CVE-2026-44431 (HIGH): detected in Lambda Docker Images.

[the-lambda-watchdog]

CVE Details

CVE ID	Severity	Affected Package	Installed Version	Fixed Version	Date Published	Date of Scan
CVE-2026-44431	HIGH	urllib3	2.6.3	2.7.0	2026-05-13T16:16:57.15Z	2026-05-14T10:18:23.557102502Z

---

Affected Docker Images

Image Name	SHA
public.ecr.aws/lambda/python:latest	public.ecr.aws/lambda/python@sha256:ba32ff42fc0c694aa03f7136c4fefb94e34eadefb1934305f111614064e2202c
public.ecr.aws/lambda/python:3.14	public.ecr.aws/lambda/python@sha256:0f9f9c17bc7e46797bd1f31df22eeaaf8426649103f18f8b349133c69a737ef8
public.ecr.aws/lambda/python:3.13	public.ecr.aws/lambda/python@sha256:ba32ff42fc0c694aa03f7136c4fefb94e34eadefb1934305f111614064e2202c
public.ecr.aws/lambda/python:3.12	public.ecr.aws/lambda/python@sha256:6f0f363ec1ec9cda61e8d96fa8ae8ad108680e5bda086d3ce18b2714d3434bef
public.ecr.aws/lambda/python:3.11	public.ecr.aws/lambda/python@sha256:1f83243c1733b48d92529a69c67f58417682847c3368987d4c5745a3deb24f43
public.ecr.aws/lambda/python:3.10	public.ecr.aws/lambda/python@sha256:a865d1f06511c9bd395205c76d3863b8693fd1b6f37a1f74b4af719deee6c5c8

---

Description

urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followed from the low-level API via ProxyManager.connection_from_url().urlopen(..., assert_same_host=False) still forward these sensitive headers. This vulnerability is fixed in 2.7.0.

---

Remediation Steps

• Update the affected package urllib3 from version 2.6.3 to 2.7.0.

About this issue

• This issue may not contain all the information about the CVE nor the images it affects.
• This issue will not be updated with new information and the list of affected images may have changed since the creation of this issue.
• For more, visit Lambda Watchdog.
• This issue was created automatically by Lambda Watchdog.

[the-lambda-watchdog]

The vulnerability is no longer present in the latest Lambda Watchdog scans. Marking the issue as closed. 🤖