UBUNTU-CVE-2018-25091
Advisory lineage Upstream: 1 Downstream: 2
Upstream
Downstream
Published: 15 Oct 2023, 19:15
Last modified:04 Feb 2026, 02:53
Vulnerability Summary
Overall Risk (default)
low
24/100 CVSS Score
6.1 MEDIUM
3.1 (osv_ubuntu)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
15 Oct 2023, 19:15
Published
Vulnerability first disclosed
04 Feb 2026, 02:53
Last Modified
Vulnerability information updated
Description
urllib3 before 1.24.2 does not remove the authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the authorization header to be exposed to unintended hosts or transmitted in cleartext. NOTE: this issue exists because of an incomplete fix for CVE-2018-20060 (which was case-sensitive).
CVSS Metrics
- v3.1•MEDIUM•Score: 6.1CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected Systems
- ubuntu•python-pip
all | < 8.1.1-2ubuntu0.6+esm6 | < 9.0.1-2.3~ubuntu1.18.04.8+esm2
- ubuntu•python-urllib3
all | < 1.13.1-2ubuntu0.16.04.4+esm1 | < 1.22-1ubuntu0.18.04.2+esm1
References (7)
- https://ubuntu.com/security/CVE-2018-25091
- https://github.com/urllib3/urllib3/issues/1510
- https://github.com/urllib3/urllib3/compare/1.24.1...1.24.2
- https://github.com/urllib3/urllib3/commit/adb358f8e06865406d1f05e581a16cbea2136fbc
- https://ubuntu.com/security/notices/USN-6473-1
- https://ubuntu.com/security/notices/USN-6473-2
- https://www.cve.org/CVERecord?id=CVE-2018-25091