Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

RedHat Linux
RedHat Linuxadded 3 days ago5 views

urllib3: urllib3: Denial of Service due to excessive HTTP response decompression

A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response,...

8.9CVSS5.9AI score0.00388EPSS
Exploits0References5
AstraLinux
AstraLinuxadded 2026/05/20 5:53 a.m.5 views

Astra Linux - уязвимость в python-urllib3

urllib3 is a HTTP client library for Python. The streaming API of urllib3 is designed for efficiently handling large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP...

8.9CVSS6.8AI score0.0068EPSS
Exploits0References2
OSV
OSVadded 2026/02/17 9:38 a.m.3 views

SUSE-SU-2026:20485-1 Security update for python-urllib3

This update for python-urllib3 fixes the following issues: - CVE-2025-66471: excessive resource consumption via decompression of highly compressed data in Streaming API bsc1254867. - CVE-2025-66418: resource exhaustion via unbounded number of links in the decompression chain bsc1254866...

8.9CVSS6.7AI score0.00622EPSS
Exploits0References5
OSV
OSVadded 2026/02/06 3:54 p.m.3 views

OESA-2026-1289 python-urllib3 security update

HTTP library with thread-safe connection pooling, file post support, sanity friendly, and more. Security Fixes: urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles highly compressed data. urllib3's streaming A...

8.9CVSS5.7AI score0.0068EPSS
Exploits0References3
Amazon
Amazonadded 2026/01/23 12:0 a.m.10 views

Medium: python3.11-pip

Issue Overview: urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps leading to high CPU usage an...

8.9CVSS7.3AI score0.00622EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2025/12/15 4:38 p.m.3 views

CVE-2025-66471

urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles highly compressed data. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than...

8.9CVSS6.8AI score0.00622EPSS
Exploits0References5
Rows per page
Query Builder