Important: python3.11-pip

Issue Overview: urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression...

Important: Red Hat Security Advisory: python3.11-urllib3 security update

An update for python3.11-urllib3 is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...

OPENSUSE-SU-2026:20088-1 Security update for python-urllib3

This update for python-urllib3 fixes the following issues: - CVE-2026-21441: Fixed excessive resource consumption during decompression of data in HTTP redirect responses bsc1256331...

python311-urllib3-2.6.3-1.1 on GA media (moderate)

python311-urllib3-2.6.3-1.1 on GA media Announcement ID: openSUSE-SU-2026:10049-1 Rating: moderate Cross-References: CVE-2026-21441 CVSS scores: CVE-2026-21441 SUSE : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2026-21441 SUSE : 2.3...

CVE-2025-66418

urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps leading to high CPU usage and massive memory...

Security update for python-urllib3

This update for python-urllib3 fixes the following issues: CVE-2025-50181: Pool managers now properly control redirects when retries is passed. bsc1244925 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Ubuntu: Security Advisory (USN-7599-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2025-1209)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2025-1220)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RLSA-2024:5309 Moderate: python-urllib3 security update

The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fixes: urllib3: proxy-authorization request header is not stripped during cross-origin redirects CVE-2024-37891 For more details about the security issues, including the impact, a...

RLSA-2024:11238 Moderate: python3.11-urllib3 security update

The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fixes: urllib3: Request body not stripped after redirect from 303 status changes request method to GET CVE-2023-45803 For more details about the security issues, including the...

python-urllib3 bug fix and enhancement update

An update is available for python-urllib3. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Lin...

Advisory ROSA-SA-2025-2746

Software: python3x-urllib3 1.25.10 OS: ROSA Virtualization 3.0 packageevrstring: python3x-urllib3-1.25.10-5.rv30 CVE-ID: CVE-2021-33503 BDU-ID: 2022-00586 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the HTTP client for Python urllib3 is related to uncontrolled resource consumption. Exploitation ...

Security update for SUSE Manager Client Tools and Salt Bundle

This update for SUSE Manager Client Tools and Salt Bundle the following issues: uyuni-tools: venv-salt-minion: Security fixes on Python 3.11 interpreter: CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes bsc1229873, bsc1230059 CVE-2024-8088: Prevent...

OESA-2024-2037 python-urllib3 security update

Sanity-friendly HTTP client for Python Security Fixes: urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without usi...

python-urllib3 security update

1.24.2-8 - Security fix for CVE-2024-37891 Resolves: RHEL-45334...

Fedora 39 : mingw-python-urllib3 (2024-73f181db2a)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-73f181db2a advisory. Update to 1.26.19, fixes CVE-2024-0444. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus ha...

RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Moderate) (RHSA-2023:6158)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6158 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT...

SUSE-SU-2023:4352-1 Security update for python-urllib3

This update for python-urllib3 fixes the following issues: - CVE-2023-45803: Fix a request body leak that could occur when receiving a 303 HTTP response bsc1216377. - CVE-2018-25091: Fixed a potential leak of the Authorization header during a cross-origin redirect bsc1216275. - CVE-2023-43804:...

CVE-2023-45803

CVE-2023-45803 affects the Python urllib3 library. The issue arises when handling HTTP redirects (301/302/303) after a request’s method changes from something that can carry a body (e.g., POST) to GET, where urllib3 previously did not remove the HTTP request body. This could allow leakage of sens...