166 matches found
CVE-2026-59939
A flaw was found in httplib2, a Python HTTP client library. This vulnerability allows a malicious or compromised HTTP server to send a small compressed data payload that, when decompressed by httplib2, expands to an extremely large size in memory. This unbounded decompression can lead to a Denial...
CVE-2026-59939
creationtimestamp| type| source ---|---|--- 2026-07-09 16:00:46+00:00| seen| https://www.acn.gov.it/portale/w/httplib2-poc-pubblico-per-lo-sfruttamento-della-cve-2026-59939 2026-07-10 01:00:48+00:00| seen|...
Linux Distros Unpatched Vulnerability : CVE-2026-59939
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - httplib2 is a comprehensive HTTP client library for Python. Prior to 0.32.0, httplib2 performs unbounded decompression of HTTP response bodies encoded with...
CVE-2026-59939 httplib2: Decompression Bomb Denial of Service via Unbounded gzip/deflate Response Handling
httplib2 is a comprehensive HTTP client library for Python. Prior to 0.32.0, httplib2 performs unbounded decompression of HTTP response bodies encoded with Content-Encoding: gzip or deflate in decompressContent in httplib2/init.py, allowing a malicious or compromised HTTP server to return a small...
CVE-2026-59939
httplib2 is a comprehensive HTTP client library for Python. Prior to 0.32.0, httplib2 performs unbounded decompression of HTTP response bodies encoded with Content-Encoding: gzip or deflate in decompressContent in httplib2/init.py, allowing a malicious or compromised HTTP server to return a small...
CVE-2026-59939
The CVE-2026-59939 affects the Python httplib2 library prior to 0.32.0. The root cause is unbounded decompression of HTTP response bodies encoded with gzip or deflate in _decompressContent, allowing a malicious server to send a small compressed payload that expands to very large in-memory size, l...
PT-2026-56548
Name of the Vulnerable Software and Affected Versions httplib2 versions prior to 0.32.0 Description An issue exists where the library performs unbounded decompression of HTTP response bodies encoded with Content-Encoding: gzip or deflate within the decompressContent function in httplib2/init.py. ...
Astra Linux – Vulnerability in python-httplib2
In httplib2 before version 0.18.0, an attacker who controlled unescaped parts of the URI for httplib2.Http.request could alter request headers and the request body, and send additional hidden requests to the same server. This vulnerability affects software that uses httplib2 with URIs constructed...
Astra Linux – Vulnerability in python-httplib2
httplib2 is a comprehensive HTTP client library for Python. In httplib2 before version 0.19.0, a malicious server that responded with a long series of "\xa0" characters in the “www-authenticate” header could cause a Denial of Service attack, resulting in excessive CPU usage during header parsing ...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-httplib2 (UTSA-2026-017469)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017469 advisory. httplib2 is a comprehensive HTTP client library for Python. In httplib2 before version 0.19.0, a malicious server which responds with long series of \xa0 characters ...
EUVD-2014-0021
Malware in sbrugna...
EUVD-2020-0085
Malware in sbrugna...
EUVD-2021-0098
Malware in sbrugna...
NewStart CGSL MAIN 6.06 : python-httplib2 Vulnerability (NS-SA-2025-0206)
The remote NewStart CGSL host, running version MAIN 6.06, has python-httplib2 packages installed that are affected by a vulnerability: - httplib2 0.7.2, 0.8, and earlier, after an initial connection is made, does not verify that the server hostname matches a domain name in the subject's Common Na...
Malicious code in google-auth-httplib2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0e57c6a4e7ad5efe49fa44cffce46a4872792f3f1225d726be0b6a6c3d5ed156 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Linux Distros Unpatched Vulnerability : CVE-2021-21240
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - httplib2 is a comprehensive HTTP client library for Python. In httplib2 before version 0.19.0, a malicious server which responds with long series of \xa0...
Linux Distros Unpatched Vulnerability : CVE-2020-11078
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for httplib2.Http.request could change request headers and body, send additiona...
RHSA-2021:2116 Red Hat Security Advisory: Red Hat OpenStack Platform 16.1.6 (python-httplib2) security update
Bulletin has no description...
OPENSUSE-SU-2024:14141-1 python310-httplib2-0.22.0-4.5 on GA media
These are all security issues fixed in the python310-httplib2-0.22.0-4.5 package on the GA media of openSUSE Tumbleweed...
openSUSE Security Advisory (SUSE-SU-2024:1639-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...