482,"version_start":508,"version_start_type":495,"version_end":509,"version_end_type":497,"fixed_in":9},"gte3.10.0_lt3.10.6","3.10.0","3.10.6",{"version":511,"is_range":104,"range_type":482,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.11.0:alpha1",{"version":513,"is_range":104,"range_type":482,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.11.0:alpha2",{"version":515,"is_range":104,"range_type":482,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.11.0:alpha3",{"version":517,"is_range":104,"range_type":482,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.11.0:alpha4",{"version":519,"is_range":104,"range_type":482,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.11.0:alpha5",{"version":521,"is_range":104,"range_type":482,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.11.0:alpha6",{"version":523,"is_range":104,"range_type":482,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.11.0:alpha7",{"version":525,"is_range":104,"range_type":482,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.11.0:beta1",{"version":527,"is_range":104,"range_type":482,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.11.0:beta2",{"version":529,"is_range":104,"range_type":482,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.11.0:beta3"]