urllib3 is a user-friendly HTTP client library for Python. Starting in version 2.2.0 and prior to 2.5.0, urllib3 does not control redirects in browsers and Node.js. urllib3 supports being used in a Pyodide runtime utilizing the JavaScript Fetch API or falling back on XMLHttpRequest. This means Python libraries can be used to make HTTP requests from a browser or Node.js. Additionally, urllib3 provides a mechanism to control redirects, but the retries and redirect parameters are ignored with Pyodide; the runtime itself determines redirect behavior. This issue has been patched in version 2.5.0.
                
            Metrics
Affected Vendors & Products
References
        History
                    Mon, 30 Jun 2025 19:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Description | urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, urllib3 does not control redirects in browsers and Node.js. urllib3 supports being used in a Pyodide runtime utilizing the JavaScript Fetch API or falling back on XMLHttpRequest. This means Python libraries can be used to make HTTP requests from a browser or Node.js. Additionally, urllib3 provides a mechanism to control redirects, but the retries and redirect parameters are ignored with Pyodide; the runtime itself determines redirect behavior. This issue has been patched in version 2.5.0. | urllib3 is a user-friendly HTTP client library for Python. Starting in version 2.2.0 and prior to 2.5.0, urllib3 does not control redirects in browsers and Node.js. urllib3 supports being used in a Pyodide runtime utilizing the JavaScript Fetch API or falling back on XMLHttpRequest. This means Python libraries can be used to make HTTP requests from a browser or Node.js. Additionally, urllib3 provides a mechanism to control redirects, but the retries and redirect parameters are ignored with Pyodide; the runtime itself determines redirect behavior. This issue has been patched in version 2.5.0. | 
Mon, 23 Jun 2025 17:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Metrics | ssvc 
 | 
Fri, 20 Jun 2025 03:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| References |  | |
| Metrics | threat_severity 
 | threat_severity 
 | 
Thu, 19 Jun 2025 02:00:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Description | urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, urllib3 does not control redirects in browsers and Node.js. urllib3 supports being used in a Pyodide runtime utilizing the JavaScript Fetch API or falling back on XMLHttpRequest. This means Python libraries can be used to make HTTP requests from a browser or Node.js. Additionally, urllib3 provides a mechanism to control redirects, but the retries and redirect parameters are ignored with Pyodide; the runtime itself determines redirect behavior. This issue has been patched in version 2.5.0. | |
| Title | urllib3 does not control redirects in browsers and Node.js | |
| Weaknesses | CWE-601 | |
| References |  | |
| Metrics | cvssV3_1 
 | 
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2025-06-30T19:02:41.510Z
Reserved: 2025-06-13T19:17:51.726Z
Link: CVE-2025-50182
 Vulnrichment
                        Vulnrichment
                    Updated: 2025-06-23T16:56:08.872Z
 NVD
                        NVD
                    Status : Awaiting Analysis
Published: 2025-06-19T02:15:17.967
Modified: 2025-06-30T19:15:25.017
Link: CVE-2025-50182
 Redhat
                        Redhat