Max CVSS | 5.0 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2019-11236 | 4.3 |
In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.
|
08-10-2023 - 14:15 | 15-04-2019 - 15:29 | |
CVE-2018-20060 | 5.0 |
urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to uni
|
15-06-2021 - 21:15 | 11-12-2018 - 17:29 |