Lucene search
K

18 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.18 views

SUSE SLES16 : Recommended update for python-urllib3 (SUSE-SU-SUSE-RU-2026:21430-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-SUSE-RU-2026:21430-1 advisory. This update for python-urllib3 fixes the following issue: - Fix regression in CVE-2025-66471.patch bsc1254867 Tenable has extracted...

8.9CVSS5.9AI score0.00633EPSS
Exploits0References4
OSV
OSV
added 2026/04/29 2:13 p.m.7 views

SUSE-RU-2026:21397-1 Recommended update for python-urllib3

This update for python-urllib3 fixes the following issue: - Fix regression in CVE-2025-66471.patch bsc1254867...

8.9CVSS6.7AI score0.00633EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.3 views

EulerOS Virtualization 2.12.1 : python-urllib3 (EulerOS-SA-2026-1459)

According to the versions of the python-urllib3 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links ...

8.9CVSS6.7AI score0.02667EPSS
Exploits1References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/03 6:49 a.m.7 views

Security Bulletin: IBM Maximo Application Suite uses pyasn1-0.6.1, protobuf-6.33.4-cp39-abi3-manylinux2014_x86_64, urllib3-2.5.0-py3-none-any, database/sql 1.24.4 and weasyprint-67.0-py3-none-any.

Summary Security Bulletin: IBM Maximo Application Suite uses pyasn1-0.6.1, protobuf-6.33.4-cp39-abi3-manylinux2014x8664, urllib3-2.5.0-py3-none-any, database/sql 1.24.4 and weasyprint-67.0-py3-none-any which is vulnerable to CVE-2026-23490, CVE-2026-0994, CVE-2025-66418, CVE-2025-66471,...

8.9CVSS6AI score0.00679EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/02/04 12:0 a.m.7 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-urllib3 (SUSE-SU-2026:0367-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0367-1 advisory. - CVE-2025-66471: excessive resource consumption via decompression of highly compressed data in...

8.9CVSS5.5AI score0.00633EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2026/02/02 12:0 a.m.1 views

Fedora: Security Advisory (FEDORA-2026-8b7270b473)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.9CVSS7.4AI score0.02667EPSS
Exploits0References8
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/29 2:37 p.m.10 views

Security Bulletin: Location Service for ESRI Component uses urllib3-2.5.0 and werkzeug-3.1.3 library which were vulnerable to CVE-2025-66418, CVE-2025-66471 and CVE-2025-66221 respectively

Summary Location Service for ESRI Component uses urllib3-2.5.0 and werkzeug-3.1.3 library which were vulnerable to CVE-2025-66418, CVE-2025-66471 and CVE-2025-66221 respectively. Vulnerability Details CVEID:CVE-2025-66418 DESCRIPTION: urllib3 is a user-friendly HTTP client library for Python...

8.9CVSS6AI score0.00633EPSS
Exploits0Affected Software1
Oracle linux
Oracle linux
added 2026/01/26 12:0 a.m.9 views

python-urllib3 security update

1.26.5-6.1 - Security fix for CVE-2025-66471 - Security fix for CVE-2025-66418 - Security fix for CVE-2026-21441 Resolves: RHEL-139401...

8.9CVSS7.2AI score0.02667EPSS
Exploits0
Oracle linux
Oracle linux
added 2026/01/26 12:0 a.m.6 views

python3.12-urllib3 security update

1.26.19-1.1 - Security fix for CVE-2025-66471 - Security fix for CVE-2025-66418 - Security fix for CVE-2026-21441 Resolves: RHEL-139403...

8.9CVSS5.9AI score0.02667EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/26 12:0 a.m.7 views

Oracle Linux 9 : python3.11-urllib3 (ELSA-2026-1089)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-1089 advisory. - Security fix for CVE-2025-66471 - Security fix for CVE-2025-66418 Tenable has extracted the preceding description block directly from the Oracle Linu...

8.9CVSS7.2AI score0.02667EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.6 views

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2025-66471)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-66471 advisory. - urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior t...

8.9CVSS5.9AI score0.00633EPSS
Exploits0References1
Amazon
Amazon
added 2026/01/21 12:0 a.m.6 views

Medium: python-pip

Issue Overview: urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps leading to high CPU usage an...

8.9CVSS7.5AI score0.00633EPSS
Exploits0
Chainguard
Chainguard
added 2025/12/09 1:28 a.m.5 views

CVE-2025-66471 vulnerabilities

Vulnerabilities for packages: py3-pip, dask-kubernetes, py3.13-scanner-test-libraries, ggshield, pypy-3.11, emissary, ansible-operator-fips, confluent-docker-utils, azure-functions-host, datadog-agent, mlflow, nvidia-nsight-compute-13.2, spamcheck, kubeflow-jupyter-web-app, py3-urllib3, graalvm,...

8.9CVSS6.7AI score0.00633EPSS
Exploits0
Wolfi
Wolfi
added 2025/12/08 7:48 p.m.8 views

CVE-2025-66471 vulnerabilities

Vulnerabilities for packages: emissary, open-webui, dask-kubernetes, tensorflow-cpu-jupyter, kubeflow-pipelines-visualization-server, dask-gateway, airflow, pypy-3.11, ggshield, py3-cassandra-medusa, semgrep, py3-pipenv, kubeflow-volumes-web-app, az, superset, confluent-docker-utils,...

8.9CVSS6.7AI score0.00633EPSS
Exploits0
Circl
Circl
added 2025/12/05 5:54 p.m.8 views

CVE-2025-66471

creationtimestamp| type| source ---|---|--- 2025-12-05 17:54:47+00:00| seen| https://seclists.org/oss-sec/2025/q4/250 2025-12-05 19:12:43+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3m7b6xhddwo2s 2025-12-05 19:13:24+00:00| seen|...

8.9CVSS6.5AI score0.00633EPSS
Exploits0References14
NVD
NVD
added 2025/12/05 5:16 p.m.10 views

CVE-2025-66471

urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles highly compressed data. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than...

8.9CVSS0.00633EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/12/05 4:6 p.m.5 views

CVE-2025-66471

urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles highly compressed data. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than...

8.9CVSS7.4AI score0.00633EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/12/05 4:6 p.m.3 views

CVE-2025-66471

urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles highly compressed data. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than...

8.9CVSS6.8AI score0.00633EPSS
Exploits0
Rows per page
Query Builder