Lucene search

K
osvGoogleOSV:ALSA-2021:1631
HistoryMay 18, 2021 - 5:42 a.m.

Moderate: python-urllib3 security update

2021-05-1805:42:27
Google
osv.dev
14
python
urllib3
security
crlf injection
http
update

AI Score

6.8

Confidence

High

EPSS

0.007

Percentile

79.9%

The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities.

Security Fix(es):

  • python-urllib3: CRLF injection via HTTP request method (CVE-2020-26137)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.