Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-38jv-5279-wg99
  • PyPI/urllib3
 Decompression-bomb safeguards bypassed when following HTTP redirects (streaming API) 07 Jan
  • Fix available
  • Severity - 8.9 (High)
GHSA-2xpw-w6gg-jr37
  • PyPI/urllib3
 urllib3 streaming API improperly handles highly compressed data 05 Dec 2025
  • Fix available
  • Severity - 8.9 (High)
GHSA-gm62-xv2j-4w53
  • PyPI/urllib3
 urllib3 allows an unbounded number of links in the decompression chain 05 Dec 2025
  • Fix available
  • Severity - 8.9 (High)
GHSA-48p4-8xcf-vxj5
  • PyPI/urllib3
 urllib3 does not control redirects in browsers and Node.js 18 Jun 2025
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-pq67-6m6q-mj2v
  • PyPI/urllib3
 urllib3 redirects are not disabled when retries are disabled on PoolManager instantiation 18 Jun 2025
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-34jh-p97f-mpxf
  • PyPI/urllib3
 urllib3's Proxy-Authorization request header isn't stripped during cross-origin redirects 17 Jun 2024
  • Fix available
  • Severity - 4.4 (Medium)
GHSA-g4mx-q9vg-27p4
  • PyPI/urllib3
 urllib3's request body not stripped after redirect from 303 status changes request method to GET 17 Oct 2023
  • Fix available
  • Severity - 5.7 (Medium)
PYSEC-2023-212
  • PyPI/urllib3
  • github.com/urllib3/urllib3
 See record for full details 17 Oct 2023
  • Fix available
  • Severity - 4.2 (Medium)
GHSA-gwvm-45gx-3cf8
  • PyPI/urllib3
 Authorization Header forwarded on redirect 15 Oct 2023
  • Fix available
  • Severity - 5.3 (Medium)
PYSEC-2023-207
  • PyPI/urllib3
  • github.com/urllib3/urllib3
 See record for full details 15 Oct 2023
  • Fix available
  • Severity - 6.1 (Medium)
PYSEC-2023-192
  • PyPI/urllib3
  • github.com/urllib3/urllib3
 See record for full details 04 Oct 2023
  • Fix available
  • Severity - 8.1 (High)
GHSA-v845-jxx5-vc9f
  • PyPI/urllib3
 `Cookie` HTTP header isn't stripped on cross-origin redirects 02 Oct 2023
  • Fix available
  • Severity - 7.4 (High)
GHSA-v4w5-p2hg-8fh6
  • PyPI/urllib3
 Urllib3 Incorrect Certificate Validation 17 May 2022
  • Fix available
  • Severity - 6.3 (Medium)
GHSA-r64q-w8jr-g9qp
  • PyPI/urllib3
 Improper Neutralization of CRLF Sequences in urllib3 library for Python 13 May 2022
  • Fix available
  • Severity - 5.3 (Medium)
PYSEC-2021-108
  • PyPI/urllib3
  • github.com/urllib3/urllib3
 See record for full details 29 Jun 2021
  • Fix available
GHSA-wqvq-5m8c-6g24
  • PyPI/urllib3
 CRLF injection in urllib3 18 Jun 2021
  • Fix available
  • Severity - 6.9 (Medium)
Load more...(1 page left)