pkg:Debian/python-urllib3

All known vulnerabilities

• CRITICAL9.8CVE-2018-20060python-urllib3 - security update
  from 0, < 1.24-1
• CRITICAL9.8CVE-2018-20060python-urllib3 - security update
  from 0, < 1.19.1-1+deb9u1
• HIGH7.5CVE-2026-44432urllib3: Decompression-bomb safeguards bypassed in parts of the streaming API
  from 0
• HIGH7.5python-urllib3 - regression update
  from 0, < 1.26.5-1~exp1+deb11u3
• HIGH7.5python-urllib3 - regression update
  from 0, < 1.26.12-1+deb12u3
• HIGH7.5python-urllib3 - regression update
  from 0, < 1.26.5-1~exp1+deb11u3
• HIGH7.5urllib3 streaming API improperly handles highly compressed data
  from 0
• HIGH7.5python-urllib3 - security update
  from 0, < 1.26.5-1~exp1+deb11u2
• HIGH7.5python-urllib3 - security update
  from 0, < 1.26.12-1+deb12u2
• HIGH7.5Catastrophic backtracking in URL authority parser when passed URL containing many @ characters
  from 0, < 1.26.5-1~exp1
• HIGH7.5Uncontrolled Resource Consumption in urllib3
  from 0, < 1.25.8-1
• HIGH7.5Improper Certificate Validation in urllib3
  from 0, < 1.25.6-4
• MEDIUM6.5CRLF injection in urllib3
  from 0, < 1.25.9-1
• MEDIUM6.5Using default SSLContext for HTTPS requests in an HTTPS proxy doesn't verify certificate hostname for proxy connection
  from 0, < 1.26.4-1
• MEDIUM6.1python-urllib3 - security update
  from 0, < 1.25.6-4
• MEDIUM6.1python-urllib3 - security update
  from 0, < 1.24.1-1+deb10u1
• MEDIUM6.1python-urllib3 - security update
  from 0, < 1.9.1-3+deb8u1
• MEDIUM6.1python-urllib3 - security update
  from 0, < 1.25.6-4
• MEDIUM5.9python-urllib3 - security update
  from 0, < 1.26.5-1~exp1+deb11u1
• MEDIUM5.9python-urllib3 - security update
  from 0, < 1.26.5-1~exp1+deb11u1
• MEDIUM5.3urllib3: Sensitive headers forwarded across origins in proxied low-level redirects
  from 0
• MEDIUM5.3urllib3 does not control redirects in browsers and Node.js
  from 0, < 2.3.0-3
• MEDIUM5.3python-urllib3 - security update
  from 0, < 1.26.5-1~exp1+deb11u2
• MEDIUM5.3python-urllib3 - security update
  from 0, < 1.26.5-1~exp1+deb11u2
• MEDIUM4.4urllib3's Proxy-Authorization request header isn't stripped during cross-origin redirects
  from 0, < 1.26.5-1~exp1+deb11u1
• MEDIUM4.2python-urllib3 - security update
  from 0, < 1.24.1-1+deb10u2
• MEDIUM4.2python-urllib3 - security update
  from 0, < 1.26.5-1~exp1+deb11u1
• —bzr - security update
  from 0, < 1.6-2