AVG-1691 log

Package python-urllib3, python2-urllib3
Status Fixed
Severity High
Type certificate verification bypass
Affected 1.26.3-1
Fixed 1.26.4-1
Current 1.26.20-4 [extra-testing]
1.26.20-3 [extra]
Ticket None
Created Tue Mar 16 10:31:58 2021
Issue Severity Remote Type Description
CVE-2021-28363 High Yes Certificate verification bypass
The urllib3 library 1.26.x before 1.26.4 for Python omits SSL certificate validation in some cases involving HTTPS to HTTPS proxies. The initial connection...