CVE-2025-66471
- EPSS 0.02%
- Veröffentlicht 05.12.2025 16:06:08
- Zuletzt bearbeitet 10.12.2025 16:10:33
urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles highly compressed data. urllib3's streaming API is designed for the efficient handling of large HTTP responses...
CVE-2025-66418
- EPSS 0.02%
- Veröffentlicht 05.12.2025 16:02:15
- Zuletzt bearbeitet 10.12.2025 16:08:32
urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression ste...
CVE-2025-50182
- EPSS 0.01%
- Veröffentlicht 19.06.2025 01:42:44
- Zuletzt bearbeitet 30.06.2025 19:15:25
urllib3 is a user-friendly HTTP client library for Python. Starting in version 2.2.0 and prior to 2.5.0, urllib3 does not control redirects in browsers and Node.js. urllib3 supports being used in a Pyodide runtime utilizing the JavaScript Fetch API o...
CVE-2025-50181
- EPSS 0.02%
- Veröffentlicht 19.06.2025 01:15:24
- Zuletzt bearbeitet 18.09.2025 13:51:10
urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, it is possible to disable redirects for all requests by instantiating a PoolManager and specifying retries in a way that disable redirects. By default, requests and botocore u...
CVE-2024-37891
- EPSS 0.21%
- Veröffentlicht 17.06.2024 20:15:13
- Zuletzt bearbeitet 03.11.2025 22:17:00
urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with `ProxyManager`, the `Proxy-Authorization` header is only sent to the configured proxy, as expected. However, when sending HTTP requests *without* usin...