icon

We found results for “

CVE-2025-50182

Good to know:

icon
icon

Date: June 18, 2025

urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, urllib3 does not control redirects in browsers and Node.js. urllib3 supports being used in a Pyodide runtime utilizing the JavaScript Fetch API or falling back on XMLHttpRequest. This means Python libraries can be used to make HTTP requests from a browser or Node.js. Additionally, urllib3 provides a mechanism to control redirects, but the retries and redirect parameters are ignored with Pyodide; the runtime itself determines redirect behavior. This issue has been patched in version 2.5.0.

Severity Score

Severity Score

Weakness Type (CWE)

URL Redirection to Untrusted Site ('Open Redirect')

CWE-601

Top Fix

icon

Upgrade Version

Upgrade to version urllib3 - 2.5.0;urllib3 - 2.5.0;https://github.com/urllib3/urllib3.git - 2.5.0

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): HIGH
Privileges Required (PR): LOW
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): NONE
Availability (A): NONE

Do you need more information?

Contact Us