Important: Red Hat Security Advisory: python3.12-urllib3 security update

An update for python3.12-urllib3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion

A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain...

Important: Red Hat Security Advisory: python-urllib3 security update

An update for python-urllib3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Important: Red Hat Security Advisory: python-urllib3 security update

An update for python-urllib3 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

CLSA-2026-1769420040 python2: Fix of CVE-2025-12084

CVE-2025-12084: fix quadratic algorithm in clearidcache dependency, prevent impact on availability of excessively nested documents...

Exploit for CVE-2026-24061

Youtubehttps://youtu.be...

openSUSE 16 Security Update : python-urllib3 (openSUSE-SU-2026:20088-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20088-1 advisory. - CVE-2026-21441: Fixed excessive resource consumption during decompression of data in HTTP redirect responses bsc1256331. Tenable has extracted the...

openSUSE 16 Security Update : python-jaraco.context (openSUSE-SU-2026:20095-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20095-1 advisory. - CVE-2026-23949: Fixed malicious tar archives may lead to path traversal bsc1256954. Tenable has extracted the preceding description block directly fro...

Oracle Linux 8 : python3.11-urllib3 (ELSA-2026-1224)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-1224 advisory. - Security fix for CVE-2025-66471 - Security fix for CVE-2025-66418 Tenable has extracted the preceding description block directly from the Oracle Linu...

python-urllib3 security update

1.24.2-9 - Security fix for CVE-2025-66471 - Security fix for CVE-2025-66418 - Security fix for CVE-2026-21441 Resolves: RHEL-139410...

python3.12-urllib3 security update

1.26.19-2 - Security fix for CVE-2025-66471 - Security fix for CVE-2025-66418 - Security fix for CVE-2026-21441 Resolves: RHEL-139409...

python3.11-urllib3 security update

1.26.12-6 - Security fix for CVE-2025-66471 - Security fix for CVE-2025-66418 - Security fix for CVE-2026-21441 Resolves: RHEL-140555, RHEL-139408...

python-urllib3 security update

1.26.5-6.1 - Security fix for CVE-2025-66471 - Security fix for CVE-2025-66418 - Security fix for CVE-2026-21441 Resolves: RHEL-139401...

python3.12-urllib3 security update

1.26.19-1.1 - Security fix for CVE-2025-66471 - Security fix for CVE-2025-66418 - Security fix for CVE-2026-21441 Resolves: RHEL-139403...

python3.11-urllib3 security update

1.26.12-5.1 - Security fix for CVE-2025-66471 - Security fix for CVE-2025-66418 - Security fix for CVE-2026-21441 Resolves: RHEL-140565, RHEL-139404...

python-urllib3 security update

1.26.19-2.1 - Security fix for CVE-2025-66471 - Security fix for CVE-2025-66418 - Security fix for CVE-2026-21441 Resolves: RHEL-139387...

PT-2026-4830

Name of the Vulnerable Software and Affected Versions sigstore-python versions prior to 4.2.0 Description sigstore-python is a Python tool used for generating and verifying Sigstore signatures. A flaw exists in the OAuth authentication flow, making it susceptible to Cross-Site Request Forgery. Th...

ALSA-2026:1224 Important: python3.11-urllib3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

ALSA-2026:1087 Important: python-urllib3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

sigstore-python Cross-Site Request Forgery Vulnerability

sigstore-python is an open-source tool developed by sigstore for generating and verifying Sigstore signatures in Python. Versions of sigstore-python prior to 4.2.0 contained a cross-site request forgeing vulnerability. This vulnerability stemmed from the OAuth authentication process’s...