Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/36576?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36576?format=api", "vulnerability_id": "VCID-kesm-g3nv-6fbc", "summary": "urllib3 before 1.24.2 does not remove the authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the authorization header to be exposed to unintended hosts or transmitted in cleartext. NOTE: this issue exists because of an incomplete fix for CVE-2018-20060 (which was case-sensitive).", "aliases": [ { "alias": "CVE-2018-25091" }, { "alias": "GHSA-gwvm-45gx-3cf8" }, { "alias": "PYSEC-2023-207" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/13301?format=api", "purl": "pkg:pypi/urllib3@1.24.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-ueb4-ur9q-u3e1" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.24.2" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/12562?format=api", "purl": "pkg:pypi/urllib3@0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/12563?format=api", "purl": "pkg:pypi/urllib3@0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/12564?format=api", "purl": "pkg:pypi/urllib3@0.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@0.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/12565?format=api", "purl": "pkg:pypi/urllib3@0.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@0.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/12566?format=api", "purl": "pkg:pypi/urllib3@0.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@0.4.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/12567?format=api", "purl": "pkg:pypi/urllib3@1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-xb89-hmrf-1bd5" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/12568?format=api", "purl": "pkg:pypi/urllib3@1.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/12569?format=api", "purl": "pkg:pypi/urllib3@1.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/12570?format=api", "purl": "pkg:pypi/urllib3@1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/12571?format=api", "purl": "pkg:pypi/urllib3@1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/12572?format=api", "purl": "pkg:pypi/urllib3@1.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/12573?format=api", "purl": "pkg:pypi/urllib3@1.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/12574?format=api", "purl": "pkg:pypi/urllib3@1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/12575?format=api", "purl": "pkg:pypi/urllib3@1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/12576?format=api", "purl": "pkg:pypi/urllib3@1.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/12577?format=api", "purl": "pkg:pypi/urllib3@1.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/12578?format=api", "purl": "pkg:pypi/urllib3@1.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/12579?format=api", "purl": "pkg:pypi/urllib3@1.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.7.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/12580?format=api", "purl": "pkg:pypi/urllib3@1.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/12581?format=api", "purl": "pkg:pypi/urllib3@1.8.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.8.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/12582?format=api", "purl": "pkg:pypi/urllib3@1.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.8.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/12583?format=api", "purl": "pkg:pypi/urllib3@1.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/12584?format=api", "purl": "pkg:pypi/urllib3@1.9.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.9.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/12585?format=api", "purl": "pkg:pypi/urllib3@1.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/12586?format=api", "purl": "pkg:pypi/urllib3@1.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.10.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/12587?format=api", "purl": "pkg:pypi/urllib3@1.10.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.10.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/12588?format=api", "purl": "pkg:pypi/urllib3@1.10.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.10.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/12589?format=api", "purl": "pkg:pypi/urllib3@1.10.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.10.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/12590?format=api", "purl": "pkg:pypi/urllib3@1.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/12591?format=api", "purl": "pkg:pypi/urllib3@1.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/12592?format=api", "purl": "pkg:pypi/urllib3@1.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/12593?format=api", "purl": "pkg:pypi/urllib3@1.13.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.13.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/12594?format=api", "purl": "pkg:pypi/urllib3@1.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/12595?format=api", "purl": "pkg:pypi/urllib3@1.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/12596?format=api", "purl": "pkg:pypi/urllib3@1.15.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.15.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/12597?format=api", "purl": "pkg:pypi/urllib3@1.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/9505?format=api", "purl": "pkg:pypi/urllib3@1.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-d4cg-m7n5-pff4" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/9506?format=api", "purl": "pkg:pypi/urllib3@1.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-d4cg-m7n5-pff4" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/9507?format=api", "purl": "pkg:pypi/urllib3@1.18.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.18.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/12598?format=api", "purl": "pkg:pypi/urllib3@1.19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/12599?format=api", "purl": "pkg:pypi/urllib3@1.19.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.19.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/12600?format=api", "purl": "pkg:pypi/urllib3@1.20", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.20" }, { "url": "http://public2.vulnerablecode.io/api/packages/12601?format=api", "purl": "pkg:pypi/urllib3@1.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/12602?format=api", "purl": "pkg:pypi/urllib3@1.21.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.21.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/12603?format=api", "purl": "pkg:pypi/urllib3@1.22", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-s4ya-j25m-17fs" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.22" }, { "url": "http://public2.vulnerablecode.io/api/packages/12604?format=api", "purl": "pkg:pypi/urllib3@1.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-ueb4-ur9q-u3e1" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/13299?format=api", "purl": "pkg:pypi/urllib3@1.24", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-m59a-k7rj-t7bh" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-ueb4-ur9q-u3e1" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.24" }, { "url": "http://public2.vulnerablecode.io/api/packages/13300?format=api", "purl": "pkg:pypi/urllib3@1.24.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-ueb4-ur9q-u3e1" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.24.1" } ], "references": [ { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/urllib3/PYSEC-2023-207.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/urllib3/PYSEC-2023-207.yaml" }, { "reference_url": "https://github.com/urllib3/urllib3", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/urllib3/urllib3" }, { "reference_url": "https://github.com/urllib3/urllib3/commit/adb358f8e06865406d1f05e581a16cbea2136fbc", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://github.com/urllib3/urllib3/commit/adb358f8e06865406d1f05e581a16cbea2136fbc" }, { "reference_url": "https://github.com/urllib3/urllib3/compare/1.24.1...1.24.2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://github.com/urllib3/urllib3/compare/1.24.1...1.24.2" }, { "reference_url": "https://github.com/urllib3/urllib3/issues/1510", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://github.com/urllib3/urllib3/issues/1510" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-25091", "reference_id": "CVE-2018-25091", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-25091" }, { "reference_url": "https://github.com/advisories/GHSA-gwvm-45gx-3cf8", "reference_id": "GHSA-gwvm-45gx-3cf8", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-gwvm-45gx-3cf8" } ], "weaknesses": [ { "cwe_id": 200, "name": "Exposure of Sensitive Information to an Unauthorized Actor", "description": "The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information." }, { "cwe_id": 601, "name": "URL Redirection to Untrusted Site ('Open Redirect')", "description": "A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." } ], "exploits": [], "severity_range_score": "6.1 - 6.1", "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kesm-g3nv-6fbc" }