Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2026/03/10 6:54 p.m.3 views

SUSE-SU-2026:20665-1 Security update for python311

This update for python311 fixes the following issues: - CVE-2025-11468: preserving parens when folding comments in email headers. bsc1257029 - CVE-2026-0672: rejects control characters in http cookies. bsc1257031 - CVE-2026-0865: rejecting control characters in wsgiref.headers.Headers, which coul...

6.3CVSS5.8AI score0.00205EPSS
Exploits1References15
OSV
OSVadded 2026/01/26 12:0 a.m.3 views

ALSA-2026:1239 Important: fence-agents security update

The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fixes: urllib3: urllib3: Unbounded decompression chain leads to resource...

8.9CVSS7.5AI score0.00019EPSS
Exploits0References8
OSV
OSVadded 2026/01/23 12:24 p.m.6 views

OESA-2026-1235 python-urllib3 security update

HTTP library with thread-safe connection pooling, file post support, sanity friendly, and more. Security Fixes: urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious...

8.9CVSS5.5AI score0.00019EPSS
Exploits0References2
SUSE CVE
SUSE CVEadded 2023/02/15 3:48 a.m.1 views

SUSE CVE-2021-3733

There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client such as web browser connects to, could trigger a Regular Expression Denial of Service ReDOS during an authentication request with a specially crafted payload that is sen...

4CVSS9.3AI score0.00653EPSS
Exploits1References43
Tenable Nessus
Tenable Nessusadded 2019/07/15 12:0 a.m.31 views

Debian DLA-1852-1 : python3.4 security update

The urllib library in Python ships support for a second, not well known URL scheme for accessing local files 'localfile://'. This scheme can be used to circumvent protections that try to block local file access and only block the well-known 'file://' schema. This update addresses the vulnerabilit...

9.1CVSS6.7AI score0.00918EPSS
Exploits1References4
Check Point Advisories
Check Point Advisoriesadded 2019/03/19 12:0 a.m.3 views

Python Project urllib CRLF Injection (CVE-2019-9740)

A CRLF injection vulnerability exists in Python Project urllib library. Successful exploitation could allow attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks...

4.3CVSS2.9AI score0.0991EPSS
Exploits1
OSV
OSVadded 2014/12/12 11:59 a.m.0 views

UBUNTU-CVE-2014-9365

The HTTP clients in the 1 httplib, 2 urllib, 3 urllib2, and 4 xmlrpclib libraries in CPython aka Python 2.x before 2.7.9 and 3.x before 3.4.3, when accessing an HTTPS URL, do not a check the certificate against a trust store or verify that the server hostname matches a domain name in the subject'...

5.8CVSS6.8AI score0.02758EPSS
Exploits1References3
Rows per page
Query Builder