Moderate severityOSV Advisory· Published Apr 15, 2019· Updated Aug 4, 2024
CVE-2019-11236
CVE-2019-11236
Description
In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
CRLF injection vulnerability in urllib3 for Python up to 1.24.1 allows request parameter-based injection.
Vulnerability
Overview
CVE-2019-11236 is a CRLF injection vulnerability in the urllib3 library for Python, affecting versions through 1.24.1. The vulnerability occurs when an attacker controls the request parameter, allowing injection of carriage return and line feed characters into HTTP headers or the request body [4]. This issue stems from insufficient sanitization of user-supplied input in request parameters.
Attack
Vector and Exploitation
The attack vector requires the attacker to control the request parameter, which is typically possible through user input fields or API parameters. No authentication is needed if the application directly uses unsanitized user input. The vulnerability exists in the way urllib3 handles CRLF sequences, enabling an attacker to inject additional headers or modify the request structure. Exploitation can be achieved without special network access if the application processes attacker-controlled parameters.
Impact
Successful exploitation could lead to HTTP request smuggling, header injection, or response splitting. An attacker may inject malicious headers, bypass security controls, or manipulate the request in a way that compromises the integrity of HTTP communications. This can result in cross-site scripting (XSS) or cache poisoning in downstream systems. The impact is limited to HTTP-based applications that use vulnerable urllib3 versions.
Mitigation
The vulnerability is fixed in urllib3 version 1.24.2 and later [2]. Red Hat has released patches for Red Hat Enterprise Linux 8 via RHSA-2019:3590, updating python-urllib3 to version 1.24.2-2 [2]. Other advisories, such as RHSA-2019:3335 and RHSA-2019:2272, reference related package updates [1][3]. Users should upgrade to the latest version to mitigate the risk.
References
AI Insight generated on May 22, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
urllib3PyPI | < 1.24.3 | 1.24.3 |
Affected products
160- ghsa-coords159 versionspkg:pypi/urllib3pkg:rpm/almalinux/python2-attrspkg:rpm/almalinux/python2-chardetpkg:rpm/almalinux/python2-coveragepkg:rpm/almalinux/python2-Cythonpkg:rpm/almalinux/python2-dnspkg:rpm/almalinux/python2-docspkg:rpm/almalinux/python2-docs-infopkg:rpm/almalinux/python2-docutilspkg:rpm/almalinux/python2-funcsigspkg:rpm/almalinux/python2-idnapkg:rpm/almalinux/python2-ipaddresspkg:rpm/almalinux/python2-markupsafepkg:rpm/almalinux/python2-mockpkg:rpm/almalinux/python2-pluggypkg:rpm/almalinux/python2-psycopg2pkg:rpm/almalinux/python2-psycopg2-debugpkg:rpm/almalinux/python2-psycopg2-testspkg:rpm/almalinux/python2-pypkg:rpm/almalinux/python2-PyMySQLpkg:rpm/almalinux/python2-pysockspkg:rpm/almalinux/python2-pytestpkg:rpm/almalinux/python2-pytest-mockpkg:rpm/almalinux/python2-pytzpkg:rpm/almalinux/python2-pyyamlpkg:rpm/almalinux/python2-requestspkg:rpm/almalinux/python2-rpm-macrospkg:rpm/almalinux/python2-setuptools_scmpkg:rpm/almalinux/python-psycopg2-docpkg:rpm/opensuse/python-urllib3&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/python-urllib3&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/python-urllib3-test&distro=openSUSE%20Leap%2015.1pkg:rpm/suse/ardana-ansible&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-barbican&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-cinder&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-cluster&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-cobbler&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-db&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-designate&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-extensions-nsx&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-glance&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-heat&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-horizon&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-input-model&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-installer-ui&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-ironic&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-keystone&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-logging&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-magnum&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-monasca&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-mq&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-neutron&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-nova&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-octavia&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-opsconsole&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-opsconsole-ui&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-osconfig&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-service&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-ses&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-swift&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-tempest&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/crowbar-core&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/crowbar-ha&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/crowbar-openstack&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/crowbar-ui&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-ceilometer&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-ceilometer&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-cinder&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-cinder&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-designate&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-designate&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-heat&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-heat&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-horizon-plugin-neutron-fwaas-ui&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-horizon-plugin-neutron-fwaas-ui&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-horizon-plugin-neutron-lbaas-ui&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-horizon-plugin-neutron-lbaas-ui&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-horizon-plugin-neutron-vpnaas-ui&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-horizon-plugin-neutron-vpnaas-ui&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-ironic&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-ironic&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-ironic-python-agent&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-ironic-python-agent&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-keystone&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-keystone&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-magnum&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-magnum&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-manila&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-manila&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-monasca-notification&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-monasca-notification&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-monasca-persister&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-monasca-persister&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-monasca-persister-java&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-monasca-persister-java&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-neutron&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-neutron&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-neutron-gbp&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-neutron-gbp&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-neutron-lbaas&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-neutron-lbaas&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-nova&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-nova&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-octavia&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-octavia&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-tempest&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-tempest&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/python-ardana-configurationprocessor&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-cinder-tempest-plugin&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-cinder-tempest-plugin&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/python-ironicclient&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-ironicclient&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/python-keystonemiddleware&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-keystonemiddleware&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/python-monasca-tempest-plugin&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-monasca-tempest-plugin&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/python-openstackclient&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-openstackclient&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/python-openstacksdk&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-openstacksdk&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/python-proliantutils&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-proliantutils&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/python-python-engineio&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-swiftlm&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-urllib3&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/python-urllib3&distro=SUSE%20Enterprise%20Storage%204pkg:rpm/suse/python-urllib3&distro=SUSE%20Enterprise%20Storage%205pkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015pkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1pkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012pkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP1pkg:rpm/suse/python-urllib3&distro=SUSE%20Manager%20Server%203.2pkg:rpm/suse/python-urllib3&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/python-urllib3&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/python-urllib3&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-urllib3&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/python-urllib3&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/python-vmware-nsx&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-vmware-nsx&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/python-vmware-nsxlib&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-vmware-nsxlib&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/venv-openstack-barbican&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-cinder&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-designate&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-glance&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-heat&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-horizon&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-ironic&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-keystone&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-magnum&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-manila&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-monasca-ceilometer&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-monasca&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-neutron&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-nova&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-octavia&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-sahara&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-swift&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/yast2-crowbar&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209
< 1.24.3+ 158 more
- (no CPE)range: < 1.24.3
- (no CPE)range: < 17.4.0-10.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 3.0.4-10.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 4.5.1-4.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 0.28.1-7.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.15.0-10.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.7.16-2.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.7.16-2.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 0.14-12.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.0.2-13.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.5-7.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.0.18-6.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 0.23-19.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.0.0-13.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 0.6.0-8.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.7.5-7.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.7.5-7.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.7.5-7.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.5.3-6.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 0.8.0-10.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.6.8-6.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 3.4.2-13.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.9.0-4.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2017.2-12.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 3.12-16.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.20.0-3.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 3-38.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.15.7-6.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.7.5-7.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.22-lp150.5.3.1
- (no CPE)range: < 1.24-lp151.2.3.1
- (no CPE)range: < 1.24-lp151.2.3.1
- (no CPE)range: < 9.0+git.1566374020.301191f-3.7.2
- (no CPE)range: < 9.0+git.1566251498.be02ca4-3.7.2
- (no CPE)range: < 9.0+git.1565678764.c3a9b9f-3.7.2
- (no CPE)range: < 9.0+git.1559333871.40508f7-3.7.2
- (no CPE)range: < 9.0+git.1566336494.93967dd-3.7.2
- (no CPE)range: < 9.0+git.1564409964.b7e4fc3-3.7.2
- (no CPE)range: < 9.0+git.1565680593.df7a432-3.7.2
- (no CPE)range: < 9.0+git.1566213657.69862ab-8.1
- (no CPE)range: < 9.0+git.1566375806.f0b2333-3.7.2
- (no CPE)range: < 9.0+git.1565721273.f44b8d7-3.7.2
- (no CPE)range: < 9.0+git.1565891518.2a545a1-3.7.2
- (no CPE)range: < 9.0+git.1562848565.91e75b2-3.7.2
- (no CPE)range: < 9.0+git.1566255088.3443670-3.7.2
- (no CPE)range: < 9.0+git.1565721987.ddc59c8-3.7.2
- (no CPE)range: < 9.0+git.1565891593.cad6d1a-3.7.2
- (no CPE)range: < 9.0+git.1565761582.2dc823a-3.7.2
- (no CPE)range: < 9.0+git.1565762005.016032a-3.7.2
- (no CPE)range: < 9.0+git.1566332665.ad894c0-3.7.2
- (no CPE)range: < 9.0+git.1565115025.148d092-3.7.2
- (no CPE)range: < 9.0+git.1566251310.3a1e8f9-3.7.2
- (no CPE)range: < 9.0+git.1566332515.e232568-3.7.2
- (no CPE)range: < 9.0+git.1566206502.6c87b41-3.7.2
- (no CPE)range: < 9.0+git.1566251377.b1caeaa-3.7.2
- (no CPE)range: < 9.0+git.1555530925.206f1a8-4.7.2
- (no CPE)range: < 9.0+git.1565764394.545b573-3.7.2
- (no CPE)range: < 9.0+git.1564706915.edd44c4-3.7.2
- (no CPE)range: < 9.0+git.1565962617.523149b-3.7.2
- (no CPE)range: < 9.0+git.1565891872.73fc3c7-3.7.2
- (no CPE)range: < 9.0+git.1566471752.a3c5c9c-3.7.2
- (no CPE)range: < 6.0+git.1566321308.1de18b9a4-3.7.2
- (no CPE)range: < 6.0+git.1566406179.7549de2-3.7.2
- (no CPE)range: < 6.0+git.1566404979.41279a88e-3.7.2
- (no CPE)range: < 1.3.0+git.1563181545.65360af5-8.1
- (no CPE)range: < 11.0.2~dev14-3.7.2
- (no CPE)range: < 11.0.2~dev14-3.7.2
- (no CPE)range: < 13.0.7~dev3-3.7.2
- (no CPE)range: < 13.0.7~dev3-3.7.2
- (no CPE)range: < 7.0.1~dev21-3.7.2
- (no CPE)range: < 7.0.1~dev21-3.7.2
- (no CPE)range: < 11.0.3~dev19-3.7.2
- (no CPE)range: < 11.0.3~dev19-3.7.2
- (no CPE)range: < 1.5.1~dev6-8.1
- (no CPE)range: < 1.5.1~dev6-8.1
- (no CPE)range: < 5.0.1~dev7-8.1
- (no CPE)range: < 5.0.1~dev7-8.1
- (no CPE)range: < 1.4.1~dev7-8.1
- (no CPE)range: < 1.4.1~dev7-8.1
- (no CPE)range: < 11.1.4~dev9-3.7.2
- (no CPE)range: < 11.1.4~dev9-3.7.2
- (no CPE)range: < 3.3.3~dev4-3.7.2
- (no CPE)range: < 3.3.3~dev4-3.7.2
- (no CPE)range: < 14.1.1~dev8-3.7.2
- (no CPE)range: < 14.1.1~dev8-3.7.2
- (no CPE)range: < 7.1.1~dev28-3.7.2
- (no CPE)range: < 7.1.1~dev28-3.7.2
- (no CPE)range: < 7.3.1~dev3-4.7.2
- (no CPE)range: < 7.3.1~dev3-4.7.2
- (no CPE)range: < 1.14.2~dev1-6.7.2
- (no CPE)range: < 1.14.2~dev1-6.7.2
- (no CPE)range: < 1.12.1~dev9-9.1
- (no CPE)range: < 1.12.1~dev9-9.1
- (no CPE)range: < 1.12.1~dev9-9.1
- (no CPE)range: < 1.12.1~dev9-9.1
- (no CPE)range: < 13.0.5~dev22-3.7.2
- (no CPE)range: < 13.0.5~dev22-3.7.2
- (no CPE)range: < 5.0.1~dev459-3.7.2
- (no CPE)range: < 5.0.1~dev459-3.7.2
- (no CPE)range: < 13.0.1~dev14-3.7.2
- (no CPE)range: < 13.0.1~dev14-3.7.2
- (no CPE)range: < 18.2.2~dev9-3.7.2
- (no CPE)range: < 18.2.2~dev9-3.7.2
- (no CPE)range: < 3.1.2~dev8-3.7.2
- (no CPE)range: < 3.1.2~dev8-3.7.2
- (no CPE)range: < 19.0.0-12.1
- (no CPE)range: < 19.0.0-12.1
- (no CPE)range: < 9.0+git.1566405927.c5c03d4-3.8.2
- (no CPE)range: < 0.1.0-8.1
- (no CPE)range: < 0.1.0-8.1
- (no CPE)range: < 2.5.3-4.7.2
- (no CPE)range: < 2.5.3-4.7.2
- (no CPE)range: < 5.2.0-8.1
- (no CPE)range: < 5.2.0-8.1
- (no CPE)range: < 0.3.0-8.1
- (no CPE)range: < 0.3.0-8.1
- (no CPE)range: < 3.16.2-8.1
- (no CPE)range: < 3.16.2-8.1
- (no CPE)range: < 0.17.3-8.1
- (no CPE)range: < 0.17.3-8.1
- (no CPE)range: < 2.8.4-8.1
- (no CPE)range: < 2.8.4-8.1
- (no CPE)range: < 2.0.2-9.1
- (no CPE)range: < 9.0+git.1541434883.e0ebe69-8.1
- (no CPE)range: < 1.22-5.6.1
- (no CPE)range: < 1.22-3.14.1
- (no CPE)range: < 1.22-3.14.1
- (no CPE)range: < 1.22-6.4.1
- (no CPE)range: < 1.24-9.4.1
- (no CPE)range: < 1.22-3.14.1
- (no CPE)range: < 1.24-9.4.1
- (no CPE)range: < 1.22-3.14.1
- (no CPE)range: < 1.16-3.6.1
- (no CPE)range: < 1.22-5.6.1
- (no CPE)range: < 1.23-3.6.1
- (no CPE)range: < 1.22-5.6.1
- (no CPE)range: < 1.23-3.6.1
- (no CPE)range: < 13.0.1~dev146-9.1
- (no CPE)range: < 13.0.1~dev146-9.1
- (no CPE)range: < 13.0.1~dev24-8.1
- (no CPE)range: < 13.0.1~dev24-8.1
- (no CPE)range: < 7.0.1~dev18-3.7.2
- (no CPE)range: < 13.0.7~dev3-3.7.2
- (no CPE)range: < 7.0.1~dev21-3.7.2
- (no CPE)range: < 17.0.1~dev16-3.7.2
- (no CPE)range: < 11.0.3~dev19-3.7.2
- (no CPE)range: < 14.0.4~dev4-4.7.2
- (no CPE)range: < 11.1.4~dev9-4.7.2
- (no CPE)range: < 14.1.1~dev8-3.7.2
- (no CPE)range: < 7.1.1~dev28-4.7.2
- (no CPE)range: < 7.3.1~dev3-3.7.2
- (no CPE)range: < 1.8.2~dev3-3.7.2
- (no CPE)range: < 2.7.1~dev10-3.7.2
- (no CPE)range: < 13.0.5~dev22-6.7.2
- (no CPE)range: < 18.2.2~dev9-3.7.2
- (no CPE)range: < 3.1.2~dev8-4.7.2
- (no CPE)range: < 9.0.2~dev9-3.7.2
- (no CPE)range: < 2.19.2~dev1-2.4.2
- (no CPE)range: < 3.4.2-8.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
24- lists.opensuse.org/opensuse-security-announce/2019-09/msg00039.htmlghsavendor-advisoryWEB
- lists.opensuse.org/opensuse-security-announce/2019-09/msg00041.htmlghsavendor-advisoryWEB
- access.redhat.com/errata/RHSA-2019:2272ghsavendor-advisoryWEB
- access.redhat.com/errata/RHSA-2019:3335ghsavendor-advisoryWEB
- access.redhat.com/errata/RHSA-2019:3590ghsavendor-advisoryWEB
- github.com/advisories/GHSA-r64q-w8jr-g9qpghsaADVISORY
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NKGPJLVLVYCL4L4B4G5TIOTVK4BKPG72/mitrevendor-advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R62XGEYPUTXMRHGX5I37EBCGQ5COHGKR/mitrevendor-advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TBI45HO533KYHNB5YRO43TBYKA3E3VRL/mitrevendor-advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOSA2NT4DUQDBEIWE6O7KKD24XND7TE2/mitrevendor-advisory
- nvd.nist.gov/vuln/detail/CVE-2019-11236ghsaADVISORY
- usn.ubuntu.com/3990-1/mitrevendor-advisory
- usn.ubuntu.com/3990-2/mitrevendor-advisory
- github.com/pypa/advisory-database/tree/main/vulns/urllib3/PYSEC-2019-132.yamlghsaWEB
- github.com/urllib3/urllib3/issues/1553ghsaWEB
- lists.debian.org/debian-lts-announce/2019/06/msg00016.htmlghsamailing-listWEB
- lists.debian.org/debian-lts-announce/2021/06/msg00015.htmlghsamailing-listWEB
- lists.debian.org/debian-lts-announce/2023/10/msg00012.htmlghsamailing-listWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NKGPJLVLVYCL4L4B4G5TIOTVK4BKPG72ghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R62XGEYPUTXMRHGX5I37EBCGQ5COHGKRghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TBI45HO533KYHNB5YRO43TBYKA3E3VRLghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOSA2NT4DUQDBEIWE6O7KKD24XND7TE2ghsaWEB
- usn.ubuntu.com/3990-1ghsaWEB
- usn.ubuntu.com/3990-2ghsaWEB
News mentions
0No linked articles in our index yet.