Test ID:	1.3.6.1.4.1.25623.1.1.4.2021.3251.1
Category:	SuSE Local Security Checks
Title:	SUSE: Security Advisory (SUSE-SU-2021:3251-1)
Summary:	The remote host is missing an update for the 'python-urllib3' package(s) announced via the SUSE-SU-2021:3251-1 advisory.
Description:	Summary: The remote host is missing an update for the 'python-urllib3' package(s) announced via the SUSE-SU-2021:3251-1 advisory. Vulnerability Insight: This update for python-urllib3 fixes the following security issue: - CVE-2020-26137: A CRLF injection via HTTP request method was fixed (bsc#1177120) Note that this was fixed in a previous version update to 1.25.9, this update just complements the tracking. Affected Software/OS: 'python-urllib3' package(s) on SUSE Linux Enterprise Server 12-SP2, SUSE Linux Enterprise Server 12-SP3, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server for SAP Applications 12-SP3, SUSE Linux Enterprise Server for SAP Applications 12-SP4, SUSE Linux Enterprise Server for SAP Applications 12-SP5. Solution: Please install the updated package(s). CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2020-26137 https://bugs.python.org/issue39603 https://github.com/urllib3/urllib3/commit/1dd69c5c5982fae7c87a620d487c2ebf7a6b436b https://github.com/urllib3/urllib3/pull/1800 https://www.oracle.com/security-alerts/cpujul2022.html https://www.oracle.com/security-alerts/cpuoct2021.html https://lists.debian.org/debian-lts-announce/2021/06/msg00015.html https://lists.debian.org/debian-lts-announce/2023/10/msg00012.html https://usn.ubuntu.com/4570-1/
Copyright	Copyright (C) 2021 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.