19 matches found
ROOT-APP-PYPI-CVE-2025-66418 CVE-2025-66418 in rootio-urllib3 - Patched by Root
Root has patched CVE-2025-66418 in the rootio-urllib3 package for Root:PyPI. Multiple fixed versions available...
EulerOS Virtualization 2.12.1 : python-urllib3 (EulerOS-SA-2026-1459)
According to the versions of the python-urllib3 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links ...
Security Bulletin: IBM Maximo Application Suite uses pyasn1-0.6.1, protobuf-6.33.4-cp39-abi3-manylinux2014_x86_64, urllib3-2.5.0-py3-none-any, database/sql 1.24.4 and weasyprint-67.0-py3-none-any.
Summary Security Bulletin: IBM Maximo Application Suite uses pyasn1-0.6.1, protobuf-6.33.4-cp39-abi3-manylinux2014x8664, urllib3-2.5.0-py3-none-any, database/sql 1.24.4 and weasyprint-67.0-py3-none-any which is vulnerable to CVE-2026-23490, CVE-2026-0994, CVE-2025-66418, CVE-2025-66471,...
Important: Red Hat Security Advisory: fence-agents security update
An update for fence-agents is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-urllib3 (SUSE-SU-2026:0367-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0367-1 advisory. - CVE-2025-66471: excessive resource consumption via decompression of highly compressed data in...
RHEL 8 : fence-agents (RHSA-2026:1702)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1702 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable...
Fedora: Security Advisory (FEDORA-2026-8b7270b473)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OESA-2026-1253 python-pip security update
pip is the package installer for Python. You can use pip to install packages from the Python Package Index and other indexes. %global bashcompdir %b=$pkg-config --variable=completionsdir bash-completion 2/dev/null; echo $b:-/bashcompletion.d Name: python-pip Version: 23.3.1 Release: 6 Summary: A...
Security Bulletin: Location Service for ESRI Component uses urllib3-2.5.0 and werkzeug-3.1.3 library which were vulnerable to CVE-2025-66418, CVE-2025-66471 and CVE-2025-66221 respectively
Summary Location Service for ESRI Component uses urllib3-2.5.0 and werkzeug-3.1.3 library which were vulnerable to CVE-2025-66418, CVE-2025-66471 and CVE-2025-66221 respectively. Vulnerability Details CVEID:CVE-2025-66418 DESCRIPTION: urllib3 is a user-friendly HTTP client library for Python...
Important: Red Hat Security Advisory: python-s3transfer security update
An update for python-s3transfer is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
RHEL 9 : fence-agents (RHSA-2026:1332)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1332 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable...
Oracle Linux 9 : python3.11-urllib3 (ELSA-2026-1089)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-1089 advisory. - Security fix for CVE-2025-66471 - Security fix for CVE-2025-66418 Tenable has extracted the preceding description block directly from the Oracle Linu...
python3.12-urllib3 security update
1.26.19-1.1 - Security fix for CVE-2025-66471 - Security fix for CVE-2025-66418 - Security fix for CVE-2026-21441 Resolves: RHEL-139403...
python-urllib3 security update
1.26.5-6.1 - Security fix for CVE-2025-66471 - Security fix for CVE-2025-66418 - Security fix for CVE-2026-21441 Resolves: RHEL-139401...
CVE-2025-66418 affecting package python-urllib3 for versions less than 1.26.19-3
CVE-2025-66418 affecting package python-urllib3 for versions less than 1.26.19-3. A patched version of the package is available...
Medium: python-pip
Issue Overview: urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps leading to high CPU usage an...
BELL-CVE-2025-66418
Bulletin has no description...
CVE-2025-66418 vulnerabilities
Vulnerabilities for packages: airflow, py3-urllib3, kubeflow-jupyter-web-app, az, pypy-3.10, kubeflow-pipelines, datadog-agent, ggshield, jwt-tool, tensorflow-cpu-jupyter, dask-kubernetes, jupyter-base-notebook, kubeflow-pipelines-visualization-server, dask-gateway, kubeflow-katib, open-webui,...
CVE-2025-66418
creationtimestamp| type| source ---|---|--- 2025-12-05 17:51:24+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m7b2g26hzo2s 2025-12-05 17:54:47+00:00| seen| https://seclists.org/oss-sec/2025/q4/250 2025-12-05 19:12:43+00:00| seen|...