USN-7599-2

Advisory lineage Upstream: 2 Downstream: 0

Upstream

CVE-2025-50181 UBUNTU-CVE-2025-50181

Published: 26 Jun 2025, 14:19

Last modified:04 Feb 2026, 04:32

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

26 Jun 2025, 14:19

Published

Vulnerability first disclosed

04 Feb 2026, 04:32

Last Modified

Vulnerability information updated

Description

python-pip vulnerability USN-7599-1 fixed vulnerabilities in python-urllib3. This update provides the corresponding update for python-pip for CVE-2025-50181. Original advisory details: Jacob Sandum discovered that urllib3 handled redirects even when they were explicitly disabled while using the PoolManager. An attacker could possibly use this issue to obtain sensitive information. (CVE-2025-50181) Illia Volochii discovered that urllib3 incorrectly handled retry and redirect parameters when using Node.js. An attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 25.04. (CVE-2025-50182)

Affected Systems

ubuntu•python-pip
< 22.0.2+dfsg-1ubuntu0.6 | < 24.0+dfsg-1ubuntu1.2

USN-7599-2

Vulnerability Summary

Timeline

Description

Affected Systems

References (2)