Vulnerability [CVE-2025-50182, CVE-2025-50181] is getting reported for package urllib3 · kubernetes-client/python#2424

(6 comments) (0 reactions) (0 assignees)Python (6,225 stars) (3,323 forks)batch import

help wanted

説明

Vulnerability [https://github.com/advisories/GHSA-48p4-8xcf-vxj5, https://github.com/advisories/GHSA-pq67-6m6q-mj2v] is getting reported for the Python package urllib3 while installing the Kubernetes package version 33.1.0. Can you please provide the details on when we are releasing the latest version with this fix in it? Please provide the details of the Kubernetes version in which this has been fixed.

kubernetes-33.1.0-py2.py3-none-any.whl (Root Library)
❌ urllib3-2.4.0-py3-none-any.whl (Vulnerable Library)

コントリビューターガイド

技術スタック: python
領域: security
Issue 種別: security
難度: 2
推定時間: 1-3 hours
活動状況: needs maintainer response
明確さ: clear
前提条件: PythonKubernetes
初心者向け度: 40
調査方針: Check the issue comments for any maintainer responses. Look at the GitHub releases of kubernetes client/python to see if a newer version includes the fix. Also check the urllib3 advisory for patched versions. Provide a clear answer with the fixed version number and release date.