Lucene search
K

6 matches found

OSV
OSV
added 3 days ago4 views

OESA-2026-2815 python-urllib3 security update

HTTP library with thread-safe connection pooling, file post support, sanity friendly, and more. Security Fixes: urllib3 version 2.6.3 is vulnerable to a decompression bomb bypass in its streaming API preloadcontent=False when using Brotli support. The issue arises due to three independent code...

7.5CVSS6.3AI score0.00304EPSS
Exploits0References2
OSV
OSV
added 3 days ago4 views

OESA-2026-2814 python-urllib3 security update

HTTP library with thread-safe connection pooling, file post support, sanity friendly, and more. Security Fixes: urllib3 version 2.6.3 is vulnerable to a decompression bomb bypass in its streaming API preloadcontent=False when using Brotli support. The issue arises due to three independent code...

7.5CVSS6.3AI score0.00304EPSS
Exploits0References2
OSV
OSV
added 3 days ago4 views

OESA-2026-2813 python-urllib3 security update

HTTP library with thread-safe connection pooling, file post support, sanity friendly, and more. Security Fixes: urllib3 version 2.6.3 is vulnerable to a decompression bomb bypass in its streaming API preloadcontent=False when using Brotli support. The issue arises due to three independent code...

7.5CVSS7.4AI score0.00304EPSS
Exploits0References2
Circl
Circl
added 2026/06/20 11:11 p.m.10 views

CVE-2026-9375

creationtimestamp| type| source ---|---|--- 2026-06-20 23:11:09+00:00| seen| https://bsky.app/profile/hugovalters.bsky.social/post/3moqy56mrki2s...

7.5CVSS5.8AI score0.00304EPSS
Exploits0References1
OSV
OSV
added 2026/06/19 7:16 p.m.15 views

DEBIAN-CVE-2026-9375

urllib3 version 2.6.3 is vulnerable to a decompression bomb bypass in its streaming API preloadcontent=False when using Brotli support. The issue arises due to three independent code paths in response.py that bypass the maxlength protection introduced in version 2.6.0 to mitigate CVE-2025-66471...

7.5CVSS6.3AI score0.00304EPSS
Exploits0References1
NVD
NVD
added 2026/06/19 7:16 p.m.7 views

CVE-2026-9375

urllib3 version 2.6.3 is vulnerable to a decompression bomb bypass in its streaming API preloadcontent=False when using Brotli support. The issue arises due to three independent code paths in response.py that bypass the maxlength protection introduced in version 2.6.0 to mitigate CVE-2025-66471...

7.5CVSS0.00304EPSS
Exploits0References2
Rows per page
Query Builder