GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
7 advisories
urllib3 does not control redirects in browsers and Node.js
Moderate
CVE-2025-50182
was published
for
urllib3
(pip)
Jun 18, 2025
urllib3 redirects are not disabled when retries are disabled on PoolManager instantiation
Moderate
CVE-2025-50181
was published
for
urllib3
(pip)
Jun 18, 2025
Requests vulnerable to .netrc credentials leak via malicious URLs
Moderate
CVE-2024-47081
was published
for
requests
(pip)
Jun 9, 2025
check-jsonschema default caching for remote schemas allows for cache confusion
Moderate
CVE-2024-53848
was published
for
check-jsonschema
(pip)
Dec 2, 2024
urllib3's request body not stripped after redirect from 303 status changes request method to GET
Moderate
CVE-2023-45803
was published
for
urllib3
(pip)
Oct 17, 2023
aiohttp.web.Application vulnerable to HTTP request smuggling via llhttp HTTP request parser
Moderate
CVE-2023-37276
was published
for
aiohttp
(pip)
Jul 20, 2023
Unintended leak of Proxy-Authorization header in requests
Moderate
CVE-2023-32681
was published
for
requests
(pip)
May 22, 2023
ProTip!
Advisories are also available from the
GraphQL API