Lucene search
K

10 matches found

RedHat Linux
RedHat Linux
added 2026/06/29 12:53 p.m.8 views

urllib3: urllib3: Denial of Service due to excessive HTTP response decompression

A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response,...

8.9CVSS5.8AI score0.0068EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/23 10:51 a.m.6 views

urllib3: urllib3: Denial of Service due to excessive HTTP response decompression

A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response,...

8.9CVSS5.9AI score0.0068EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/23 10:47 a.m.5 views

urllib3: urllib3: Denial of Service due to excessive HTTP response decompression

A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response,...

8.9CVSS5.9AI score0.0068EPSS
Exploits0References5
OSV
OSV
added 2026/06/23 12:0 a.m.3 views

ALSA-2026:28158 Important: python-urllib3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

8.9CVSS6.2AI score0.0068EPSS
Exploits0References6
OSV
OSV
added 2026/06/23 12:0 a.m.4 views

ALSA-2026:28157 Important: python3.14-urllib3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

8.9CVSS6.2AI score0.0068EPSS
Exploits0References6
Ubuntu
Ubuntu
added 2026/06/03 1:50 p.m.10 views

USN-8379-1: urllib3 vulnerabilities

It was discovered that urllib3 incorrectly handled cross-origin redirects in ProxyManager. A remote attacker could possibly use this issue to obtain sensitive information. CVE-2026-44431 It was discovered that urllib3 incorrectly handled decompression of specially crafted responses. A remote...

8.9CVSS5.5AI score0.0068EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/02 7:8 p.m.8 views

CVE-2026-48594

Improper Handling of Highly Compressed Data Data Amplification vulnerability in elixir-tesla tesla allows a denial of service via decompression bomb in HTTP response bodies. When Tesla.Middleware.DecompressResponse or Tesla.Middleware.Compression is included in a Tesla middleware pipeline, HTTP...

8.2CVSS5.8AI score0.00329EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/05/13 4:16 p.m.9 views

PYSEC-2026-142

urllib3 is an HTTP client library for Python. From 2.6.0 to before 2.7.0, urllib3 could decompress the whole response instead of the requested portion 1 during the second HTTPResponse.readamt=N call when the response was decompressed using the official Brotli library or 2 when...

7.5CVSS5.8AI score0.0068EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/05/13 4:16 p.m.11 views

CVE-2026-44432

urllib3 is an HTTP client library for Python. From 2.6.0 to before 2.7.0, urllib3 could decompress the whole response instead of the requested portion 1 during the second HTTPResponse.readamt=N call when the response was decompressed using the official Brotli library or 2 when...

8.9CVSS5.8AI score0.0068EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/13 3:17 p.m.13 views

CVE-2026-44432

urllib3 is an HTTP client library for Python. From 2.6.0 to before 2.7.0, urllib3 could decompress the whole response instead of the requested portion 1 during the second HTTPResponse.readamt=N call when the response was decompressed using the official Brotli library or 2 when...

8.9CVSS5.8AI score0.0068EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder