Eventlet Eventlet

Do you want an email whenever new security vulnerabilities are reported in Eventlet?

By the Year

In 2021 there have been 1 vulnerability in Eventlet with an average score of 5.3 out of ten. Eventlet did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2021 as compared to last year.

Year Vulnerabilities Average Score
2021 1 5.30
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Eventlet vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Eventlet Security Vulnerabilities

Eventlet is a concurrent networking library for Python

CVE-2021-21419 5.3 - Medium - May 07, 2021

Eventlet is a concurrent networking library for Python. A websocket peer may exhaust memory on Eventlet side by sending very large websocket frames. Malicious peer may exhaust memory on Eventlet side by sending highly compressed data frame. A patch in version 0.31.0 restricts websocket frame to reasonable limits. As a workaround, restricting memory usage via OS limits would help against overall machine exhaustion, but there is no workaround to protect Eventlet process.

Resource Exhaustion

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Fedora Project Fedora or by Eventlet? Click the Watch button to subscribe.

Eventlet
Vendor

Eventlet
Product

subscribe