
We found results for “”
CVE-2025-50182
Good to know:


Date: June 18, 2025
urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, urllib3 does not control redirects in browsers and Node.js. urllib3 supports being used in a Pyodide runtime utilizing the JavaScript Fetch API or falling back on XMLHttpRequest. This means Python libraries can be used to make HTTP requests from a browser or Node.js. Additionally, urllib3 provides a mechanism to control redirects, but the retries and redirect parameters are ignored with Pyodide; the runtime itself determines redirect behavior. This issue has been patched in version 2.5.0.
Severity Score
Related Resources (6)
Severity Score
Weakness Type (CWE)
URL Redirection to Untrusted Site ('Open Redirect')
CWE-601Top Fix

Upgrade Version
Upgrade to version urllib3 - 2.5.0;urllib3 - 2.5.0;https://github.com/urllib3/urllib3.git - 2.5.0
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | HIGH |
Privileges Required (PR): | LOW |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | NONE |
Availability (A): | NONE |