Moderate severityNVD Advisory· Published Sep 29, 2020· Updated Aug 4, 2024
CVE-2020-26137
CVE-2020-26137
Description
urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). NOTE: this is similar to CVE-2020-26116.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
urllib3 before 1.25.9 allows CRLF injection when an attacker controls the HTTP request method, enabling request smuggling.
根因分析
urllib3 的 putrequest() 方法在构造 HTTP 请求时,对 method 参数没有进行充分的清理(sanitization)。攻击者可以在 method 中插入 \r\n(CRLF)控制字符,从而在请求头部注入任意内容。这一漏洞与 Python 标准库 http.client 中的 CVE-2020-26116 类似,因为 urllib3 底层也使用了相同的机制来构建请求行。
攻击场景
要利用此漏洞,攻击者必须能够控制 HTTP 请求的 method 参数。例如,当应用程序将用户输入直接传递给 method 字段(如 conn.request(method=user_input, url="/path")),攻击者可以构造 method="GET / HTTP/1.1\r\nHost: attacker.com\r\nRemainder:" 这样的字符串。这样会在原始请求中添加或修改头部,从而可能绕过安全限制或实现请求走私。
影响与后果
成功利用此漏洞后,攻击者可以执行 HTTP 请求走私(HTTP request smuggling),将恶意请求注入到合法的 HTTP 流中。这可能导致缓存投毒、会话劫持、绕过访问控制等严重后果。由于 urllib3 是 Python 生态中广泛使用的 HTTP 客户端库(被 requests 等库使用),该漏洞影响的软件范围较大。
修复状态
该漏洞在 urllib3 1.25.9 版本中已修复。建议所有使用受影响版本的用户立即升级到 1.25.9 或更高版本。官方公告和补丁信息可在 GitHub 仓库的发布说明中找到[1][2][3]。
References
AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
urllib3PyPI | < 1.25.9 | 1.25.9 |
Affected products
357- ghsa-coords357 versionspkg:pypi/urllib3pkg:rpm/almalinux/python2-attrspkg:rpm/almalinux/python2-backportspkg:rpm/almalinux/python2-backports-ssl_match_hostnamepkg:rpm/almalinux/python2-chardetpkg:rpm/almalinux/python2-coveragepkg:rpm/almalinux/python2-Cythonpkg:rpm/almalinux/python2-dnspkg:rpm/almalinux/python2-docspkg:rpm/almalinux/python2-docs-infopkg:rpm/almalinux/python2-docutilspkg:rpm/almalinux/python2-funcsigspkg:rpm/almalinux/python2-idnapkg:rpm/almalinux/python2-ipaddresspkg:rpm/almalinux/python2-markupsafepkg:rpm/almalinux/python2-mockpkg:rpm/almalinux/python2-numpypkg:rpm/almalinux/python2-numpy-docpkg:rpm/almalinux/python2-numpy-f2pypkg:rpm/almalinux/python2-pluggypkg:rpm/almalinux/python2-psycopg2pkg:rpm/almalinux/python2-psycopg2-debugpkg:rpm/almalinux/python2-psycopg2-testspkg:rpm/almalinux/python2-pypkg:rpm/almalinux/python2-PyMySQLpkg:rpm/almalinux/python2-pysockspkg:rpm/almalinux/python2-pytestpkg:rpm/almalinux/python2-pytest-mockpkg:rpm/almalinux/python2-pytzpkg:rpm/almalinux/python2-pyyamlpkg:rpm/almalinux/python2-requestspkg:rpm/almalinux/python2-rpm-macrospkg:rpm/almalinux/python2-setuptoolspkg:rpm/almalinux/python2-setuptools_scmpkg:rpm/almalinux/python2-setuptools-wheelpkg:rpm/almalinux/python2-sixpkg:rpm/almalinux/python2-sqlalchemypkg:rpm/almalinux/python2-urllib3pkg:rpm/almalinux/python3-urllib3pkg:rpm/almalinux/python-psycopg2-docpkg:rpm/almalinux/python-sqlalchemy-docpkg:rpm/suse/ansible&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/ansible&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/ansible&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/ardana-ansible&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/ardana-ansible&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/ardana-cassandra&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-cinder&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/ardana-cinder&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/ardana-glance&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/ardana-glance&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/ardana-mq&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/ardana-mq&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/ardana-mq&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-nova&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/ardana-nova&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/ardana-osconfig&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/ardana-osconfig&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/ardana-osconfig&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/ardana-tempest&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/aws-cli&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP1pkg:rpm/suse/aws-cli&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP2pkg:rpm/suse/aws-cli&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP3pkg:rpm/suse/crowbar-core&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/crowbar-core&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/crowbar-openstack&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/crowbar-openstack&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/crowbar-openstack&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/documentation-hpe-helion-openstack-installation&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/documentation-hpe-helion-openstack-operations&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/documentation-hpe-helion-openstack-opsconsole&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/documentation-hpe-helion-openstack-planning&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/documentation-hpe-helion-openstack-security&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/documentation-hpe-helion-openstack-user&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/documentation-suse-openstack-cloud-deployment&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/documentation-suse-openstack-cloud-installation&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/documentation-suse-openstack-cloud-operations&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/documentation-suse-openstack-cloud-opsconsole&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/documentation-suse-openstack-cloud-planning&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/documentation-suse-openstack-cloud-security&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/documentation-suse-openstack-cloud-supplement&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/documentation-suse-openstack-cloud-supplement&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/documentation-suse-openstack-cloud-upstream-admin&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/documentation-suse-openstack-cloud-upstream-admin&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/documentation-suse-openstack-cloud-upstream-user&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/documentation-suse-openstack-cloud-upstream-user&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/documentation-suse-openstack-cloud-user&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/grafana&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/grafana&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/grafana&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/grafana&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/grafana&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/grafana&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/grafana-natel-discrete-panel&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/grafana-natel-discrete-panel&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/grafana-natel-discrete-panel&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/influxdb&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/influxdb&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/influxdb&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-cinder&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-cinder&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-cinder&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-cinder&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-cinder&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-cinder-doc&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-cinder-doc&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-cinder-doc&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-heat&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-heat&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-heat-gbp&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-heat-gbp&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-heat-templates&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-heat-templates&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-horizon-plugin-gbp-ui&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-horizon-plugin-gbp-ui&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-ironic-python-agent&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-ironic-python-agent&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-manila&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-manila&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-monasca-installer&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-monasca-installer&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-monasca-installer&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-neutron&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-neutron&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-neutron&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-neutron&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-neutron&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-neutron-doc&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-neutron-doc&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-neutron-doc&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-neutron-gbp&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-neutron-gbp&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-neutron-vpnaas&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-neutron-vpnaas&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-nova&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-nova&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-nova&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-nova&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-nova&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-nova-doc&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-nova-doc&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-nova-doc&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/python-ardana-packager&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/python-ardana-packager&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/python-asn1crypto&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/python-asn1crypto&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/python-asn1crypto&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/python-asn1crypto&distro=SUSE%20Linux%20Enterprise%20Micro%205.0pkg:rpm/suse/python-asn1crypto&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/python-asn1crypto&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/python-asn1crypto&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP2pkg:rpm/suse/python-asn1crypto&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP3pkg:rpm/suse/python-asn1crypto&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCLpkg:rpm/suse/python-asn1crypto&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/python-asn1crypto&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/python-asn1crypto&distro=SUSE%20Manager%20Proxy%204.0pkg:rpm/suse/python-asn1crypto&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.0pkg:rpm/suse/python-asn1crypto&distro=SUSE%20Manager%20Server%204.0pkg:rpm/suse/python-boto3&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/python-boto3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/python-boto3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/python-boto3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/python-boto3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/python-boto3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP2pkg:rpm/suse/python-boto3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP3pkg:rpm/suse/python-boto3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCLpkg:rpm/suse/python-boto3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/python-boto3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/python-boto3&distro=SUSE%20Manager%20Proxy%204.0pkg:rpm/suse/python-boto3&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.0pkg:rpm/suse/python-boto3&distro=SUSE%20Manager%20Server%204.0pkg:rpm/suse/python-botocore&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/python-botocore&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/python-botocore&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/python-botocore&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/python-botocore&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/python-botocore&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP2pkg:rpm/suse/python-botocore&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP3pkg:rpm/suse/python-botocore&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP1pkg:rpm/suse/python-botocore&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCLpkg:rpm/suse/python-botocore&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/python-botocore&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/python-botocore&distro=SUSE%20Manager%20Proxy%204.0pkg:rpm/suse/python-botocore&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.0pkg:rpm/suse/python-botocore&distro=SUSE%20Manager%20Server%204.0pkg:rpm/suse/python-cffi&distro=SUSE%20Linux%20Enterprise%20Micro%205.0pkg:rpm/suse/python-cffi&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/python-cffi&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/python-cffi&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP2pkg:rpm/suse/python-cffi&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP3pkg:rpm/suse/python-cryptography&distro=SUSE%20Linux%20Enterprise%20Micro%205.0pkg:rpm/suse/python-cryptography&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/python-cryptography&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/python-cryptography&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP2pkg:rpm/suse/python-cryptography&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP3pkg:rpm/suse/python-Django&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/python-Django&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/python-Django&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/python-Flask-Cors&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/python-Flask-Cors&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/python-Jinja2&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-Jinja2&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/python-keystoneclient&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/python-keystoneclient&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/python-keystoneclient&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/python-keystonemiddleware&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/python-keystonemiddleware&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/python-keystonemiddleware&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/python-kombu&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/python-kombu&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/python-kombu&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/python-Pillow&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/python-Pillow&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/python-Pillow&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/python-pyasn1&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/python-pyasn1&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/python-pyasn1&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/python-pyasn1&distro=SUSE%20Linux%20Enterprise%20Micro%205.0pkg:rpm/suse/python-pyasn1&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/python-pyasn1&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/python-pyasn1&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP2pkg:rpm/suse/python-pyasn1&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP3pkg:rpm/suse/python-pyasn1&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCLpkg:rpm/suse/python-pyasn1&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/python-pyasn1&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/python-pyasn1&distro=SUSE%20Manager%20Proxy%204.0pkg:rpm/suse/python-pyasn1&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.0pkg:rpm/suse/python-pyasn1&distro=SUSE%20Manager%20Server%204.0pkg:rpm/suse/python-pycparser&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/python-pycparser&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/python-pycparser&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/python-pycparser&distro=SUSE%20Linux%20Enterprise%20Micro%205.0pkg:rpm/suse/python-pycparser&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/python-pycparser&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/python-pycparser&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP2pkg:rpm/suse/python-pycparser&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP3pkg:rpm/suse/python-pycparser&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCLpkg:rpm/suse/python-pycparser&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/python-pycparser&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/python-pycparser&distro=SUSE%20Manager%20Proxy%204.0pkg:rpm/suse/python-pycparser&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.0pkg:rpm/suse/python-pycparser&distro=SUSE%20Manager%20Server%204.0pkg:rpm/suse/python-pyOpenSSL&distro=SUSE%20Linux%20Enterprise%20Micro%205.0pkg:rpm/suse/python-pyOpenSSL&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/python-pyOpenSSL&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP2pkg:rpm/suse/python-pysaml2&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-pysaml2&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/python-pytest&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-pytest&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/python-service_identity&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP1pkg:rpm/suse/python-straight-plugin&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/python-straight-plugin&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/python-trustme&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP1pkg:rpm/suse/python-urllib3&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/python-urllib3&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Micro%205.0pkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1pkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012pkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP1pkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP2pkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP3pkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSSpkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSSpkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCLpkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/python-urllib3&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5pkg:rpm/suse/python-urllib3&distro=SUSE%20Manager%20Proxy%204.0pkg:rpm/suse/python-urllib3&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.0pkg:rpm/suse/python-urllib3&distro=SUSE%20Manager%20Server%204.0pkg:rpm/suse/python-urllib3&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/python-urllib3&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/python-urllib3&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-urllib3&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/python-urllib3&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/release-notes-hpe-helion-openstack&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/release-notes-suse-openstack-cloud&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/release-notes-suse-openstack-cloud&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/release-notes-suse-openstack-cloud&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/release-notes-suse-openstack-cloud&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/rubygem-crowbar-client&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/spark&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/spark&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/storm&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/storm&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/storm&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/venv-openstack-aodh&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-aodh&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-barbican&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-barbican&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-barbican&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-ceilometer&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-ceilometer&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-cinder&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-cinder&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-cinder&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-designate&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-designate&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-designate&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-freezer&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-freezer&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-glance&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-glance&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-glance&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-heat&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-heat&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-heat&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-horizon&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-horizon&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-horizon-hpe&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-ironic&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-ironic&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-ironic&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-keystone&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-keystone&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-keystone&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-magnum&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-magnum&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-magnum&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-manila&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-manila&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-manila&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-monasca-ceilometer&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-monasca-ceilometer&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-monasca-ceilometer&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-monasca&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-monasca&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-monasca&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-murano&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-murano&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-neutron&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-neutron&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-neutron&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-nova&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-nova&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-nova&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-octavia&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-octavia&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-octavia&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-sahara&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-sahara&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-sahara&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-swift&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-swift&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-swift&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-trove&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-trove&distro=SUSE%20OpenStack%20Cloud%208
< 1.25.9+ 356 more
- (no CPE)range: < 1.25.9
- (no CPE)range: < 17.4.0-10.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.0-16.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 3.5.0.1-12.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 3.0.4-10.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 4.5.1-4.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 0.28.1-7.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.15.0-10.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.7.16-2.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.7.16-2.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 0.14-12.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.0.2-13.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.5-7.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.0.18-6.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 0.23-19.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.0.0-13.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1:1.14.2-16.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1:1.14.2-16.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1:1.14.2-16.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 0.6.0-8.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.7.5-7.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.7.5-7.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.7.5-7.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.5.3-6.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 0.8.0-10.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.6.8-6.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 3.4.2-13.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.9.0-4.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2017.2-12.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 3.12-16.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.20.0-3.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 3-38.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 39.0.1-13.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.15.7-6.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 39.0.1-13.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.11.0-6.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.3.2-2.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.24.2-3.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.24.2-5.el8
- (no CPE)range: < 2.7.5-7.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 1.3.2-2.module_el8.6.0+2781+fed64c13
- (no CPE)range: < 2.9.14-3.15.1
- (no CPE)range: < 2.9.14-3.15.1
- (no CPE)range: < 2.9.14-3.15.1
- (no CPE)range: < 8.0+git.1596735237.54109b1-3.77.1
- (no CPE)range: < 8.0+git.1596735237.54109b1-3.77.1
- (no CPE)range: < 9.0+git.1600802664.7e480a2-3.6.2
- (no CPE)range: < 8.0+git.1596129856.263f430-3.43.1
- (no CPE)range: < 8.0+git.1596129856.263f430-3.43.1
- (no CPE)range: < 8.0+git.1593631779.76fa9b7-3.24.1
- (no CPE)range: < 8.0+git.1593631779.76fa9b7-3.24.1
- (no CPE)range: < 8.0+git.1593618123.678c32b-3.26.1
- (no CPE)range: < 8.0+git.1593618123.678c32b-3.26.1
- (no CPE)range: < 9.0+git.1605174486.a78ddce-3.19.2
- (no CPE)range: < 8.0+git.1601298847.dd01585-3.42.1
- (no CPE)range: < 8.0+git.1601298847.dd01585-3.42.1
- (no CPE)range: < 8.0+git.1595885113.93abcbc-3.49.1
- (no CPE)range: < 8.0+git.1595885113.93abcbc-3.49.1
- (no CPE)range: < 9.0+git.1601621747.a87e5a0-3.22.2
- (no CPE)range: < 9.0+git.1603378983.fc0bca9-3.19.2
- (no CPE)range: < 1.19.9-26.1
- (no CPE)range: < 1.19.9-26.1
- (no CPE)range: < 1.19.9-26.1
- (no CPE)range: < 5.0+git.1600432272.b3ad722f0-3.44.1
- (no CPE)range: < 6.0+git.1606314264.bf9ada813-3.31.2
- (no CPE)range: < 4.0+git.1604938545.30c10db18-9.77.1
- (no CPE)range: < 5.0+git.1599037158.5c4d07480-4.43.1
- (no CPE)range: < 6.0+git.1604573541.bb18c172d-3.28.3
- (no CPE)range: < 8.20201007-1.29.1
- (no CPE)range: < 8.20201007-1.29.1
- (no CPE)range: < 8.20201007-1.29.1
- (no CPE)range: < 8.20201007-1.29.1
- (no CPE)range: < 8.20201007-1.29.1
- (no CPE)range: < 8.20201007-1.29.1
- (no CPE)range: < 8.20201007-1.29.1
- (no CPE)range: < 8.20201007-1.29.1
- (no CPE)range: < 8.20201007-1.29.1
- (no CPE)range: < 8.20201007-1.29.1
- (no CPE)range: < 8.20201007-1.29.1
- (no CPE)range: < 8.20201007-1.29.1
- (no CPE)range: < 8.20201007-1.29.1
- (no CPE)range: < 8.20201007-1.29.1
- (no CPE)range: < 8.20201007-1.29.1
- (no CPE)range: < 8.20201007-1.29.1
- (no CPE)range: < 8.20201007-1.29.1
- (no CPE)range: < 8.20201007-1.29.1
- (no CPE)range: < 8.20201007-1.29.1
- (no CPE)range: < 6.7.4-4.12.1
- (no CPE)range: < 6.7.4-1.20.1
- (no CPE)range: < 6.7.4-4.12.1
- (no CPE)range: < 6.7.4-3.20.1
- (no CPE)range: < 6.7.4-4.12.1
- (no CPE)range: < 6.7.4-3.20.1
- (no CPE)range: < 0.0.9-3.3.6
- (no CPE)range: < 0.0.9-3.3.6
- (no CPE)range: < 0.0.9-3.3.6
- (no CPE)range: < 1.2.4-5.1
- (no CPE)range: < 1.3.8-4.3.3
- (no CPE)range: < 1.3.8-4.3.3
- (no CPE)range: < 11.2.3~dev29-3.28.2
- (no CPE)range: < 11.2.3~dev29-3.28.2
- (no CPE)range: < 13.0.10~dev20-3.28.2
- (no CPE)range: < 11.2.3~dev29-3.28.2
- (no CPE)range: < 13.0.10~dev20-3.28.2
- (no CPE)range: < 11.2.3~dev29-3.28.1
- (no CPE)range: < 11.2.3~dev29-3.28.1
- (no CPE)range: < 11.2.3~dev29-3.28.1
- (no CPE)range: < 11.0.4~dev4-3.19.2
- (no CPE)range: < 11.0.4~dev4-3.19.2
- (no CPE)range: < 12.0.1~dev2-3.3.4
- (no CPE)range: < 12.0.1~dev2-3.3.4
- (no CPE)range: < 0.0.0+git.1605509190.64f020b6-3.9.3
- (no CPE)range: < 0.0.0+git.1605509190.64f020b6-3.9.3
- (no CPE)range: < 12.0.1~dev3-3.3.4
- (no CPE)range: < 12.0.1~dev3-3.3.4
- (no CPE)range: < 3.3.4~dev6-3.19.4
- (no CPE)range: < 3.3.4~dev6-3.19.4
- (no CPE)range: < 7.4.2~dev57-4.30.2
- (no CPE)range: < 7.4.2~dev57-4.30.2
- (no CPE)range: < 20190923_16.32-3.15.1
- (no CPE)range: < 20190923_16.32-3.15.1
- (no CPE)range: < 20190923_16.32-3.15.1
- (no CPE)range: < 11.0.9~dev69-3.37.2
- (no CPE)range: < 11.0.9~dev69-3.37.2
- (no CPE)range: < 13.0.8~dev135-3.31.2
- (no CPE)range: < 11.0.9~dev69-3.37.2
- (no CPE)range: < 13.0.8~dev135-3.31.2
- (no CPE)range: < 11.0.9~dev69-3.37.1
- (no CPE)range: < 11.0.9~dev69-3.37.1
- (no CPE)range: < 11.0.9~dev69-3.37.1
- (no CPE)range: < 12.0.1~dev5-3.19.4
- (no CPE)range: < 12.0.1~dev5-3.19.4
- (no CPE)range: < 13.0.2~dev6-3.9.2
- (no CPE)range: < 13.0.2~dev6-3.9.2
- (no CPE)range: < 16.1.9~dev76-3.39.2
- (no CPE)range: < 16.1.9~dev76-3.39.2
- (no CPE)range: < 18.3.1~dev77-3.31.2
- (no CPE)range: < 16.1.9~dev76-3.39.2
- (no CPE)range: < 18.3.1~dev77-3.31.2
- (no CPE)range: < 16.1.9~dev76-3.39.1
- (no CPE)range: < 16.1.9~dev76-3.39.1
- (no CPE)range: < 16.1.9~dev76-3.39.1
- (no CPE)range: < 0.0.3-7.7.2
- (no CPE)range: < 0.0.3-7.7.2
- (no CPE)range: < 0.24.0-3.2.1
- (no CPE)range: < 0.24.0-3.2.1
- (no CPE)range: < 0.24.0-3.2.1
- (no CPE)range: < 0.24.0-3.2.1
- (no CPE)range: < 0.24.0-3.2.1
- (no CPE)range: < 0.24.0-3.2.1
- (no CPE)range: < 0.24.0-3.2.1
- (no CPE)range: < 0.24.0-3.2.1
- (no CPE)range: < 0.24.0-3.2.1
- (no CPE)range: < 0.24.0-3.2.1
- (no CPE)range: < 0.24.0-3.2.1
- (no CPE)range: < 0.24.0-3.2.1
- (no CPE)range: < 0.24.0-3.2.1
- (no CPE)range: < 0.24.0-3.2.1
- (no CPE)range: < 1.17.9-19.1
- (no CPE)range: < 1.17.9-19.1
- (no CPE)range: < 1.17.9-19.1
- (no CPE)range: < 1.17.9-19.1
- (no CPE)range: < 1.17.9-19.1
- (no CPE)range: < 1.17.9-19.1
- (no CPE)range: < 1.17.9-19.1
- (no CPE)range: < 1.17.9-19.1
- (no CPE)range: < 1.17.9-19.1
- (no CPE)range: < 1.17.9-19.1
- (no CPE)range: < 1.17.9-19.1
- (no CPE)range: < 1.17.9-19.1
- (no CPE)range: < 1.17.9-19.1
- (no CPE)range: < 1.20.9-33.1
- (no CPE)range: < 1.20.9-33.1
- (no CPE)range: < 1.20.9-33.1
- (no CPE)range: < 1.20.9-33.1
- (no CPE)range: < 1.20.9-33.1
- (no CPE)range: < 1.20.9-33.1
- (no CPE)range: < 1.20.9-33.1
- (no CPE)range: < 1.20.9-33.1
- (no CPE)range: < 1.20.9-33.1
- (no CPE)range: < 1.20.9-33.1
- (no CPE)range: < 1.20.9-33.1
- (no CPE)range: < 1.20.9-33.1
- (no CPE)range: < 1.20.9-33.1
- (no CPE)range: < 1.20.9-33.1
- (no CPE)range: < 1.13.2-3.2.5
- (no CPE)range: < 1.13.2-3.2.5
- (no CPE)range: < 1.13.2-3.2.5
- (no CPE)range: < 1.13.2-3.2.5
- (no CPE)range: < 1.13.2-3.2.5
- (no CPE)range: < 2.8-10.1
- (no CPE)range: < 2.8-10.1
- (no CPE)range: < 2.8-10.1
- (no CPE)range: < 2.8-10.1
- (no CPE)range: < 2.8-10.1
- (no CPE)range: < 1.11.29-3.19.2
- (no CPE)range: < 1.11.29-3.19.2
- (no CPE)range: < 1.11.29-3.19.2
- (no CPE)range: < 3.0.3-3.3.1
- (no CPE)range: < 3.0.3-3.3.1
- (no CPE)range: < 2.10.1-3.3.3
- (no CPE)range: < 2.10.1-3.3.3
- (no CPE)range: < 3.13.1-3.3.2
- (no CPE)range: < 3.13.1-3.3.2
- (no CPE)range: < 3.13.1-3.3.2
- (no CPE)range: < 4.17.1-5.3.1
- (no CPE)range: < 4.17.1-5.3.1
- (no CPE)range: < 4.17.1-5.3.1
- (no CPE)range: < 4.1.0-3.7.1
- (no CPE)range: < 4.1.0-3.7.1
- (no CPE)range: < 4.1.0-3.7.1
- (no CPE)range: < 4.2.1-3.9.2
- (no CPE)range: < 4.2.1-3.9.2
- (no CPE)range: < 4.2.1-3.9.2
- (no CPE)range: < 0.4.2-3.2.1
- (no CPE)range: < 0.4.2-3.2.1
- (no CPE)range: < 0.4.2-3.2.1
- (no CPE)range: < 0.4.2-3.2.1
- (no CPE)range: < 0.4.2-3.2.1
- (no CPE)range: < 0.4.2-3.2.1
- (no CPE)range: < 0.4.2-3.2.1
- (no CPE)range: < 0.4.2-3.2.1
- (no CPE)range: < 0.4.2-3.2.1
- (no CPE)range: < 0.4.2-3.2.1
- (no CPE)range: < 0.4.2-3.2.1
- (no CPE)range: < 0.4.2-3.2.1
- (no CPE)range: < 0.4.2-3.2.1
- (no CPE)range: < 0.4.2-3.2.1
- (no CPE)range: < 2.17-3.2.1
- (no CPE)range: < 2.17-3.2.1
- (no CPE)range: < 2.17-3.2.1
- (no CPE)range: < 2.17-3.2.1
- (no CPE)range: < 2.17-3.2.1
- (no CPE)range: < 2.17-3.2.1
- (no CPE)range: < 2.17-3.2.1
- (no CPE)range: < 2.17-3.2.1
- (no CPE)range: < 2.17-3.2.1
- (no CPE)range: < 2.17-3.2.1
- (no CPE)range: < 2.17-3.2.1
- (no CPE)range: < 2.17-3.2.1
- (no CPE)range: < 2.17-3.2.1
- (no CPE)range: < 2.17-3.2.1
- (no CPE)range: < 17.5.0-8.3.1
- (no CPE)range: < 17.5.0-8.3.1
- (no CPE)range: < 17.5.0-8.3.1
- (no CPE)range: < 4.5.0-4.3.3
- (no CPE)range: < 4.5.0-4.3.3
- (no CPE)range: < 3.7.4-3.3.3
- (no CPE)range: < 3.7.4-3.3.3
- (no CPE)range: < 18.1.0-3.3.1
- (no CPE)range: < 1.5.0-1.3.1
- (no CPE)range: < 1.5.0-1.3.1
- (no CPE)range: < 0.6.0-3.3.1
- (no CPE)range: < 1.22-5.12.1
- (no CPE)range: < 1.25.10-9.14.1
- (no CPE)range: < 1.25.10-9.14.1
- (no CPE)range: < 1.25.10-9.14.1
- (no CPE)range: < 1.25.10-9.14.1
- (no CPE)range: < 1.24-9.10.1
- (no CPE)range: < 1.24-9.10.1
- (no CPE)range: < 1.25.10-3.31.2
- (no CPE)range: < 1.24-9.10.1
- (no CPE)range: < 1.24-9.10.1
- (no CPE)range: < 1.25.10-9.14.1
- (no CPE)range: < 1.25.10-3.31.2
- (no CPE)range: < 1.25.10-3.31.2
- (no CPE)range: < 1.25.10-3.31.2
- (no CPE)range: < 1.25.10-3.31.2
- (no CPE)range: < 1.25.10-3.31.2
- (no CPE)range: < 1.25.10-9.14.1
- (no CPE)range: < 1.25.10-9.14.1
- (no CPE)range: < 1.25.10-3.31.2
- (no CPE)range: < 1.25.10-3.31.2
- (no CPE)range: < 1.25.10-3.31.2
- (no CPE)range: < 1.25.10-9.14.1
- (no CPE)range: < 1.25.10-3.31.2
- (no CPE)range: < 1.25.10-3.31.2
- (no CPE)range: < 1.25.10-9.14.1
- (no CPE)range: < 1.25.10-9.14.1
- (no CPE)range: < 1.25.10-9.14.1
- (no CPE)range: < 1.16-3.12.1
- (no CPE)range: < 1.22-5.12.1
- (no CPE)range: < 1.23-3.15.3
- (no CPE)range: < 1.22-5.12.1
- (no CPE)range: < 1.23-3.15.3
- (no CPE)range: < 8.20200922-3.23.1
- (no CPE)range: < 8.20200922-3.23.1
- (no CPE)range: < 9.20200917-3.24.3
- (no CPE)range: < 8.20200922-3.23.1
- (no CPE)range: < 9.20200917-3.24.3
- (no CPE)range: < 3.9.3-1.1
- (no CPE)range: < 2.2.3-5.3.3
- (no CPE)range: < 2.2.3-5.3.3
- (no CPE)range: < 1.2.3-3.6.1
- (no CPE)range: < 1.2.3-3.6.1
- (no CPE)range: < 1.2.3-3.6.1
- (no CPE)range: < 5.1.1~dev7-12.28.1
- (no CPE)range: < 5.1.1~dev7-12.28.1
- (no CPE)range: < 5.0.2~dev3-12.29.1
- (no CPE)range: < 5.0.2~dev3-12.29.1
- (no CPE)range: < 7.0.1~dev24-3.21.2
- (no CPE)range: < 9.0.8~dev7-12.26.1
- (no CPE)range: < 9.0.8~dev7-12.26.1
- (no CPE)range: < 11.2.3~dev29-14.30.1
- (no CPE)range: < 11.2.3~dev29-14.30.1
- (no CPE)range: < 13.0.10~dev20-3.24.2
- (no CPE)range: < 5.0.3~dev7-12.27.1
- (no CPE)range: < 5.0.3~dev7-12.27.1
- (no CPE)range: < 7.0.2~dev2-3.21.2
- (no CPE)range: < 5.0.0.0~xrc2~dev2-10.24.1
- (no CPE)range: < 5.0.0.0~xrc2~dev2-10.24.1
- (no CPE)range: < 15.0.3~dev3-12.27.1
- (no CPE)range: < 15.0.3~dev3-12.27.1
- (no CPE)range: < 17.0.1~dev30-3.19.2
- (no CPE)range: < 9.0.8~dev22-12.29.1
- (no CPE)range: < 9.0.8~dev22-12.29.1
- (no CPE)range: < 11.0.4~dev4-3.21.2
- (no CPE)range: < 12.0.5~dev3-14.32.1
- (no CPE)range: < 14.1.1~dev7-4.23.2
- (no CPE)range: < 12.0.5~dev3-14.32.1
- (no CPE)range: < 9.1.8~dev8-12.29.1
- (no CPE)range: < 9.1.8~dev8-12.29.1
- (no CPE)range: < 11.1.5~dev16-4.19.2
- (no CPE)range: < 12.0.4~dev11-11.30.1
- (no CPE)range: < 12.0.4~dev11-11.30.1
- (no CPE)range: < 14.2.1~dev4-3.21.2
- (no CPE)range: < 5.0.2_5.0.2_5.0.2~dev31-11.28.1
- (no CPE)range: < 5.0.2_5.0.2_5.0.2~dev31-11.28.1
- (no CPE)range: < 7.2.1~dev1-4.21.2
- (no CPE)range: < 5.1.1~dev5-12.33.1
- (no CPE)range: < 5.1.1~dev5-12.33.1
- (no CPE)range: < 7.4.2~dev57-3.25.2
- (no CPE)range: < 1.5.1_1.5.1_1.5.1~dev3-8.24.1
- (no CPE)range: < 1.5.1_1.5.1_1.5.1~dev3-8.24.1
- (no CPE)range: < 1.8.2~dev3-3.21.2
- (no CPE)range: < 2.2.2~dev1-11.24.1
- (no CPE)range: < 2.2.2~dev1-11.24.1
- (no CPE)range: < 2.7.1~dev10-3.19.2
- (no CPE)range: < 4.0.2~dev2-12.24.1
- (no CPE)range: < 4.0.2~dev2-12.24.1
- (no CPE)range: < 11.0.9~dev69-13.32.1
- (no CPE)range: < 11.0.9~dev69-13.32.1
- (no CPE)range: < 13.0.8~dev135-6.23.2
- (no CPE)range: < 16.1.9~dev76-11.30.1
- (no CPE)range: < 16.1.9~dev76-11.30.1
- (no CPE)range: < 18.3.1~dev77-3.23.2
- (no CPE)range: < 1.0.6~dev3-12.29.1
- (no CPE)range: < 1.0.6~dev3-12.29.1
- (no CPE)range: < 3.2.3~dev7-4.21.2
- (no CPE)range: < 7.0.5~dev4-11.28.1
- (no CPE)range: < 7.0.5~dev4-11.28.1
- (no CPE)range: < 9.0.2~dev15-3.21.2
- (no CPE)range: < 2.15.2_2.15.2_2.15.2~dev32-11.21.1
- (no CPE)range: < 2.15.2_2.15.2_2.15.2~dev32-11.21.1
- (no CPE)range: < 2.19.2~dev48-2.16.2
- (no CPE)range: < 8.0.2~dev2-11.28.1
- (no CPE)range: < 8.0.2~dev2-11.28.1
Patches
11dd69c5c5982Raise ValueError if method contains control characters (#1800)
3 files changed · +27 −0
CHANGES.rst+7 −0 modified@@ -1,6 +1,13 @@ Changes ======= +master (dev) +------------ + +* Raise ``ValueError`` if control characters are given in + the ``method`` parameter of ``HTTPConnection.request()`` (Pull #1800) + + 1.25.8 (2020-01-20) -------------------
src/urllib3/connection.py+14 −0 modified@@ -1,4 +1,5 @@ from __future__ import absolute_import +import re import datetime import logging import os @@ -58,6 +59,8 @@ class ConnectionError(Exception): # (ie test_recent_date is failing) update it to ~6 months before the current date. RECENT_DATE = datetime.date(2019, 1, 1) +_CONTAINS_CONTROL_CHAR_RE = re.compile(r"[^-!#$%&'*+.^_`|~0-9a-zA-Z]") + class DummyConnection(object): """Used to detect a failed ConnectionCls import.""" @@ -184,6 +187,17 @@ def connect(self): conn = self._new_conn() self._prepare_conn(conn) + def putrequest(self, method, url, *args, **kwargs): + """Send a request to the server""" + match = _CONTAINS_CONTROL_CHAR_RE.search(method) + if match: + raise ValueError( + "Method cannot contain non-token characters %r (found at least %r)" + % (method, match.group()) + ) + + return _HTTPConnection.putrequest(self, method, url, *args, **kwargs) + def request_chunked(self, method, url, body=None, headers=None): """ Alternative to the common request method, which sends the
test/with_dummyserver/test_connectionpool.py+6 −0 modified@@ -677,6 +677,12 @@ def test_dns_error(self): with pytest.raises(MaxRetryError): pool.request("GET", "/test", retries=2) + @pytest.mark.parametrize("char", [" ", "\r", "\n", "\x00"]) + def test_invalid_method_not_allowed(self, char): + with pytest.raises(ValueError): + with HTTPConnectionPool(self.host, self.port) as pool: + pool.request("GET" + char, "/") + def test_percent_encode_invalid_target_chars(self): with HTTPConnectionPool(self.host, self.port) as pool: r = pool.request("GET", "/echo_params?q=\r&k=\n \n")
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
12- github.com/advisories/GHSA-wqvq-5m8c-6g24ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-26137ghsaADVISORY
- usn.ubuntu.com/4570-1/mitrevendor-advisory
- bugs.python.org/issue39603ghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/urllib3/PYSEC-2020-148.yamlghsaWEB
- github.com/urllib3/urllib3/commit/1dd69c5c5982fae7c87a620d487c2ebf7a6b436bghsaWEB
- github.com/urllib3/urllib3/pull/1800ghsaWEB
- lists.debian.org/debian-lts-announce/2021/06/msg00015.htmlghsamailing-listWEB
- lists.debian.org/debian-lts-announce/2023/10/msg00012.htmlghsamailing-listWEB
- usn.ubuntu.com/4570-1ghsaWEB
- www.oracle.com/security-alerts/cpujul2022.htmlghsaWEB
- www.oracle.com/security-alerts/cpuoct2021.htmlghsaWEB
News mentions
0No linked articles in our index yet.