0.004 Low
EPSS
Percentile
74.7%
A flaw was found in python-urllib3. The HTTPConnection.request() does not properly validate CRLF sequences in the HTTP request method, potentially allowing manipulation of the request by injecting additional HTTP headers. The highest threat from this vulnerability is to confidentiality and integrity.
0.004 Low
EPSS
Percentile
74.7%