Lucene search
K

125 matches found

OSV
OSV
added 2026/02/11 9:10 a.m.6 views

RLSA-2026:1241 Important: resource-agents security update

The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several services to allow operating in a high-availability HA environment. Security Fixes: urllib3: urllib3: Unbounded decompression chain leads to resource...

7.5CVSS5.6AI score0.02667EPSS
Exploits0References4
Rockylinux
Rockylinux
added 2026/02/11 9:10 a.m.5 views

python-urllib3 security update

An update is available for python-urllib3. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming...

8.9CVSS5.7AI score0.02667EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/02/09 2:21 a.m.3 views

Scrapy: python-scrapy: brotli: Python brotli decompression bomb DoS

Scrapy are vulnerable to a denial of service DoS attack due to a flaw in its brotli decompression implementation. The protection mechanism against decompression bombs fails to mitigate the brotli variant, allowing remote servers to crash clients with less than 80GB of available memory. This occur...

7.5CVSS5.8AI score0.00509EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.6 views

Amazon Linux 2 : python-urllib3, --advisory ALAS2-2026-3156 (ALAS-2026-3156)

The version of python-urllib3 installed on the remote host is prior to 1.25.9-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3156 advisory. urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number...

8.9CVSS5.8AI score0.00633EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.5 views

Amazon Linux 2 : python3-urllib3, --advisory ALAS2-2026-3131 (ALAS-2026-3131)

The version of python3-urllib3 installed on the remote host is prior to 1.25.6-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3131 advisory. urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP...

8.9CVSS5.6AI score0.02667EPSS
Exploits0References4
OSV
OSV
added 2026/02/03 1:9 p.m.4 views

SUSE-SU-2026:0367-1 Security update for python-urllib3

This update for python-urllib3 fixes the following issues: - CVE-2025-66471: excessive resource consumption via decompression of highly compressed data in Streaming API bsc1254867. - CVE-2025-66418: resource exhaustion via unbounded number of links in the decompression chain bsc1254866...

8.9CVSS7.1AI score0.00633EPSS
Exploits0References5
OPENSUSE Linux
OPENSUSE Linux
added 2026/02/03 12:0 a.m.3 views

Security update for python-urllib3 (important)

openSUSE security update: security update for python-urllib3 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20127-1 Rating: important References: bsc1254866 bsc1254867 Cross-References: CVE-2025-66418 CVE-2025-66471 CVSS scores: CVE-2025-66418 SUSE...

6.9CVSS5.4AI score0.00633EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/02/02 3:49 p.m.4 views

Important: Red Hat Security Advisory: python-urllib3 security update

An update for python-urllib3 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.9CVSS6.6AI score0.02667EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/02/02 1:10 p.m.13 views

Important: Red Hat Security Advisory: python3.11-urllib3 security update

An update for python3.11-urllib3 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.9CVSS6.6AI score0.02667EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/30 12:0 a.m.6 views

MiracleLinux 8 : python-urllib3-1.24.2-9.el8_10 (AXSA:2026-099:02)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2026-099:02 advisory. urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion CVE-2025-66418 urllib3: urllib3 Streaming API improperly handles highly...

8.9CVSS5.9AI score0.02667EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/01/29 9:8 a.m.5 views

Important: Red Hat Security Advisory: python3.11-urllib3 security update

An update for python3.11-urllib3 is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

8.9CVSS6.6AI score0.02667EPSS
Exploits0References4
Veracode
Veracode
added 2026/01/28 7:57 a.m.5 views

Denial Of Service (DoS)

Next.js is vulnerable to a Denial of Service DoS vulnerability. The vulnerability is due to unbounded request body buffering and unbounded decompression in the Partial Prerendering PPR resume endpoint, which allows an attacker to send specially crafted unauthenticated POST requests or compressed...

7.5CVSS5.9AI score0.00363EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2026/01/27 9:34 a.m.9 views

Important: Red Hat Security Advisory: resource-agents security update

An update for resource-agents is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.9CVSS6.6AI score0.00633EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/01/26 6:30 p.m.3 views

Important: Red Hat Security Advisory: fence-agents security update

An update for fence-agents is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

8.9CVSS6.7AI score0.02667EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/01/26 3:3 p.m.5 views

Important: Red Hat Security Advisory: python3.11-urllib3 security update

An update for python3.11-urllib3 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.9CVSS6.6AI score0.02667EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/01/26 1:9 p.m.4 views

Important: Red Hat Security Advisory: python-urllib3 security update

An update for python-urllib3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

8.9CVSS6.6AI score0.02667EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2026/01/26 12:0 a.m.13 views

Important: resource-agents security update

The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several services to allow operating in a high-availability HA environment. Security Fixes: urllib3: urllib3: Unbounded decompression chain leads to resource...

8.9CVSS6.7AI score0.02667EPSS
Exploits0References8
OSV
OSV
added 2026/01/23 12:24 p.m.4 views

OESA-2026-1233 python-urllib3 security update

HTTP library with thread-safe connection pooling, file post support, sanity friendly, and more. Security Fixes: urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious...

8.9CVSS5.5AI score0.00633EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.6 views

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2025-66418)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-66418 advisory. - urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior ...

8.9CVSS5.6AI score0.00633EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 9 : bzip2-1.0.8-10.el9_5 (AXSA:2025-9645:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9645:02 advisory. bzip2: bzip2: Data integrity error when decompressing with data integrity tests fail. CVE-2019-12900 Tenable has extracted the preceding description block...

9.8CVSS7.5AI score0.08042EPSS
Exploits0References2
Rows per page
Query Builder