urllib3 vulnerabilities

HTTP library with thread-safe connection pooling, file post, and more.

Latest version: 1.25.3

Licenses detected

  • license: MIT [0,)
Continuously find & fix vulnerabilities like these in your dependencies. Test and protect your applications

Direct Vulnerabilities

Known vulnerabilities in the urllib3 package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability Vulnerable versions Snyk patch Published
  • H
Improper Certificate Validation
[,1.24.2) Not available 18 Apr, 2019
  • H
CRLF injection
[,1.24.3) Not available 18 Apr, 2019
  • M
Authentication Bypass
[,1.23) Not available 12 Dec, 2018
  • L
Improper Certificate Validation
[1.17,1.18.1) Not available 27 Oct, 2016