In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
DLA-1828-1 | python-urllib3 security update |
![]() |
DLA-2686-1 | python-urllib3 security update |
![]() |
DLA-3610-1 | python-urllib3 security update |
![]() |
EUVD-2019-0152 | In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter. |
![]() |
GHSA-r64q-w8jr-g9qp | Improper Neutralization of CRLF Sequences in urllib3 library for Python |
![]() |
USN-3990-1 | urllib3 vulnerabilities |
![]() |
USN-3990-2 | urllib3 vulnerability |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-04T22:48:09.019Z
Reserved: 2019-04-15T00:00:00
Link: CVE-2019-11236

No data.

Status : Modified
Published: 2019-04-15T15:29:00.637
Modified: 2024-11-21T04:20:47.257
Link: CVE-2019-11236


No data.