Bounties
Partners
Community
Info
urllib3 / urllib3
Project repository
urllib3 is a user-friendly HTTP client library for Python
Submit a report
FIRST INTERACTION
WITHIN
4 DAYS
REVIEW
WITHIN
97 DAYS
FIX
WITHIN
18 DAYS
Improper validation of url due to a space in the start
Jul 6th 2024
raunak669
•
not applicable
SSRF hostname blacklisting bypass by adding a trailing dot
Jun 3rd 2024
raunak669
•
informative
Medium
post body leaked to third party site when 303 redirect happen
Oct 28th 2023
ranjit-git
•
Medium
•
$400
Medium
•
$400
Cookie header leaked to third party site and it allow to hijack victim account
Oct 2nd 2023
ranjit-git
•
Medium
•
$125
Medium
•
$125
•
CVE-2023-43804
CVE-2023-43804
URL Parsing Flaw enable attacker to bypass blacklist URLs
Jul 6th 2024
mk7120
•
not applicable
Thirdparty site authorization header leak
Apr 28th 2022
sxliuyu
•
pending
this is test
Jan 5th 2022
ranjit-git
•
pending
CRITICAL
$0
HIGH
$0
MEDIUM
$0
LOW
$0
