- Description
- urllib3 is a user-friendly HTTP client library for Python. Starting in version 2.2.0 and prior to 2.5.0, urllib3 does not control redirects in browsers and Node.js. urllib3 supports being used in a Pyodide runtime utilizing the JavaScript Fetch API or falling back on XMLHttpRequest. This means Python libraries can be used to make HTTP requests from a browser or Node.js. Additionally, urllib3 provides a mechanism to control redirects, but the retries and redirect parameters are ignored with Pyodide; the runtime itself determines redirect behavior. This issue has been patched in version 2.5.0.
- Source
- security-advisories@github.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 5.3
- Impact score
- 3.6
- Exploitability score
- 1.6
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
- security-advisories@github.com
- CWE-601
- Hype score
- Not currently trending
CVE-2025-50182 urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, urllib3 does not control redirects in browsers and Node.js. urllib3 supports being used in … https://t.co/j7bxlb2Xt9
@CVEnew
19 Jun 2025
102 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-50182 Redirect Handling Vulnerability in urllib3 Before 2.5.0 in Pyodide Runtime https://t.co/PGZhxDpCRN
@VulmonFeeds
19 Jun 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes