Skip to main content

Early Access — Mondoo Vulnerability Intelligence is currently in preview.

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

SUSE-SU-2019:2370-1 | Mondoo Vulnerability Intelligence

SUSE-SU-2019:2370-1

UNKNOWN

Security update for python-urllib3

Published Sep 12, 2019

Modified 6 years ago

Fix available

Details

This update for python-urllib3 fixes the following issues:

Security issues fixed:

CVE-2019-9740: Fixed CRLF injection issue (bsc#1129071).
CVE-2019-11324: Fixed invalid CA certificat verification (bsc#1132900).
CVE-2019-11236: Fixed CRLF injection via request parameter (bsc#1132663).
CVE-2018-20060: Remove Authorization header when redirecting cross-host (bsc#1119376).

Affected Packages

python-urllib3

SUSE Enterprise Storage 4SUSE Enterprise Storage 5SUSE Linux Enterprise Module for Public Cloud 12SUSE Manager Server 3.2

Fixed in:

1.22-3.14.1

python3-urllib3

SUSE Linux Enterprise Module for Public Cloud 12

Fixed in:

1.22-3.14.1

References

REPORThttps://bugzilla.suse.com/1119376 REPORThttps://bugzilla.suse.com/1129071 REPORThttps://bugzilla.suse.com/1132663 REPORThttps://bugzilla.suse.com/1132900 WEBhttps://www.suse.com/security/cve/CVE-2018-20060 WEBhttps://www.suse.com/security/cve/CVE-2019-11236 WEBhttps://www.suse.com/security/cve/CVE-2019-11324 WEBhttps://www.suse.com/security/cve/CVE-2019-9740 ADVISORYhttps://www.suse.com/support/update/announcement/2019/suse-su-20192370-1/

Upstream

CVE-2018-20060 CVE-2019-11236 CVE-2019-11324 CVE-2019-9740

Related

CVE-2018-20060 CVE-2019-11236 CVE-2019-11324 CVE-2019-9740

Ecosystems

SUSE Enterprise Storage 4 SUSE Enterprise Storage 5 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Manager Server 3.2

Timeline

PublishedSep 12, 2019

ModifiedSep 12, 2019