What Changed
The ESET Protect Platform connector dependencies have been updated to urllib3 2.5.0, addressing two moderate security vulnerabilities in redirect handling.
Security Impact (Visibility & Fidelity)
urllib3 2.5.0 fixes two CVE vulnerabilities:
- CVE-2025-50181: Pool managers now properly control redirects when retries parameter is passed
- CVE-2025-50182: Redirects are now controlled by urllib3 in the Node.js runtime
Both vulnerabilities had CVSS scores of 5.3 (Medium) but represent potential security bypass conditions in HTTP client redirect handling that could affect connector reliability and security posture.
Affected Files
Solutions/ESET Protect Platform/Data Connectors/requirements.txt (urllib3 2.4.0 → 2.5.0)