python-urllib3 (SUSE:Linux Enterprise Module for Python 2 15 SP1) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Python 2 15 SP1 package python-urllib3, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (4)
CVE-2019-11324 — CVSS 7.5 (high): The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS…
CVE-2020-26137 — CVSS 6.5 (medium): urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF…
CVE-2019-11236 — CVSS 6.1 (medium): In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.
CVE-2019-9740 — CVSS 6.1 (medium): An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the…