Python Urllib3
3 CVEs affecting Python Urllib3. Latest disclosed: 2026-05-13. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-44432 | High | 7.5 | 2026-05-13 | urllib3 is an HTTP client library for Python. From 2.6.0 to before 2.7.0, urllib3 could decompress the whole response instead of the requested portion (1) duri… |
CVE-2026-44431 | Medium | 5.3 | 2026-05-13 | urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followed from the low-level API via ProxyManager.connection_fro… |
CVE-2016-9015 | Low | 3.7 | 2017-01-11 | Versions 1.17 and 1.18 of the Python urllib3 library suffer from a vulnerability that can cause them, in certain configurations, to not correctly validate TLS… |