CVE-2019-11324 in Python and Canonical Products
Published on April 18, 2019

The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome. This is related to use of the ssl_context, ca_certs, or ca_certs_dir argument.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2019-11324

stack.watch emails you whenever new vulnerabilities are published in Python Urllib3 or Canonical Ubuntu Linux. Just hit a watch button to start following.

Python Urllib3

Canonical Ubuntu Linux

Exploit Probability

EPSS

1.32%

Percentile

79.70%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-11324 in Python and Canonical ProductsPublished on April 18, 2019

Products Associated with CVE-2019-11324

Exploit Probability

CVE-2019-11324 in Python and Canonical Products
Published on April 18, 2019