Lucene search
K

10 matches found

OSV
OSV
added 2026/02/06 3:57 p.m.7 views

OESA-2026-1332 python-pip security update

pip is the package installer for Python. You can use pip to install packages from the Python Package Index and other indexes. %global bashcompdir %b=$pkg-config --variable=completionsdir bash-completion 2/dev/null; echo $b:-/bashcompletion.d Name: python-pip Version: 23.3.1 Release: 6 Summary: A...

8.9CVSS7.1AI score0.00633EPSS
Exploits0References2
OSV
OSV
added 2026/01/30 12:27 p.m.4 views

OESA-2026-1252 python-pip security update

pip is the package installer for Python. You can use pip to install packages from the Python Package Index and other indexes. %global bashcompdir %b=$pkg-config --variable=completionsdir bash-completion 2/dev/null; echo $b:-/bashcompletion.d Name: python-pip Version: 23.3.1 Release: 6 Summary: A...

8.9CVSS7.4AI score0.01141EPSS
Exploits3References2
RedHat Linux
RedHat Linux
added 2026/01/28 11:24 a.m.6 views

urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion

A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain...

8.9CVSS5.7AI score0.00633EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/01/27 9:10 a.m.11 views

urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion

A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain...

8.9CVSS5.7AI score0.00633EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/01/27 8:38 a.m.4 views

urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion

A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain...

8.9CVSS5.7AI score0.00633EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/04/18 4:40 p.m.7 views

curl: HTTP multi-header compression denial of service

A flaw was found in the Curl package. A malicious server can insert an unlimited number of compression steps. This decompression chain could result in out-of-memory errors...

6.5CVSS6.8AI score0.01703EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2022/08/24 3:12 p.m.5 views

curl: HTTP compression denial of service

A vulnerability was found in curl. This issue occurs because the number of acceptable "links" in the "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps. This flaw leads to a denial of service, either by mistake or by a...

6.5CVSS6.7AI score0.3197EPSS
Exploits1References5
curl security advisories
curl security advisories
added 2022/06/27 8:0 a.m.7 views

HTTP compression denial of service

curl supports "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited...

6.5CVSS7.1AI score0.3197EPSS
Exploits1References1Affected Software2
CNNVD
CNNVD
added 2022/06/27 12:0 a.m.3 views

curl 资源管理错误漏洞

curl is a tool for transferring data from or to a server. A resource management error vulnerability exists in curl versions 7.57.0 through 7.83.1, which stems from the lack of a limit on the number of links in the chained HTTP compression algorithm supported by curl. An attacker exploiting this...

6.5CVSS7.3AI score0.3197EPSS
Exploits1References44
OSV
OSV
added 2022/06/27 12:0 a.m.2 views

UBUNTU-CVE-2022-32206

curl 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually...

6.5CVSS6.7AI score0.3197EPSS
Exploits1References4
Rows per page
Query Builder