Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/python-urllib3@1.25.6-4?distro=trixie
Typedeb
Namespacedebian
Namepython-urllib3
Version1.25.6-4
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.25.8-1
Latest_non_vulnerable_version2.6.3-2
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-6kxp-qa5x-q3bq
vulnerability_id VCID-6kxp-qa5x-q3bq
summary The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome. This is related to use of the ssl_context, ca_certs, or ca_certs_dir argument.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00039.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00039.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00041.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00041.html
2
reference_url https://access.redhat.com/errata/RHSA-2019:3335
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3335
3
reference_url https://access.redhat.com/errata/RHSA-2019:3590
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3590
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11324.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11324.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-11324
reference_id
reference_type
scores
0
value 0.01315
scoring_system epss
scoring_elements 0.79869
published_at 2026-04-18T12:55:00Z
1
value 0.01315
scoring_system epss
scoring_elements 0.79868
published_at 2026-04-16T12:55:00Z
2
value 0.01315
scoring_system epss
scoring_elements 0.7984
published_at 2026-04-13T12:55:00Z
3
value 0.01315
scoring_system epss
scoring_elements 0.79848
published_at 2026-04-12T12:55:00Z
4
value 0.01315
scoring_system epss
scoring_elements 0.79865
published_at 2026-04-11T12:55:00Z
5
value 0.01315
scoring_system epss
scoring_elements 0.79843
published_at 2026-04-09T12:55:00Z
6
value 0.01315
scoring_system epss
scoring_elements 0.79835
published_at 2026-04-08T12:55:00Z
7
value 0.01315
scoring_system epss
scoring_elements 0.79806
published_at 2026-04-07T12:55:00Z
8
value 0.01315
scoring_system epss
scoring_elements 0.79819
published_at 2026-04-04T12:55:00Z
9
value 0.01315
scoring_system epss
scoring_elements 0.79798
published_at 2026-04-02T12:55:00Z
10
value 0.01315
scoring_system epss
scoring_elements 0.7979
published_at 2026-04-01T12:55:00Z
11
value 0.01315
scoring_system epss
scoring_elements 0.79872
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-11324
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11324
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11324
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://github.com/advisories/GHSA-mh33-7rrq-662w
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-mh33-7rrq-662w
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/urllib3/PYSEC-2019-133.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/urllib3/PYSEC-2019-133.yaml
10
reference_url https://github.com/urllib3/urllib3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3
11
reference_url https://github.com/urllib3/urllib3/commit/1efadf43dc63317cd9eaa3e0fdb9e05ab07254b1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3/commit/1efadf43dc63317cd9eaa3e0fdb9e05ab07254b1
12
reference_url https://github.com/urllib3/urllib3/compare/a6ec68a...1efadf4
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3/compare/a6ec68a...1efadf4
13
reference_url https://lists.debian.org/debian-lts-announce/2021/06/msg00015.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/06/msg00015.html
14
reference_url https://lists.debian.org/debian-lts-announce/2023/10/msg00012.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/10/msg00012.html
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NKGPJLVLVYCL4L4B4G5TIOTVK4BKPG72
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NKGPJLVLVYCL4L4B4G5TIOTVK4BKPG72
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NKGPJLVLVYCL4L4B4G5TIOTVK4BKPG72/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NKGPJLVLVYCL4L4B4G5TIOTVK4BKPG72/
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOSA2NT4DUQDBEIWE6O7KKD24XND7TE2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOSA2NT4DUQDBEIWE6O7KKD24XND7TE2
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOSA2NT4DUQDBEIWE6O7KKD24XND7TE2/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOSA2NT4DUQDBEIWE6O7KKD24XND7TE2/
19
reference_url https://pypi.org/project/urllib3/1.24.2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://pypi.org/project/urllib3/1.24.2
20
reference_url https://usn.ubuntu.com/3990-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3990-1
21
reference_url https://usn.ubuntu.com/3990-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3990-1/
22
reference_url http://www.openwall.com/lists/oss-security/2019/04/19/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2019/04/19/1
23
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1702473
reference_id 1702473
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1702473
24
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927412
reference_id 927412
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927412
25
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-11324
reference_id CVE-2019-11324
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-11324
26
reference_url https://access.redhat.com/errata/RHSA-2020:0850
reference_id RHSA-2020:0850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0850
27
reference_url https://access.redhat.com/errata/RHSA-2020:1605
reference_id RHSA-2020:1605
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1605
28
reference_url https://access.redhat.com/errata/RHSA-2020:1916
reference_id RHSA-2020:1916
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1916
29
reference_url https://access.redhat.com/errata/RHSA-2020:2068
reference_id RHSA-2020:2068
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2068
fixed_packages
0
url pkg:deb/debian/python-urllib3@1.25.6-4?distro=trixie
purl pkg:deb/debian/python-urllib3@1.25.6-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-urllib3@1.25.6-4%3Fdistro=trixie
1
url pkg:deb/debian/python-urllib3@1.26.5-1~exp1?distro=trixie
purl pkg:deb/debian/python-urllib3@1.26.5-1~exp1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-zevs-1ge5-y7g7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-urllib3@1.26.5-1~exp1%3Fdistro=trixie
2
url pkg:deb/debian/python-urllib3@1.26.12-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/python-urllib3@1.26.12-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-zevs-1ge5-y7g7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-urllib3@1.26.12-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/python-urllib3@2.3.0-3%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/python-urllib3@2.3.0-3%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-zevs-1ge5-y7g7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-urllib3@2.3.0-3%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/python-urllib3@2.6.3-2?distro=trixie
purl pkg:deb/debian/python-urllib3@2.6.3-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-urllib3@2.6.3-2%3Fdistro=trixie
aliases CVE-2019-11324, GHSA-mh33-7rrq-662w, PYSEC-2019-133
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6kxp-qa5x-q3bq
1
url VCID-b3e6-k53t-bkgk
vulnerability_id VCID-b3e6-k53t-bkgk
summary In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00039.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00039.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00041.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00041.html
2
reference_url https://access.redhat.com/errata/RHSA-2019:2272
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2272
3
reference_url https://access.redhat.com/errata/RHSA-2019:3335
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3335
4
reference_url https://access.redhat.com/errata/RHSA-2019:3590
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3590
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11236.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11236.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-11236
reference_id
reference_type
scores
0
value 0.00575
scoring_system epss
scoring_elements 0.68778
published_at 2026-04-21T12:55:00Z
1
value 0.00624
scoring_system epss
scoring_elements 0.70106
published_at 2026-04-02T12:55:00Z
2
value 0.00624
scoring_system epss
scoring_elements 0.70121
published_at 2026-04-04T12:55:00Z
3
value 0.00624
scoring_system epss
scoring_elements 0.70098
published_at 2026-04-07T12:55:00Z
4
value 0.00624
scoring_system epss
scoring_elements 0.70145
published_at 2026-04-08T12:55:00Z
5
value 0.00624
scoring_system epss
scoring_elements 0.70161
published_at 2026-04-09T12:55:00Z
6
value 0.00624
scoring_system epss
scoring_elements 0.70185
published_at 2026-04-11T12:55:00Z
7
value 0.00624
scoring_system epss
scoring_elements 0.7017
published_at 2026-04-12T12:55:00Z
8
value 0.00624
scoring_system epss
scoring_elements 0.70158
published_at 2026-04-13T12:55:00Z
9
value 0.00624
scoring_system epss
scoring_elements 0.702
published_at 2026-04-16T12:55:00Z
10
value 0.00624
scoring_system epss
scoring_elements 0.7021
published_at 2026-04-18T12:55:00Z
11
value 0.00624
scoring_system epss
scoring_elements 0.70094
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-11236
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11236
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11236
8
reference_url https://github.com/advisories/GHSA-r64q-w8jr-g9qp
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-r64q-w8jr-g9qp
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/urllib3/PYSEC-2019-132.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/urllib3/PYSEC-2019-132.yaml
10
reference_url https://github.com/urllib3/urllib3
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3
11
reference_url https://github.com/urllib3/urllib3/issues/1553
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3/issues/1553
12
reference_url https://lists.debian.org/debian-lts-announce/2019/06/msg00016.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/06/msg00016.html
13
reference_url https://lists.debian.org/debian-lts-announce/2021/06/msg00015.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/06/msg00015.html
14
reference_url https://lists.debian.org/debian-lts-announce/2023/10/msg00012.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/10/msg00012.html
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NKGPJLVLVYCL4L4B4G5TIOTVK4BKPG72/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NKGPJLVLVYCL4L4B4G5TIOTVK4BKPG72/
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R62XGEYPUTXMRHGX5I37EBCGQ5COHGKR/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R62XGEYPUTXMRHGX5I37EBCGQ5COHGKR/
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TBI45HO533KYHNB5YRO43TBYKA3E3VRL/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TBI45HO533KYHNB5YRO43TBYKA3E3VRL/
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOSA2NT4DUQDBEIWE6O7KKD24XND7TE2/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOSA2NT4DUQDBEIWE6O7KKD24XND7TE2/
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NKGPJLVLVYCL4L4B4G5TIOTVK4BKPG72
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NKGPJLVLVYCL4L4B4G5TIOTVK4BKPG72
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NKGPJLVLVYCL4L4B4G5TIOTVK4BKPG72/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NKGPJLVLVYCL4L4B4G5TIOTVK4BKPG72/
21
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R62XGEYPUTXMRHGX5I37EBCGQ5COHGKR
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R62XGEYPUTXMRHGX5I37EBCGQ5COHGKR
22
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R62XGEYPUTXMRHGX5I37EBCGQ5COHGKR/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R62XGEYPUTXMRHGX5I37EBCGQ5COHGKR/
23
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TBI45HO533KYHNB5YRO43TBYKA3E3VRL
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TBI45HO533KYHNB5YRO43TBYKA3E3VRL
24
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TBI45HO533KYHNB5YRO43TBYKA3E3VRL/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TBI45HO533KYHNB5YRO43TBYKA3E3VRL/
25
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOSA2NT4DUQDBEIWE6O7KKD24XND7TE2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOSA2NT4DUQDBEIWE6O7KKD24XND7TE2
26
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOSA2NT4DUQDBEIWE6O7KKD24XND7TE2/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOSA2NT4DUQDBEIWE6O7KKD24XND7TE2/
27
reference_url https://usn.ubuntu.com/3990-1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3990-1
28
reference_url https://usn.ubuntu.com/3990-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3990-1/
29
reference_url https://usn.ubuntu.com/3990-2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3990-2
30
reference_url https://usn.ubuntu.com/3990-2/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3990-2/
31
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1700824
reference_id 1700824
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1700824
32
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927172
reference_id 927172
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927172
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:urllib3:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:python:urllib3:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:urllib3:*:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-11236
reference_id CVE-2019-11236
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
3
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
4
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-11236
35
reference_url https://access.redhat.com/errata/RHSA-2020:0850
reference_id RHSA-2020:0850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0850
36
reference_url https://access.redhat.com/errata/RHSA-2020:0851
reference_id RHSA-2020:0851
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0851
37
reference_url https://access.redhat.com/errata/RHSA-2020:1605
reference_id RHSA-2020:1605
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1605
38
reference_url https://access.redhat.com/errata/RHSA-2020:1916
reference_id RHSA-2020:1916
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1916
39
reference_url https://access.redhat.com/errata/RHSA-2020:2068
reference_id RHSA-2020:2068
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2068
40
reference_url https://access.redhat.com/errata/RHSA-2020:2081
reference_id RHSA-2020:2081
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2081
fixed_packages
0
url pkg:deb/debian/python-urllib3@1.25.6-4?distro=trixie
purl pkg:deb/debian/python-urllib3@1.25.6-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-urllib3@1.25.6-4%3Fdistro=trixie
1
url pkg:deb/debian/python-urllib3@1.26.5-1~exp1?distro=trixie
purl pkg:deb/debian/python-urllib3@1.26.5-1~exp1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-zevs-1ge5-y7g7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-urllib3@1.26.5-1~exp1%3Fdistro=trixie
2
url pkg:deb/debian/python-urllib3@1.26.12-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/python-urllib3@1.26.12-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-zevs-1ge5-y7g7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-urllib3@1.26.12-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/python-urllib3@2.3.0-3%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/python-urllib3@2.3.0-3%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-zevs-1ge5-y7g7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-urllib3@2.3.0-3%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/python-urllib3@2.6.3-2?distro=trixie
purl pkg:deb/debian/python-urllib3@2.6.3-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-urllib3@2.6.3-2%3Fdistro=trixie
aliases CVE-2019-11236, GHSA-r64q-w8jr-g9qp, PYSEC-2019-132
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b3e6-k53t-bkgk
2
url VCID-squd-j9t3-9khh
vulnerability_id VCID-squd-j9t3-9khh
summary urllib3 before 1.24.2 does not remove the authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the authorization header to be exposed to unintended hosts or transmitted in cleartext. NOTE: this issue exists because of an incomplete fix for CVE-2018-20060 (which was case-sensitive).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25091.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25091.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-25091
reference_id
reference_type
scores
0
value 0.0025
scoring_system epss
scoring_elements 0.48394
published_at 2026-04-21T12:55:00Z
1
value 0.0025
scoring_system epss
scoring_elements 0.48381
published_at 2026-04-12T12:55:00Z
2
value 0.0025
scoring_system epss
scoring_elements 0.4836
published_at 2026-04-02T12:55:00Z
3
value 0.0025
scoring_system epss
scoring_elements 0.48439
published_at 2026-04-18T12:55:00Z
4
value 0.0025
scoring_system epss
scoring_elements 0.48444
published_at 2026-04-16T12:55:00Z
5
value 0.0025
scoring_system epss
scoring_elements 0.48393
published_at 2026-04-13T12:55:00Z
6
value 0.0025
scoring_system epss
scoring_elements 0.48408
published_at 2026-04-11T12:55:00Z
7
value 0.0025
scoring_system epss
scoring_elements 0.48383
published_at 2026-04-09T12:55:00Z
8
value 0.0025
scoring_system epss
scoring_elements 0.48334
published_at 2026-04-07T12:55:00Z
9
value 0.0025
scoring_system epss
scoring_elements 0.48325
published_at 2026-04-01T12:55:00Z
10
value 0.0025
scoring_system epss
scoring_elements 0.48389
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-25091
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25091
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25091
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/urllib3/PYSEC-2023-207.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/urllib3/PYSEC-2023-207.yaml
5
reference_url https://github.com/urllib3/urllib3
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3
6
reference_url https://github.com/urllib3/urllib3/commit/adb358f8e06865406d1f05e581a16cbea2136fbc
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T19:01:32Z/
url https://github.com/urllib3/urllib3/commit/adb358f8e06865406d1f05e581a16cbea2136fbc
7
reference_url https://github.com/urllib3/urllib3/compare/1.24.1...1.24.2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T19:01:32Z/
url https://github.com/urllib3/urllib3/compare/1.24.1...1.24.2
8
reference_url https://github.com/urllib3/urllib3/issues/1510
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T19:01:32Z/
url https://github.com/urllib3/urllib3/issues/1510
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2244340
reference_id 2244340
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2244340
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-25091
reference_id CVE-2018-25091
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-25091
11
reference_url https://github.com/advisories/GHSA-gwvm-45gx-3cf8
reference_id GHSA-gwvm-45gx-3cf8
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gwvm-45gx-3cf8
12
reference_url https://access.redhat.com/errata/RHSA-2024:2988
reference_id RHSA-2024:2988
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2988
13
reference_url https://usn.ubuntu.com/6473-1/
reference_id USN-6473-1
reference_type
scores
url https://usn.ubuntu.com/6473-1/
14
reference_url https://usn.ubuntu.com/6473-2/
reference_id USN-6473-2
reference_type
scores
url https://usn.ubuntu.com/6473-2/
fixed_packages
0
url pkg:deb/debian/python-urllib3@1.25.6-4?distro=trixie
purl pkg:deb/debian/python-urllib3@1.25.6-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-urllib3@1.25.6-4%3Fdistro=trixie
1
url pkg:deb/debian/python-urllib3@1.26.5-1~exp1?distro=trixie
purl pkg:deb/debian/python-urllib3@1.26.5-1~exp1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-zevs-1ge5-y7g7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-urllib3@1.26.5-1~exp1%3Fdistro=trixie
2
url pkg:deb/debian/python-urllib3@1.26.12-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/python-urllib3@1.26.12-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-zevs-1ge5-y7g7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-urllib3@1.26.12-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/python-urllib3@2.3.0-3%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/python-urllib3@2.3.0-3%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-zevs-1ge5-y7g7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-urllib3@2.3.0-3%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/python-urllib3@2.6.3-2?distro=trixie
purl pkg:deb/debian/python-urllib3@2.6.3-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-urllib3@2.6.3-2%3Fdistro=trixie
aliases CVE-2018-25091, GHSA-gwvm-45gx-3cf8, PYSEC-2023-207
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-squd-j9t3-9khh
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/python-urllib3@1.25.6-4%3Fdistro=trixie