CVE-2025-15282
Lifecycle Timeline
3DescriptionCVE.org
User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype.
Analysis
User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype.
Technical ContextAI
User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype.
Affected ProductsAI
User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype.
RemediationAI
Monitor vendor advisories for a patch.
Same technique Code Injection
View allShare
External POC / Exploit Code
Leaving vuln.today