Package impact

PyPI / urllib3

CVE	Severity	CVSS	Risk	Published	Description	Impact
CVE-2024-37891	medium	—	5.5	2y ago	Moderate: python-urllib3 security update	+1
CVE-2023-45803	medium	—	5.5	2y ago	Moderate: python-urllib3 security update	+1
CVE-2023-43804	medium	—	5.5	3y ago	Moderate: python39:3.9 and python39-devel:3.9 security update	+1
CVE-2019-11236	medium	—	5.5	4y ago	Moderate: python27:2.7 security, bug fix, and enhancement update
CVE-2020-26137	medium	—	5.5	5y ago	Moderate: python27:2.7 security and bug fix update
CVE-2021-33503	medium	—	5.5	5y ago	Moderate: python38:3.8 and python38-devel:3.8 security update	+1
CVE-2019-11324	medium	—	5.5	7y ago	Moderate: python27:2.7 security, bug fix, and enhancement update
CVE-2018-20060	medium	—	5.5	8y ago	Moderate: python27:2.7 security, bug fix, and enhancement update
CVE-2026-44431	medium	5.3	5.3	15d ago	urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followed from the low-level API via ProxyManager.connection_from_url().urlopen(..., assert_same_host=Fa…
CVE-2016-9015	low	3.7	3.7	10y ago	Versions 1.17 and 1.18 of the Python urllib3 library suffer from a vulnerability that can cause them, in certain configurations, to not correctly validate TLS certificates. This places users of the l…