[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2025-50181":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":24,"aliases":34,"duplicate_of":9,"upstream":36,"downstream":37,"duplicates":64,"related":65,"reserved_at":9,"published_at":93,"modified_at":94,"state":95,"summary":96,"references_raw":104,"kevs":135,"epss":136,"epss_history":139,"metrics":410,"affected":424},"CVE-2025-50181","urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, it is possible to disable redirects for all requests by instantiating a PoolManager and specifying retries in a way that disable redirects. By default, requests and botocore users are not affected. An application attempting to mitigate SSRF or open redirect vulnerabilities by disabling redirects at the PoolManager level will remain vulnerable. This issue has been patched in version 2.5.0.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-601","URL Redirection to Untrusted Site ('Open Redirect')","The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.","weakness","Draft","Base","Low",[20],{"id":21,"name":22,"techniques":23},"CAPEC-178","Cross-Site Flashing",[],[25],{"_key":26,"name":27,"source":28,"url":29,"maturity":30,"reliability_score":31,"verified":32,"type":9,"platforms":33,"requires_auth":9,"exploitdb":9,"metasploit":9},"GITHUB_URLLIB3_URLLIB3","Urllib3","github","https://github.com/urllib3/urllib3/issues/1553","poc",0.3,false,[],[35],"GHSA-pq67-6m6q-mj2v",[],[38,40,42,44,46,48,50,52,54,56,58,60,62],{"_key":39},"SUSE-SU-2025:02736-1",{"_key":41},"UBUNTU-CVE-2025-50181",{"_key":43},"USN-7599-2",{"_key":45},"SUSE-SU-2025:02735-1",{"_key":47},"SUSE-SU-2025:02985-1",{"_key":49},"SUSE-SU-2025:20558-1",{"_key":51},"SUSE-SU-2025:20856-1",{"_key":53},"OPENSUSE-SU-2025:15283-1",{"_key":55},"OPENSUSE-SU-2025:15284-1",{"_key":57},"OPENSUSE-SU-2026:10539-1",{"_key":59},"MGASA-2025-0281",{"_key":61},"DEBIAN-CVE-2025-50181",{"_key":63},"USN-7599-1",[],[66,67,68,69,70,71,72,73,74,75,77,79,81,83,85,87,89,91],{"_key":59},{"_key":39},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":76},"CGA-3HXW-CR3X-P4C5",{"_key":78},"CGA-4P7H-XGPG-2MXX",{"_key":80},"CGA-4QGW-VJH8-CQ98",{"_key":82},"CGA-5PHW-374R-3675",{"_key":84},"CGA-J2PH-8QFQ-2Q24",{"_key":86},"CGA-J86F-QMHX-R4CH",{"_key":88},"CGA-M9V4-C24C-93FP",{"_key":90},"CGA-PFX8-JP22-3RCR",{"_key":92},"CGA-GMJC-PJMC-6F5F","2025-06-19T01:08:00.340Z","2025-12-22T18:44:17.668Z","Modified",{"cisa_kev":32,"cisa_ransomware":32,"cisa_vendor":9,"epss_severity":97,"epss_score":98,"severity":99,"severity_score":100,"severity_version":101,"severity_source":102,"severity_vector":103,"severity_status":95},"low",0.00079,"medium",6.1,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",[105,115,121,125,130],{"url":106,"sources":107,"tags":110},"https://github.com/urllib3/urllib3/security/advisories/GHSA-pq67-6m6q-mj2v",[108,102,109],"cve.org","osv_pypi",[111,112,113,114],"X Refsource CONFIRM","Exploit","Vendor Advisory","WEB",{"url":116,"sources":117,"tags":118},"https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857",[108,102,109],[119,120,114],"X Refsource MISC","Patch",{"url":122,"sources":123,"tags":124},"https://github.com/urllib3/urllib3/releases/tag/2.5.0",[108,102,109],[119,114],{"url":126,"sources":127,"tags":128},"https://nvd.nist.gov/vuln/detail/CVE-2025-50181",[109],[129],"Advisory",{"url":131,"sources":132,"tags":133},"https://github.com/urllib3/urllib3",[109],[134],"PACKAGE",[],{"date":137,"score":98,"percentile":138},"2026-06-04",0.23444,[140,144,147,150,153,156,159,162,165,168,171,175,178,182,185,188,191,194,197,199,202,205,208,211,215,217,220,223,226,229,232,235,238,241,244,247,250,253,256,259,262,265,268,270,272,275,278,281,283,286,289,291,294,297,301,304,307,311,314,317,320,323,326,328,331,334,337,340,343,346,349,352,355,358,361,364,368,371,374,377,380,383,386,389,392,395,398,401,404,407],{"date":141,"score":142,"percentile":143},"2025-11-04",0.00023,0.04655,{"date":145,"score":142,"percentile":146},"2025-11-05",0.04665,{"date":148,"score":142,"percentile":149},"2025-11-06",0.0478,{"date":151,"score":142,"percentile":152},"2025-11-07",0.04787,{"date":154,"score":142,"percentile":155},"2025-11-08",0.04785,{"date":157,"score":142,"percentile":158},"2025-11-09",0.04788,{"date":160,"score":142,"percentile":161},"2025-11-10",0.04773,{"date":163,"score":142,"percentile":164},"2025-11-11",0.0481,{"date":166,"score":142,"percentile":167},"2025-11-12",0.04828,{"date":169,"score":142,"percentile":170},"2025-11-13",0.04862,{"date":172,"score":173,"percentile":174},"2025-11-14",0.00013,0.01486,{"date":176,"score":173,"percentile":177},"2025-11-15",0.01506,{"date":179,"score":180,"percentile":181},"2025-11-16",0.00012,0.01381,{"date":183,"score":180,"percentile":184},"2025-11-17",0.0137,{"date":186,"score":180,"percentile":187},"2025-11-18",0.00712,{"date":189,"score":180,"percentile":190},"2025-11-19",0.00725,{"date":192,"score":180,"percentile":193},"2025-11-20",0.00742,{"date":195,"score":180,"percentile":196},"2025-11-21",0.01427,{"date":198,"score":180,"percentile":196},"2025-11-22",{"date":200,"score":180,"percentile":201},"2025-11-23",0.01412,{"date":203,"score":180,"percentile":204},"2025-11-24",0.01409,{"date":206,"score":180,"percentile":207},"2025-11-25",0.01394,{"date":209,"score":180,"percentile":210},"2025-11-26",0.01338,{"date":212,"score":213,"percentile":214},"2025-11-27",0.00015,0.02068,{"date":216,"score":213,"percentile":214},"2025-11-28",{"date":218,"score":213,"percentile":219},"2025-11-29",0.02115,{"date":221,"score":213,"percentile":222},"2025-11-30",0.02124,{"date":224,"score":213,"percentile":225},"2025-12-01",0.02167,{"date":227,"score":213,"percentile":228},"2025-12-02",0.02163,{"date":230,"score":213,"percentile":231},"2025-12-03",0.0217,{"date":233,"score":213,"percentile":234},"2025-12-04",0.02122,{"date":236,"score":213,"percentile":237},"2025-12-05",0.02138,{"date":239,"score":213,"percentile":240},"2025-12-06",0.02144,{"date":242,"score":213,"percentile":243},"2025-12-07",0.02141,{"date":245,"score":213,"percentile":246},"2025-12-08",0.02143,{"date":248,"score":213,"percentile":249},"2025-12-09",0.0216,{"date":251,"score":213,"percentile":252},"2025-12-10",0.02193,{"date":254,"score":213,"percentile":255},"2025-12-11",0.02194,{"date":257,"score":213,"percentile":258},"2025-12-12",0.02201,{"date":260,"score":213,"percentile":261},"2025-12-13",0.02184,{"date":263,"score":213,"percentile":264},"2025-12-14",0.02189,{"date":266,"score":213,"percentile":267},"2025-12-15",0.02176,{"date":269,"score":213,"percentile":225},"2025-12-16",{"date":271,"score":213,"percentile":261},"2025-12-17",{"date":273,"score":213,"percentile":274},"2025-12-18",0.02185,{"date":276,"score":213,"percentile":277},"2025-12-19",0.02187,{"date":279,"score":213,"percentile":280},"2025-12-20",0.02191,{"date":282,"score":213,"percentile":258},"2025-12-21",{"date":284,"score":213,"percentile":285},"2025-12-22",0.02197,{"date":287,"score":213,"percentile":288},"2025-12-23",0.02135,{"date":290,"score":213,"percentile":246},"2025-12-24",{"date":292,"score":213,"percentile":293},"2025-12-25",0.02149,{"date":295,"score":213,"percentile":296},"2025-12-26",0.02152,{"date":298,"score":299,"percentile":300},"2025-12-27",0.00017,0.03365,{"date":302,"score":299,"percentile":303},"2025-12-28",0.0338,{"date":305,"score":299,"percentile":306},"2025-12-29",0.03371,{"date":308,"score":309,"percentile":310},"2025-12-30",0.00016,0.02589,{"date":312,"score":309,"percentile":313},"2025-12-31",0.02575,{"date":315,"score":309,"percentile":316},"2026-01-01",0.02638,{"date":318,"score":309,"percentile":319},"2026-01-02",0.02642,{"date":321,"score":309,"percentile":322},"2026-01-03",0.0264,{"date":324,"score":309,"percentile":325},"2026-01-04",0.0257,{"date":327,"score":309,"percentile":313},"2026-01-05",{"date":329,"score":309,"percentile":330},"2026-01-06",0.02567,{"date":332,"score":309,"percentile":333},"2026-01-07",0.02585,{"date":335,"score":309,"percentile":336},"2026-01-08",0.02611,{"date":338,"score":309,"percentile":339},"2026-01-09",0.02624,{"date":341,"score":309,"percentile":342},"2026-01-10",0.02632,{"date":344,"score":309,"percentile":345},"2026-01-11",0.02615,{"date":347,"score":309,"percentile":348},"2026-01-12",0.02573,{"date":350,"score":299,"percentile":351},"2026-01-13",0.03497,{"date":353,"score":299,"percentile":354},"2026-01-14",0.03509,{"date":356,"score":299,"percentile":357},"2026-01-15",0.03465,{"date":359,"score":299,"percentile":360},"2026-01-16",0.03452,{"date":362,"score":299,"percentile":363},"2026-01-17",0.03455,{"date":365,"score":366,"percentile":367},"2026-01-18",0.00019,0.04233,{"date":369,"score":366,"percentile":370},"2026-01-19",0.04179,{"date":372,"score":366,"percentile":373},"2026-01-20",0.04138,{"date":375,"score":299,"percentile":376},"2026-01-21",0.03397,{"date":378,"score":299,"percentile":379},"2026-01-22",0.034,{"date":381,"score":299,"percentile":382},"2026-01-23",0.03074,{"date":384,"score":299,"percentile":385},"2026-01-24",0.03087,{"date":387,"score":299,"percentile":388},"2026-01-25",0.03075,{"date":390,"score":299,"percentile":391},"2026-01-26",0.03062,{"date":393,"score":299,"percentile":394},"2026-01-27",0.03061,{"date":396,"score":299,"percentile":397},"2026-01-28",0.03064,{"date":399,"score":299,"percentile":400},"2026-01-29",0.03088,{"date":402,"score":299,"percentile":403},"2026-01-30",0.03089,{"date":405,"score":299,"percentile":406},"2026-01-31",0.0311,{"date":408,"score":299,"percentile":409},"2026-02-01",0.03183,[411,418,422],{"source":108,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":412,"cvss_v4_0":9},{"baseScore":413,"baseSeverity":414,"vectorString":415,"impactScore":416,"exploitabilityScore":417},5.3,"MEDIUM","CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",6,4.1,{"source":102,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":419,"cvss_v4_0":9},{"baseScore":100,"baseSeverity":414,"vectorString":103,"impactScore":420,"exploitabilityScore":421},4.5,7.2,{"source":109,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":423,"cvss_v4_0":9},{"baseScore":413,"baseSeverity":9,"vectorString":415,"impactScore":416,"exploitabilityScore":417},[425,436,443],{"ecosystem":426,"name":427,"vendor":426,"product":427,"cpe_part":9,"purl_type":428,"purl_namespace":9,"purl_name":427,"source":9,"versions":429},"PyPI","urllib3","pypi",[430],{"version":431,"is_range":432,"range_type":433,"version_start":9,"version_start_type":9,"version_end":434,"version_end_type":435,"fixed_in":9},"lt2_5_0",true,"ecosystem","2.5.0","excluding",{"ecosystem":9,"name":427,"vendor":437,"product":427,"cpe_part":438,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":439},"python","a",[440],{"version":441,"is_range":432,"range_type":442,"version_start":9,"version_start_type":9,"version_end":434,"version_end_type":435,"fixed_in":9},"lt2.5.0","cpe",{"ecosystem":9,"name":427,"vendor":427,"product":427,"cpe_part":438,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":444},[445],{"version":446,"is_range":432,"range_type":108,"version_start":9,"version_start_type":9,"version_end":434,"version_end_type":435,"fixed_in":9},"\u003C 2.5.0"]