Description

urllib3 is a user-friendly HTTP client library for Python. Starting in version 2.2.0 and prior to 2.5.0, urllib3 does not control redirects in browsers and Node.js. urllib3 supports being used in a Pyodide runtime utilizing the JavaScript Fetch API or falling back on XMLHttpRequest. This means Python libraries can be used to make HTTP requests from a browser or Node.js. Additionally, urllib3 provides a mechanism to control redirects, but the retries and redirect parameters are ignored with Pyodide; the runtime itself determines redirect behavior. This issue has been patched in version 2.5.0.

INFO

Published Date :

2025-06-19T01:42:44.921Z

Last Modified :

2025-12-22T18:43:46.779Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-50182 vulnerability.

Vendors Products
Python
  • Urllib3
Urllib3
  • Urllib3
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-50182.

URL Resource
https://github.com/urllib3/urllib3/commit/7eb4a2aafe49a279c29b6d1f0ed0f42e9736194f cve-icon cve-icon cve-icon
https://github.com/urllib3/urllib3/releases/tag/2.5.0 cve-icon cve-icon
https://github.com/urllib3/urllib3/security/advisories/GHSA-48p4-8xcf-vxj5 cve-icon cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-50182 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-50182 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact