Lucene search
K

15 matches found

CVE
CVE
added 2026/07/06 6:50 p.m.18 views

CVE-2026-55380

Pillow (Python imaging library) vulnerability: Prior to 12.3.0, in GdImageFile._open(), image dimensions were read from the GD 2.x header and stored in self._size without invoking Image._decompression_bomb_check(), allowing a crafted .gd file to trigger excessive C-heap allocation. Impact: potent...

7.5CVSS6AI score0.00361EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/06/19 7:16 p.m.7 views

UBUNTU-CVE-2026-9375

urllib3 version 2.6.3 is vulnerable to a decompression bomb bypass in its streaming API preloadcontent=False when using Brotli support. The issue arises due to three independent code paths in response.py that bypass the maxlength protection introduced in version 2.6.0 to mitigate CVE-2025-66471...

7.5CVSS7.5AI score0.00304EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.13 views

PT-2026-39744

🚨 High - urllib3 Sensitive Header Leak & Decompression Bomb Safeguard Bypass CVE-2026-31015 & CVE-2026-31020 Two critical vulnerabilities were identified in the urllib3 library Node.js/Python. The first flaw GHSA-qccp-gfcp-xxvc allows sensitive headers like Authorization and Cookie to be leaked...

5.8AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.5 views

AlmaLinux 8 : fence-agents (ALSA-2026:1240)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:1240 advisory. urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion CVE-2025-66418 urllib3: urllib3 Streaming API improperly handles highly...

8.9CVSS5.9AI score0.02667EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/02/12 12:0 a.m.5 views

RockyLinux 8 : fence-agents (RLSA-2026:1240)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:1240 advisory. urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion CVE-2025-66418 urllib3: urllib3 Streaming API improperly handles highly...

8.9CVSS6.5AI score0.02667EPSS
Exploits0References7
Rockylinux
Rockylinux
added 2026/02/11 9:12 a.m.6 views

python3.11-urllib3 security update

An update is available for python3.11-urllib3. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming...

8.9CVSS5.7AI score0.02667EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/02/11 12:0 a.m.6 views

RockyLinux 9 : python3.11-urllib3 (RLSA-2026:1089)

The remote RockyLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RLSA-2026:1089 advisory. urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion CVE-2025-66418 urllib3: urllib3 Streaming API improperly handles highly...

8.9CVSS5.7AI score0.02667EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/02/03 7:21 a.m.6 views

Important: Red Hat Security Advisory: fence-agents security update

An update for fence-agents is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scorin...

8.9CVSS6.7AI score0.02667EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/02/02 10:2 a.m.5 views

Important: Red Hat Security Advisory: python-urllib3 security update

An update for python-urllib3 is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

8.9CVSS6.6AI score0.02667EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/02/02 1:58 a.m.12 views

Important: Red Hat Security Advisory: python3.12-urllib3 security update

An update for python3.12-urllib3 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.9CVSS6.6AI score0.02667EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/02 12:0 a.m.5 views

MiracleLinux 9 : fence-agents-4.10.0-98.el9_7.4 (AXSA:2026-116:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-116:01 advisory. urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion CVE-2025-66418 urllib3: urllib3 Streaming API improperly handles highly...

8.9CVSS7.4AI score0.02667EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/28 12:0 a.m.4 views

MiracleLinux 9 : python-urllib3-1.26.5-6.el9_7.1 (AXSA:2026-090:01)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2026-090:01 advisory. urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion CVE-2025-66418 urllib3: urllib3 Streaming API improperly handles highly...

8.9CVSS5.9AI score0.02667EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/27 12:0 a.m.5 views

AlmaLinux 8 : python3.11-urllib3 (ALSA-2026:1224)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:1224 advisory. urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion CVE-2025-66418 urllib3: urllib3 Streaming API improperly handles highly...

8.9CVSS5.9AI score0.02667EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/27 12:0 a.m.5 views

AlmaLinux 9 : python-urllib3 (ALSA-2026:1087)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:1087 advisory. urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion CVE-2025-66418 urllib3: urllib3 Streaming API improperly handles highly...

8.9CVSS5.9AI score0.02667EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/01/26 2:11 p.m.6 views

Important: Red Hat Security Advisory: python3.11-urllib3 security update

An update for python3.11-urllib3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.9CVSS6.6AI score0.02667EPSS
Exploits0References4
Rows per page
Query Builder