Debian: Security Advisory (DSA-6102-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 6102-1] python-urllib3 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6102-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 17, 2026 https://www.debian.org/security/faq -...

DSA-6102-1 python-urllib3 - security update

Bulletin has no description...

Debian dsa-6102 : python3-urllib3 - security update

The remote Debian 12 / 13 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-6102 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6102-1 [email protected]...

Critical Photon OS Security Update - PHSA-2026-5.0-0741

Updates of 'linux-esx', 'linux', 'python3-urllib3' packages of Photon OS have been released...

MiracleLinux 7 : python-urllib3-1.10.2-7.el7 (AXSA:2019-4182:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2019-4182:01 advisory. python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure CVE-2018-20060 python-urllib3: CRLF injection...

Ubuntu: Security Advisory (USN-7955-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-7927-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-7927-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OPENSUSE-SU-2026:10049-1 python311-urllib3-2.6.3-1.1 on GA media

These are all security issues fixed in the python311-urllib3-2.6.3-1.1 package on the GA media of openSUSE Tumbleweed...

USN-7955-1 python-urllib3 vulnerability

It was discovered that urllib3 incorrectly handled decompression during HTTP redirects. An attacker could possibly use this issue to cause urllib3 to use excessive resources, causing a denial of service...

ROOT-OS-DEBIAN-12-CVE-2026-21441 CVE-2026-21441 in rootio-python-urllib3 - Patched by Root

Root has patched CVE-2026-21441 in the rootio-python-urllib3 package for Root:Debian:12. Multiple fixed versions available...

ROOT-OS-DEBIAN-12-CVE-2025-66418 CVE-2025-66418 in rootio-python-urllib3 - Patched by Root

Root has patched CVE-2025-66418 in the rootio-python-urllib3 package for Root:Debian:12. Multiple fixed versions available...

Fedora: Security Advisory (FEDORA-2026-724d1b1044)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 43 : python-urllib3 (2026-724d1b1044)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-724d1b1044 advisory. 2.6.3 2026-01-07 - Fixed a high-severity security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were...

OPENSUSE-SU-2026:10026-1 python311-urllib3-2.6.2-1.1 on GA media

These are all security issues fixed in the python311-urllib3-2.6.2-1.1 package on the GA media of openSUSE Tumbleweed...

AZL-73730 CVE-2026-21441 affecting package python-urllib3 for versions less than 2.0.7-4

urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP...

Critical Photon OS Security Update - PHSA-2026-4.0-0938

Updates of 'sssd', 'gst-plugins-bad', 'capstone', 'python3-urllib3' packages of Photon OS have been released...

Critical Photon OS Security Update - PHSA-2026-5.0-0726

Updates of 'sssd', 'net-snmp', 'python3-urllib3' packages of Photon OS have been released...

Medium: python-urllib3

Issue Overview: urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps leading to high CPU usage an...