VIR Vulnerability Intelligence Relay

CVE-2023-45803

medium
Published 2024-01-25 · Modified 2024-01-25
CVSS v3
CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
CVSS v2
VIR risk
5.5

Description

Moderate: python-urllib3 security update

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2024-0464.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2024-0116.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2242493

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2024:0116

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2024-2132.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2024-11238.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2024-2952.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2024:2952

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2024-2968.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2257854

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2257028

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2024:2968

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2024-11189.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2246840

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2024:11189

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2023-45803

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2024:11238

vendor Authored 2026-05-27

Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2023-45803.html

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2024:2968

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2024:11189

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2024:2952

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2024:2132

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2024:11238

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2024:0464

OS impact
OSVersionStatusFixed in
redhat rhel9fixed
rockylinux rocky8fixed
suse slesaffected
rockylinux rocky9fixed
debian debianbookwormfixed1.26.12-1+deb12u1
debian debianbullseyefixed1.26.5-1~exp1+deb11u1
debian debianforkyfixed1.26.18-1
debian debiansidfixed1.26.18-1
debian debiantrixiefixed1.26.18-1

Package impact
EcosystemPackageVulnerableFixed
python PyPIurllib3>=2.0.0,<2.0.72.0.7
python PyPIurllib3<1.26.181.26.18
python PyPIurllib3<4e98d57809dacab1cbe625fddeec1a290c478ea9||<1.26.184e98d57809dacab1cbe625fddeec1a290c478ea9

References

Verify integrity in audit chain (admin only). AS-IS.