Python-urllib3
This hub aggregates every CVE we track for Python-urllib3, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
2
CVEs tracked
0
Critical
1
High
0
In CISA KEV
Severity distribution
HIGH1MEDIUM1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
2024-072026-06
Latest CVEs
The 2 most recently published vulnerabilities affecting Python-urllib3.
- CVE-2026-21441urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)7.5
- CVE-2020-26137urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). NOTE: ...6.5
Product normalization is registry-driven with AI assist and human review. How it works