VIR Vulnerability Intelligence Relay

Package impact

python PyPI / urllib3

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2025-66418 high 8.0 4mo ago RHSA-2026:1254: python-urllib3 security update (Important)
CVE-2026-21441 high 8.0 5mo ago RHSA-2026:1254: python-urllib3 security update (Important)
CVE-2025-66471 high 8.0 6mo ago RHSA-2026:1254: python-urllib3 security update (Important)
CVE-2021-28363 high 8.0 5y ago The urllib3 library 1.26.x before 1.26.4 for Python omits SSL certificate validation in some cases involving HTTPS to HTTPS proxies. The initial connection to the HTTPS proxy (if an SSLContext isn't …
CVE-2026-44432 high 7.5 7.5 22d ago urllib3 is an HTTP client library for Python. From 2.6.0 to before 2.7.0, urllib3 could decompress the whole response instead of the requested portion (1) during the second HTTPResponse.read(amt=N) c…
CVE-2024-37891 medium 5.5 2y ago RHSA-2024:8843: python3.11-urllib3 security update (Moderate)
CVE-2023-45803 medium 5.5 2y ago RHSA-2024:2988: container-tools:rhel8 security update (Moderate)
CVE-2023-43804 medium 5.5 3y ago RHSA-2024:2987: python27:2.7 security update (Moderate)
CVE-2018-25091 medium 5.5 3y ago RHSA-2024:2988: container-tools:rhel8 security update (Moderate)
CVE-2019-11236 medium 5.5 4y ago RHSA-2020:1916: python-pip security update (Moderate)
CVE-2020-26137 medium 5.5 5y ago RHSA-2021:1761: python27:2.7 security and bug fix update (Moderate)
CVE-2021-33503 medium 5.5 5y ago RHSA-2021:4162: python38:3.8 and python38-devel:3.8 security update (Moderate)
CVE-2019-11324 medium 5.5 7y ago RHSA-2020:1916: python-pip security update (Moderate)
CVE-2018-20060 medium 5.5 8y ago RHSA-2020:1916: python-pip security update (Moderate)
CVE-2026-44431 medium 5.3 5.3 22d ago urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followed from the low-level API via ProxyManager.connection_from_url().urlopen(..., assert_same_host=Fa…