CVE-2016-9015
CVE-2016-9015 affects Python urllib3 versions 1.17 and 1.18 when using PyOpenSSL with OpenSSL 1.1.0; in such configurations TLS certificate validation can be bypassed, enabling MITM and information leakage. The issue is considered low impact due to the very specific configuration. remediation fro...