Every CVE whose affected-product data names Call-cc Http-client, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2016-6286 — CVSS 7.5 (high): The "spiffy-cgi-handlers" egg would convert a nonexistent "Proxy" header to the HTTP_PROXY environment variable, which would allow…
CVE-2016-6287 — CVSS 7.5 (high): The "http-client" egg always used a HTTP_PROXY environment variable to determine whether HTTP traffic should be routed via a proxy, even…