CNNVD-202506-2562 Information

CNNVD ID

CNNVD-202506-2562

Related CVE

CVE-2025-50182

• CNNVD Published: 2025-06-19

Description (Chinese)

urllib3是urllib3开源的一款Python HTTP库。该产品具有线程安全连接池、文件发布支持等。 urllib3 2.5.0之前版本存在输入验证错误漏洞，该漏洞源于在Pyodide运行时中无法控制重定向行为。

Description (English)

urllib3 is a Python HTTP library of the open source of urllib3. The product has a linear secure connection pool, document release support, etc. There is an input authentication error gap in the pre-version of urllib3 2.5.0, which stems from the inability to control re-directive behaviour while Pyodide is running.

Hazard Level

High

Vulnerability Type

输入验证错误

Affected Vendor

urllib3

Published

2025-06-19

Last Modified

2026-02-24

References

https://github.com/urllib3/urllib3/commit/7eb4a2aafe49a279c29b6d1f0ed0f42e9736194f https://github.com/urllib3/urllib3/security/advisories/GHSA-48p4-8xcf-vxj5

Patch

https://github.com/urllib3/urllib3/releases