vulnerability
Red Hat OpenShift: CVE-2019-11236: python-urllib3: CRLF injection due to not encoding the '\r\n' sequence leading to possible attack on internal service
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:P/A:N) | Apr 15, 2019 | Dec 29, 2020 | Aug 11, 2025 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
Apr 15, 2019
Added
Dec 29, 2020
Modified
Aug 11, 2025
Description
In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.
Solution
linuxrpm-upgrade-python-urllib3
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.