gitlab-cng-18.1
Chainguard
6.1
CVSS V3
Status
Impact
The urllib3 dependency at version 1.26.20 contains a vulnerability that is fixed in 2.5. This is a transitive dependency brought in by awscli<2 through botocore and cannot be directly overridden(urllib3<1.27,>=1.25.4 (from botocore==1.40.28->awscli<2)). Resolution requires:
Status