Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

pypi urllib3 Security Advisories

Browse all Security Advisories for pypi urllib3

Loading...
Moderate
GSA_kwCzR0hTQS0zNGpoLXA5N2YtbXB4Zs4AA9I1
urllib3's Proxy-Authorization request header isn't stripped during cross-origin redirects
Ecosystems: pypi
Packages: urllib3
Source: GitHub Advisory Database
Blast Radius: 24.8
Published: 4 months ago
Moderate
GSA_kwCzR0hTQS1nNG14LXE5dmctMjdwNM4AA2gt
urllib3's request body not stripped after redirect from 303 status changes request method to GET
Ecosystems: pypi
Packages: urllib3
Source: GitHub Advisory Database
Blast Radius: 23.6
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1nd3ZtLTQ1Z3gtM2NmOM4AA2c6
Authorization Header forwarded on redirect
Ecosystems: pypi
Packages: urllib3
Source: GitHub Advisory Database
Blast Radius: 34.3
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS12ODQ1LWp4eDUtdmM5Zs4AA2MD
`Cookie` HTTP header isn't stripped on cross-origin redirects
Ecosystems: pypi
Packages: urllib3
Source: GitHub Advisory Database
Blast Radius: 33.2
Published: about 1 year ago
Low
GSA_kwCzR0hTQS12NHc1LXAyaGctOGZoNs4AAcGU
Urllib3 Incorrect Certificate Validation
Ecosystems: pypi
Packages: urllib3
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1yNjRxLXc4anItZzlxcM3wRw
Improper Neutralization of CRLF Sequences in urllib3 library for Python
Ecosystems: pypi
Packages: urllib3
Source: GitHub Advisory Database
Blast Radius: 34.3
Published: over 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdxdnEtNW04Yy02ZzI0
CRLF injection in urllib3
Ecosystems: pypi
Packages: urllib3
Source: GitHub Advisory Database
Blast Radius: 36.6
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXEycTctNXBwNC13NnBn
Catastrophic backtracking in URL authority parser when passed URL containing many @ characters
Ecosystems: pypi
Packages: urllib3
Source: GitHub Advisory Database
Blast Radius: 42.2
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhtdjItNzlxOC1mdjZn
Uncontrolled Resource Consumption in urllib3
Ecosystems: pypi
Packages: urllib3
Source: GitHub Advisory Database
Blast Radius: 42.2
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVwaGYtcHA3cC12YzJy
Using default SSLContext for HTTPS requests in an HTTPS proxy doesn't verify certificate hostname for proxy connection
Ecosystems: pypi
Packages: urllib3
Source: GitHub Advisory Database
Blast Radius: 36.6
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1oMzMtN3JycS02NjJ3
Improper Certificate Validation in urllib3
Ecosystems: pypi
Packages: urllib3
Source: GitHub Advisory Database
Blast Radius: 42.2
Published: over 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXd3dzItdjd4ai14cmM2
Exposure of Sensitive Information to an Unauthorized Actor in urllib3
Ecosystems: pypi
Packages: urllib3
Source: GitHub Advisory Database
Blast Radius: 55.1
Published: almost 6 years ago
Statistics
Advisories: 20,359
Packages: 8,934
Repositories: 1
Ecosystems: 12
Filter by Severity
Moderate 8,822 High 7,063 Critical 3,018 Low 1,120
Filter by Ecosystem
maven 5,802 packagist 4,526 pypi 4,297 npm 3,786 go 2,244 nuget 1,539 rubygems 872 cargo 862 swift 32 hex 30 actions 19 pub 9
Filter by Package
tensorflow 433 tensorflow-gpu 425 tensorflow-cpu 422 Django 100 apache-airflow 84 Plone 72 ansible 63 salt 55 apache-superset 51 nova 47 mlflow 46 django 44 rdiffweb 42 plone 41 vyper 38 matrix-synapse 35 moin 35 gradio 32 opencv-python 31 opencv-contrib-python 31 Pillow 31 keystone 31 pillow 26 glance 20 mindsdb 18 langchain 18 mercurial 18 cobbler 17 PaddlePaddle 17 notebook 17 cryptography 16 neutron 16 pyload-ng 15 paddlepaddle 15 ethyca-fides 15 pyftpdlib 14 modoboa 14 OctoPrint 13 lollms 13 twisted 13 vantage6 13 wagtail 12 roundup 12 swift 12 calibreweb 12 aiohttp 12 urllib3 12 onionshare-cli 11 horizon 11 zenml 11 nautobot 10 sentry 10 trytond 10 opencv-contrib-python-headless 10 Flask-AppBuilder 10 opencv-python-headless 10 zope 9 cinder 9 ryu 9 Zope 9 python-keystoneclient 9 kiwitcms 9 waitress 9 trac 8 litellm 8 pgadmin4 8 label-studio 8 ckan 8 pyspark 8 ipython 8 aubio 8 numpy 8 matrix-sydent 7 pysaml2 7 lief 7 jupyter-server 7 pip 7 inventree 7 Products.CMFPlone 7 scrapy 7 Moin 6 graphite-web 6 lxml 6 Zope2 6 aim 6 requests 6 apache-airflow-providers-apache-hive 6 mailman 6 tuf 6 tornado 6 web2py 6 yt-dlp 6 mage-ai 6 grpc 5 grpcio 5 whoogle-search 5 dtale 5 paramiko 5 feedparser 5 saleor 5 nltk 5 bleach 5 torchserve 5 pretix 5 lmdb 5 oauthenticator 5 langchain-experimental 5 python-gnupg 5 ait-core 5 Jinja2 5 omero-web 5 jupyterhub 5 bottle 4 software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk 4 Pygments 4 PyPDF2 4 aws-iot-device-sdk-v2 4 awsiotsdk 4 indy-node 4 Weblate 4 changedetection.io 4 apache-submarine 4 indico 4 FreeTAKServer-UI 4 werkzeug 4 httpie 4 mobsf 4 GitPython 4 ansible-core 4 jupyterlab 4 reportlab 4 dbt-core 4 apache-iotdb 4 tripleo-heat-templates 4 Flask-Security-Too 4 starlette 4 open-webui 4 qutebrowser 4 jwcrypto 4 Radicale 4 keylime 4 buildbot 4 esphome 4 Werkzeug 4 nvflare 4 Scrapy 4 Nova 4 markdown2 4 transformers 4 streamlit 4 Keystone 4 barbican 4 TinyMCE 3 django-tinymce 3 onnx 3 SQLAlchemy 3 keyring 3 langchain-community 3 pyyaml 3 gerapy 3 pyarrow 3 fava 3 tinymce/tinymce 3 tinymce 3 flask 3 django-helpdesk 3 homeassistant 3 Red-DiscordBot 3 Mezzanine 3 asyncua 3 quokka 3 plone.app.dexterity 3 wger 3 poetry 3 mayan-edms 3 sosreport 3 bitlyshortener 3 openvpn-monitor 3 octavia 3 pywasm3 3 scikit-learn 3 localstack 3 slixmpp 3 mitmproxy 3 pycrypto 3 llama-index 3 Kallithea 3 RestrictedPython 3 keystonemiddleware 3 jupyter-server-proxy 3 h2o 3 micropython-copy 3 micropython-io 3 sqlparse 3 torch 3 sanic 3 plone.supermodel 3 dulwich 3 ecdsa 3 openstack-heat 3
Filter by Repository
https://github.com/urllib3/urllib3 12