AVG-1691 log
Package | python-urllib3, python2-urllib3 |
Status | Fixed |
Severity | High |
Type | certificate verification bypass |
Affected | 1.26.3-1 |
Fixed | 1.26.4-1 |
Current |
1.26.20-4 [extra-testing] 1.26.20-3 [extra] |
Ticket | None |
Created | Tue Mar 16 10:31:58 2021 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2021-28363 | High | Yes | Certificate verification bypass | The urllib3 library 1.26.x before 1.26.4 for Python omits SSL certificate validation in some cases involving HTTPS to HTTPS proxies. The initial connection... |