Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/36576?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36576?format=api", "vulnerability_id": "VCID-kesm-g3nv-6fbc", "summary": "urllib3 before 1.24.2 does not remove the authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the authorization header to be exposed to unintended hosts or transmitted in cleartext. NOTE: this issue exists because of an incomplete fix for CVE-2018-20060 (which was case-sensitive).", "aliases": [ { "alias": "CVE-2018-25091" }, { "alias": "GHSA-gwvm-45gx-3cf8" }, { "alias": "PYSEC-2023-207" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/125445?format=api", "purl": "pkg:deb/debian/python-urllib3@1.25.6-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-urllib3@1.25.6-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/125438?format=api", "purl": "pkg:deb/debian/python-urllib3@1.26.5-1~exp1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-xb89-hmrf-1bd5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-urllib3@1.26.5-1~exp1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/125435?format=api", "purl": "pkg:deb/debian/python-urllib3@1.26.12-1%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-xb89-hmrf-1bd5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-urllib3@1.26.12-1%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/125440?format=api", "purl": "pkg:deb/debian/python-urllib3@2.3.0-3%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-xb89-hmrf-1bd5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-urllib3@2.3.0-3%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/125439?format=api", "purl": "pkg:deb/debian/python-urllib3@2.6.3-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3wae-93ac-7qgn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-urllib3@2.6.3-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/13301?format=api", "purl": "pkg:pypi/urllib3@1.24.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-ueb4-ur9q-u3e1" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.24.2" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/12562?format=api", "purl": "pkg:pypi/urllib3@0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/12563?format=api", "purl": "pkg:pypi/urllib3@0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/12564?format=api", "purl": "pkg:pypi/urllib3@0.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@0.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/12565?format=api", "purl": "pkg:pypi/urllib3@0.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@0.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/12566?format=api", "purl": "pkg:pypi/urllib3@0.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@0.4.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/12567?format=api", "purl": "pkg:pypi/urllib3@1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-xb89-hmrf-1bd5" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/12568?format=api", "purl": "pkg:pypi/urllib3@1.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/12569?format=api", "purl": "pkg:pypi/urllib3@1.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/12570?format=api", "purl": "pkg:pypi/urllib3@1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/12571?format=api", "purl": "pkg:pypi/urllib3@1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/12572?format=api", "purl": "pkg:pypi/urllib3@1.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/12573?format=api", "purl": "pkg:pypi/urllib3@1.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/12574?format=api", "purl": "pkg:pypi/urllib3@1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/12575?format=api", "purl": "pkg:pypi/urllib3@1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/12576?format=api", "purl": "pkg:pypi/urllib3@1.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/12577?format=api", "purl": "pkg:pypi/urllib3@1.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/12578?format=api", "purl": "pkg:pypi/urllib3@1.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/12579?format=api", "purl": "pkg:pypi/urllib3@1.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.7.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/12580?format=api", "purl": "pkg:pypi/urllib3@1.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/12581?format=api", "purl": "pkg:pypi/urllib3@1.8.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.8.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/12582?format=api", "purl": "pkg:pypi/urllib3@1.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.8.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/12583?format=api", "purl": "pkg:pypi/urllib3@1.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/12584?format=api", "purl": "pkg:pypi/urllib3@1.9.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.9.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/12585?format=api", "purl": "pkg:pypi/urllib3@1.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/12586?format=api", "purl": "pkg:pypi/urllib3@1.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.10.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/12587?format=api", "purl": "pkg:pypi/urllib3@1.10.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.10.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/12588?format=api", "purl": "pkg:pypi/urllib3@1.10.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.10.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/12589?format=api", "purl": "pkg:pypi/urllib3@1.10.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.10.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/12590?format=api", "purl": "pkg:pypi/urllib3@1.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/12591?format=api", "purl": "pkg:pypi/urllib3@1.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/12592?format=api", "purl": "pkg:pypi/urllib3@1.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/12593?format=api", "purl": "pkg:pypi/urllib3@1.13.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.13.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/12594?format=api", "purl": "pkg:pypi/urllib3@1.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/12595?format=api", "purl": "pkg:pypi/urllib3@1.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/12596?format=api", "purl": "pkg:pypi/urllib3@1.15.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.15.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/12597?format=api", "purl": "pkg:pypi/urllib3@1.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/9505?format=api", "purl": "pkg:pypi/urllib3@1.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-d4cg-m7n5-pff4" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/9506?format=api", "purl": "pkg:pypi/urllib3@1.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-d4cg-m7n5-pff4" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/9507?format=api", "purl": "pkg:pypi/urllib3@1.18.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.18.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/12598?format=api", "purl": "pkg:pypi/urllib3@1.19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/12599?format=api", "purl": "pkg:pypi/urllib3@1.19.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.19.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/12600?format=api", "purl": "pkg:pypi/urllib3@1.20", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.20" }, { "url": "http://public2.vulnerablecode.io/api/packages/12601?format=api", "purl": "pkg:pypi/urllib3@1.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/12602?format=api", "purl": "pkg:pypi/urllib3@1.21.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.21.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/12603?format=api", "purl": "pkg:pypi/urllib3@1.22", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-4t6u-aq7n-cbce" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-s4ya-j25m-17fs" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.22" }, { "url": "http://public2.vulnerablecode.io/api/packages/12604?format=api", "purl": "pkg:pypi/urllib3@1.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-ueb4-ur9q-u3e1" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/13299?format=api", "purl": "pkg:pypi/urllib3@1.24", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-m59a-k7rj-t7bh" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-ueb4-ur9q-u3e1" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.24" }, { "url": "http://public2.vulnerablecode.io/api/packages/13300?format=api", "purl": "pkg:pypi/urllib3@1.24.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21kr-1hbf-rfag" }, { "vulnerability": "VCID-83up-c218-e7f3" }, { "vulnerability": "VCID-ah3u-nfq4-dfg6" }, { "vulnerability": "VCID-kesm-g3nv-6fbc" }, { "vulnerability": "VCID-p42y-ygek-p3eb" }, { "vulnerability": "VCID-ueb4-ur9q-u3e1" }, { "vulnerability": "VCID-us3z-hehr-uuca" }, { "vulnerability": "VCID-ymx9-acnn-dbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@1.24.1" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25091.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25091.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-25091", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.45046", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-25091" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/urllib3/PYSEC-2023-207.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/urllib3/PYSEC-2023-207.yaml" }, { "reference_url": "https://github.com/urllib3/urllib3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/urllib3/urllib3" }, { "reference_url": "https://github.com/urllib3/urllib3/commit/adb358f8e06865406d1f05e581a16cbea2136fbc", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/urllib3/urllib3/commit/adb358f8e06865406d1f05e581a16cbea2136fbc" }, { "reference_url": "https://github.com/urllib3/urllib3/compare/1.24.1...1.24.2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/urllib3/urllib3/compare/1.24.1...1.24.2" }, { "reference_url": "https://github.com/urllib3/urllib3/issues/1510", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/urllib3/urllib3/issues/1510" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2244340", "reference_id": "2244340", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2244340" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-25091", "reference_id": "CVE-2018-25091", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-25091" }, { "reference_url": "https://github.com/advisories/GHSA-gwvm-45gx-3cf8", "reference_id": "GHSA-gwvm-45gx-3cf8", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-gwvm-45gx-3cf8" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2988", "reference_id": "RHSA-2024:2988", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2988" } ], "weaknesses": [ { "cwe_id": 200, "name": "Exposure of Sensitive Information to an Unauthorized Actor", "description": "The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information." }, { "cwe_id": 601, "name": "URL Redirection to Untrusted Site ('Open Redirect')", "description": "A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." } ], "exploits": [], "severity_range_score": "4.0 - 6.9", "exploitability": "0.5", "weighted_severity": "6.2", "risk_score": 3.1, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kesm-g3nv-6fbc" }