Safety vulnerability ID: 71562
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Affected versions of urllib3 affected versions are vulnerable due to an issue where the authorization HTTP header is not removed when following a cross-origin redirect. This can result in credentials within the authorization header being exposed to unintended hosts or transmitted in cleartext. This vulnerability exists because of an incomplete fix for CVE-2018-20060, which addressed a similar issue case-sensitively.
Latest version: 2.2.3
HTTP library with thread-safe connection pooling, file post, and more.
This vulnerability has no description
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application