Lucene search
K

2229 matches found

RedHat Linux
RedHat Linux
added 6 days ago8 views

Moderate: Red Hat Security Advisory: python-urllib3 security update

An update for python-urllib3 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

8.2CVSS7AI score0.00527EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added last week4 views

Security Bulletin: QRadar App SDK for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. Investigation Assistant App for IBM QRadar App SDK has addressed the applicable CVEs in an update. Vulnerability Details CVEID:CVE-2026-39892 DESCRIPTION:...

9.8CVSS6.2AI score0.02667EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/07/06 6:26 a.m.3 views

OESA-2026-2816 python-urllib3 security update

HTTP library with thread-safe connection pooling, file post support, sanity friendly, and more. Security Fixes: urllib3 version 2.6.3 is vulnerable to a decompression bomb bypass in its streaming API preloadcontent=False when using Brotli support. The issue arises due to three independent code...

7.5CVSS7.4AI score0.00304EPSS
Exploits0References2
OSV
OSV
added 2026/07/06 6:26 a.m.4 views

OESA-2026-2815 python-urllib3 security update

HTTP library with thread-safe connection pooling, file post support, sanity friendly, and more. Security Fixes: urllib3 version 2.6.3 is vulnerable to a decompression bomb bypass in its streaming API preloadcontent=False when using Brotli support. The issue arises due to three independent code...

7.5CVSS6.3AI score0.00304EPSS
Exploits0References2
OSV
OSV
added 2026/07/06 6:26 a.m.4 views

OESA-2026-2813 python-urllib3 security update

HTTP library with thread-safe connection pooling, file post support, sanity friendly, and more. Security Fixes: urllib3 version 2.6.3 is vulnerable to a decompression bomb bypass in its streaming API preloadcontent=False when using Brotli support. The issue arises due to three independent code...

7.5CVSS7.4AI score0.00304EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/07/01 11:9 a.m.6 views

urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers

A flaw was found in urllib3, an HTTP client library for Python. When using the low-level API via ProxyManager.connectionfromurl.urlopen with assertsamehost=False, cross-origin redirects can still forward sensitive headers. This could allow a remote attacker to gain unauthorized access to sensitiv...

8.2CVSS6.1AI score0.00527EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/01 11:9 a.m.6 views

urllib3: urllib3: Denial of Service due to excessive HTTP response decompression

A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response,...

8.9CVSS6.1AI score0.0068EPSS
Exploits0References5
Rockylinux
Rockylinux
added 2026/07/01 6:0 a.m.6 views

python3.12-urllib3 security update

An update is available for python3.12-urllib3. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming...

8.9CVSS6.1AI score0.0068EPSS
Exploits0
OSV
OSV
added 2026/07/01 6:0 a.m.4 views

RLSA-2026:32992 Important: python3.12-urllib3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.5CVSS6.1AI score0.0068EPSS
Exploits0References3
Photon
Photon
added 2026/06/30 12:0 a.m.13 views

Important Photon OS Security Update - PHSA-2026-5.0-0911

Updates of 'rubygem-nokogiri', 'rubygem-faraday', 'python3-urllib3', 'python3-mistune' packages of Photon OS have been released...

6.1AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/29 2:12 p.m.7 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses urllib3-2.6.3-py3-none-any.whl which is vulnerable to CVE-2026-44431, CVE-2026-44432

Summary IBM Maximo Application Suite - Visual Inspection component uses urllib3-2.6.3-py3-none-any.whl which is vulnerable to CVE-2026-44431, CVE-2026-44432, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-44431 DESCRIPTION:...

8.9CVSS6.1AI score0.0068EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/29 12:53 p.m.8 views

urllib3: urllib3: Denial of Service due to excessive HTTP response decompression

A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response,...

8.9CVSS5.8AI score0.0068EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/29 12:53 p.m.6 views

urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers

A flaw was found in urllib3, an HTTP client library for Python. When using the low-level API via ProxyManager.connectionfromurl.urlopen with assertsamehost=False, cross-origin redirects can still forward sensitive headers. This could allow a remote attacker to gain unauthorized access to sensitiv...

8.2CVSS5.8AI score0.00527EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/29 12:53 p.m.22 views

Important: Red Hat Security Advisory: python3.12-urllib3 security update

An update for python3.12-urllib3 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.9CVSS5.8AI score0.0068EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/29 12:23 p.m.4 views

Security Bulletin: IBM SOAR QRadar Plugin App is vulnerable to using components with known vulnerabilities (CVE-2026-44431, CVE-2026-44432)

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM SOAR QRadar Plugin App has addressed the applicable CVEs with an update. Vulnerability Details CVEID:CVE-2026-44431 DESCRIPTION: urllib3 is an HTTP client...

8.9CVSS6.1AI score0.0068EPSS
Exploits0Affected Software1
Oracle linux
Oracle linux
added 2026/06/29 12:0 a.m.6 views

python3.12-urllib3 security update

1.26.19-3 - Security fixes for CVE-2026-44431 and CVE-2026-44432 Resolves: RHEL-185125, RHEL-184900...

8.9CVSS6.1AI score0.0068EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/26 8:1 a.m.3 views

Security Bulletin: There is a vulnerability in urllib3-2.6.3-py3-none-any.whl used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-44431)

Summary There is a vulnerability in urllib3-2.6.3-py3-none-any.whl used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-44431 DESCRIPTION: urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followe...

8.9CVSS5.8AI score0.0068EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.12 views

Oracle Linux 9 : python3.14-urllib3 (ELSA-2026-28157)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-28157 advisory. - Security fix for CVE-2026-44431 and CVE-2026-44432 Tenable has extracted the preceding description block directly from the Oracle Linux security...

8.9CVSS6.2AI score0.0068EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.11 views

AlmaLinux 9 : python3.14-urllib3 (ALSA-2026:28157)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:28157 advisory. urllib3: urllib3: Denial of Service due to excessive HTTP response decompression CVE-2026-44432 urllib3: urllib3: Information disclosure via cross-origin...

8.9CVSS6.2AI score0.0068EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.8 views

AlmaLinux 9 : python3.12-urllib3 (ALSA-2026:28159)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:28159 advisory. urllib3: urllib3: Denial of Service due to excessive HTTP response decompression CVE-2026-44432 urllib3: urllib3: Information disclosure via cross-origin...

8.9CVSS6.2AI score0.0068EPSS
Exploits0References4
Rows per page
Query Builder