Lucene search
K

166 matches found

RedhatCVE
RedhatCVE
added last week5 views

CVE-2026-59939

A flaw was found in httplib2, a Python HTTP client library. This vulnerability allows a malicious or compromised HTTP server to send a small compressed data payload that, when decompressed by httplib2, expands to an extremely large size in memory. This unbounded decompression can lead to a Denial...

7.5CVSS5.8AI score0.00358EPSS
Exploits1References6
Circl
Circl
added last week8 views

CVE-2026-59939

creationtimestamp| type| source ---|---|--- 2026-07-09 16:00:46+00:00| seen| https://www.acn.gov.it/portale/w/httplib2-poc-pubblico-per-lo-sfruttamento-della-cve-2026-59939 2026-07-10 01:00:48+00:00| seen|...

7.5CVSS5.9AI score0.00358EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/07/09 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-59939

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - httplib2 is a comprehensive HTTP client library for Python. Prior to 0.32.0, httplib2 performs unbounded decompression of HTTP response bodies encoded with...

7.5CVSS6.1AI score0.00358EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/07/08 7:34 p.m.31 views

CVE-2026-59939 httplib2: Decompression Bomb Denial of Service via Unbounded gzip/deflate Response Handling

httplib2 is a comprehensive HTTP client library for Python. Prior to 0.32.0, httplib2 performs unbounded decompression of HTTP response bodies encoded with Content-Encoding: gzip or deflate in decompressContent in httplib2/init.py, allowing a malicious or compromised HTTP server to return a small...

7.5CVSS0.00358EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2026/07/08 7:34 p.m.13 views

CVE-2026-59939

httplib2 is a comprehensive HTTP client library for Python. Prior to 0.32.0, httplib2 performs unbounded decompression of HTTP response bodies encoded with Content-Encoding: gzip or deflate in decompressContent in httplib2/init.py, allowing a malicious or compromised HTTP server to return a small...

7.5CVSS6AI score0.00358EPSS
Exploits1
CVE
CVE
added 2026/07/08 7:34 p.m.9 views

CVE-2026-59939

The CVE-2026-59939 affects the Python httplib2 library prior to 0.32.0. The root cause is unbounded decompression of HTTP response bodies encoded with gzip or deflate in _decompressContent, allowing a malicious server to send a small compressed payload that expands to very large in-memory size, l...

7.5CVSS6AI score0.00358EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.5 views

PT-2026-56548

Name of the Vulnerable Software and Affected Versions httplib2 versions prior to 0.32.0 Description An issue exists where the library performs unbounded decompression of HTTP response bodies encoded with Content-Encoding: gzip or deflate within the decompressContent function in httplib2/init.py. ...

7.5CVSS6.1AI score0.00358EPSS
Exploits1References18
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in python-httplib2

In httplib2 before version 0.18.0, an attacker who controlled unescaped parts of the URI for httplib2.Http.request could alter request headers and the request body, and send additional hidden requests to the same server. This vulnerability affects software that uses httplib2 with URIs constructed...

6.8CVSS6.4AI score0.02593EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in python-httplib2

httplib2 is a comprehensive HTTP client library for Python. In httplib2 before version 0.19.0, a malicious server that responded with a long series of "\xa0" characters in the “www-authenticate” header could cause a Denial of Service attack, resulting in excessive CPU usage during header parsing ...

7.5CVSS7AI score0.03876EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-httplib2 (UTSA-2026-017469)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017469 advisory. httplib2 is a comprehensive HTTP client library for Python. In httplib2 before version 0.19.0, a malicious server which responds with long series of \xa0 characters ...

7.5CVSS7.1AI score0.03876EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.14 views

EUVD-2014-0021

Malware in sbrugna...

2.6CVSS6.1AI score0.01324EPSS
Exploits1References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-0085

Malware in sbrugna...

6.8CVSS6.5AI score0.02593EPSS
Exploits0References30
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2021-0098

Malware in sbrugna...

7.5CVSS7.6AI score0.03876EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2025/09/30 12:0 a.m.6 views

NewStart CGSL MAIN 6.06 : python-httplib2 Vulnerability (NS-SA-2025-0206)

The remote NewStart CGSL host, running version MAIN 6.06, has python-httplib2 packages installed that are affected by a vulnerability: - httplib2 0.7.2, 0.8, and earlier, after an initial connection is made, does not verify that the server hostname matches a domain name in the subject's Common Na...

2.6CVSS5.8AI score0.01324EPSS
Exploits1References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/06/10 2:56 a.m.5 views

Malicious code in google-auth-httplib2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0e57c6a4e7ad5efe49fa44cffce46a4872792f3f1225d726be0b6a6c3d5ed156 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2021-21240

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - httplib2 is a comprehensive HTTP client library for Python. In httplib2 before version 0.19.0, a malicious server which responds with long series of \xa0...

7.5CVSS7.5AI score0.03876EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2020-11078

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for httplib2.Http.request could change request headers and body, send additiona...

6.8CVSS6.6AI score0.02593EPSS
Exploits0References3
OSV
OSV
added 2024/09/18 4:28 a.m.16 views

RHSA-2021:2116 Red Hat Security Advisory: Red Hat OpenStack Platform 16.1.6 (python-httplib2) security update

Bulletin has no description...

7.5CVSS6.7AI score0.03876EPSS
Exploits1References13
OSV
OSV
added 2024/07/12 12:0 a.m.13 views

OPENSUSE-SU-2024:14141-1 python310-httplib2-0.22.0-4.5 on GA media

These are all security issues fixed in the python310-httplib2-0.22.0-4.5 package on the GA media of openSUSE Tumbleweed...

7.5CVSS6.9AI score0.03876EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2024/07/10 12:0 a.m.20 views

openSUSE Security Advisory (SUSE-SU-2024:1639-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS5.3AI score0.01034EPSS
Exploits0References16
Rows per page
Query Builder