Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/urllib3@2.6.0
Typepypi
Namespace
Nameurllib3
Version2.6.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.6.3
Latest_non_vulnerable_version2.6.3
Affected_by_vulnerabilities
0
url VCID-kjka-a931-uygj
vulnerability_id VCID-kjka-a931-uygj
summary 
Decompression-bomb safeguards bypassed when following HTTP redirects (streaming API)
### Impact

urllib3's [streaming API](https://urllib3.readthedocs.io/en/2.6.2/advanced-usage.html#streaming-and-i-o) is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once.

urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption.

However, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client (high CPU usage and large memory allocations for decompressed data; CWE-409).

### Affected usages

Applications and libraries using urllib3 version 2.6.2 and earlier to stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects.


### Remediation

Upgrade to at least urllib3 v2.6.3 in which the library does not decode content of redirect responses when `preload_content=False`.

If upgrading is not immediately possible, disable [redirects](https://urllib3.readthedocs.io/en/2.6.2/user-guide.html#retrying-requests) by setting `redirect=False` for requests to untrusted source.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21441.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21441.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-21441
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07527
published_at 2026-04-16T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07602
published_at 2026-04-13T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07616
published_at 2026-04-12T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07629
published_at 2026-04-11T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.0761
published_at 2026-04-08T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07535
published_at 2026-04-02T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07575
published_at 2026-04-04T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07552
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-21441
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21441
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21441
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/urllib3/urllib3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3
5
reference_url https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-08T20:08:04Z/
url https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b
6
reference_url https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-08T20:08:04Z/
url https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99
7
reference_url https://lists.debian.org/debian-lts-announce/2026/01/msg00017.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2026/01/msg00017.html
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-21441
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-21441
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125062
reference_id 1125062
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125062
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2427726
reference_id 2427726
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2427726
11
reference_url https://github.com/advisories/GHSA-38jv-5279-wg99
reference_id GHSA-38jv-5279-wg99
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-38jv-5279-wg99
12
reference_url https://access.redhat.com/errata/RHSA-2026:0981
reference_id RHSA-2026:0981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0981
13
reference_url https://access.redhat.com/errata/RHSA-2026:0990
reference_id RHSA-2026:0990
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0990
14
reference_url https://access.redhat.com/errata/RHSA-2026:1038
reference_id RHSA-2026:1038
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1038
15
reference_url https://access.redhat.com/errata/RHSA-2026:1041
reference_id RHSA-2026:1041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1041
16
reference_url https://access.redhat.com/errata/RHSA-2026:1042
reference_id RHSA-2026:1042
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1042
17
reference_url https://access.redhat.com/errata/RHSA-2026:1086
reference_id RHSA-2026:1086
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1086
18
reference_url https://access.redhat.com/errata/RHSA-2026:1087
reference_id RHSA-2026:1087
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1087
19
reference_url https://access.redhat.com/errata/RHSA-2026:1088
reference_id RHSA-2026:1088
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1088
20
reference_url https://access.redhat.com/errata/RHSA-2026:1089
reference_id RHSA-2026:1089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1089
21
reference_url https://access.redhat.com/errata/RHSA-2026:1166
reference_id RHSA-2026:1166
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1166
22
reference_url https://access.redhat.com/errata/RHSA-2026:1168
reference_id RHSA-2026:1168
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1168
23
reference_url https://access.redhat.com/errata/RHSA-2026:1176
reference_id RHSA-2026:1176
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1176
24
reference_url https://access.redhat.com/errata/RHSA-2026:1224
reference_id RHSA-2026:1224
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1224
25
reference_url https://access.redhat.com/errata/RHSA-2026:1226
reference_id RHSA-2026:1226
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1226
26
reference_url https://access.redhat.com/errata/RHSA-2026:1239
reference_id RHSA-2026:1239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1239
27
reference_url https://access.redhat.com/errata/RHSA-2026:1240
reference_id RHSA-2026:1240
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1240
28
reference_url https://access.redhat.com/errata/RHSA-2026:1241
reference_id RHSA-2026:1241
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1241
29
reference_url https://access.redhat.com/errata/RHSA-2026:1254
reference_id RHSA-2026:1254
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1254
30
reference_url https://access.redhat.com/errata/RHSA-2026:1485
reference_id RHSA-2026:1485
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1485
31
reference_url https://access.redhat.com/errata/RHSA-2026:1504
reference_id RHSA-2026:1504
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1504
32
reference_url https://access.redhat.com/errata/RHSA-2026:1546
reference_id RHSA-2026:1546
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1546
33
reference_url https://access.redhat.com/errata/RHSA-2026:1596
reference_id RHSA-2026:1596
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1596
34
reference_url https://access.redhat.com/errata/RHSA-2026:1599
reference_id RHSA-2026:1599
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1599
35
reference_url https://access.redhat.com/errata/RHSA-2026:1609
reference_id RHSA-2026:1609
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1609
36
reference_url https://access.redhat.com/errata/RHSA-2026:1618
reference_id RHSA-2026:1618
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1618
37
reference_url https://access.redhat.com/errata/RHSA-2026:1619
reference_id RHSA-2026:1619
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1619
38
reference_url https://access.redhat.com/errata/RHSA-2026:1652
reference_id RHSA-2026:1652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1652
39
reference_url https://access.redhat.com/errata/RHSA-2026:1674
reference_id RHSA-2026:1674
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1674
40
reference_url https://access.redhat.com/errata/RHSA-2026:1676
reference_id RHSA-2026:1676
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1676
41
reference_url https://access.redhat.com/errata/RHSA-2026:1693
reference_id RHSA-2026:1693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1693
42
reference_url https://access.redhat.com/errata/RHSA-2026:1704
reference_id RHSA-2026:1704
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1704
43
reference_url https://access.redhat.com/errata/RHSA-2026:1706
reference_id RHSA-2026:1706
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1706
44
reference_url https://access.redhat.com/errata/RHSA-2026:1712
reference_id RHSA-2026:1712
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1712
45
reference_url https://access.redhat.com/errata/RHSA-2026:1717
reference_id RHSA-2026:1717
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1717
46
reference_url https://access.redhat.com/errata/RHSA-2026:1726
reference_id RHSA-2026:1726
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1726
47
reference_url https://access.redhat.com/errata/RHSA-2026:1729
reference_id RHSA-2026:1729
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1729
48
reference_url https://access.redhat.com/errata/RHSA-2026:1730
reference_id RHSA-2026:1730
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1730
49
reference_url https://access.redhat.com/errata/RHSA-2026:1734
reference_id RHSA-2026:1734
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1734
50
reference_url https://access.redhat.com/errata/RHSA-2026:1735
reference_id RHSA-2026:1735
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1735
51
reference_url https://access.redhat.com/errata/RHSA-2026:1736
reference_id RHSA-2026:1736
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1736
52
reference_url https://access.redhat.com/errata/RHSA-2026:1791
reference_id RHSA-2026:1791
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1791
53
reference_url https://access.redhat.com/errata/RHSA-2026:1792
reference_id RHSA-2026:1792
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1792
54
reference_url https://access.redhat.com/errata/RHSA-2026:1793
reference_id RHSA-2026:1793
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1793
55
reference_url https://access.redhat.com/errata/RHSA-2026:1794
reference_id RHSA-2026:1794
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1794
56
reference_url https://access.redhat.com/errata/RHSA-2026:1803
reference_id RHSA-2026:1803
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1803
57
reference_url https://access.redhat.com/errata/RHSA-2026:1805
reference_id RHSA-2026:1805
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1805
58
reference_url https://access.redhat.com/errata/RHSA-2026:1942
reference_id RHSA-2026:1942
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1942
59
reference_url https://access.redhat.com/errata/RHSA-2026:1957
reference_id RHSA-2026:1957
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1957
60
reference_url https://access.redhat.com/errata/RHSA-2026:2106
reference_id RHSA-2026:2106
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2106
61
reference_url https://access.redhat.com/errata/RHSA-2026:2126
reference_id RHSA-2026:2126
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2126
62
reference_url https://access.redhat.com/errata/RHSA-2026:2137
reference_id RHSA-2026:2137
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2137
63
reference_url https://access.redhat.com/errata/RHSA-2026:2139
reference_id RHSA-2026:2139
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2139
64
reference_url https://access.redhat.com/errata/RHSA-2026:2144
reference_id RHSA-2026:2144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2144
65
reference_url https://access.redhat.com/errata/RHSA-2026:2256
reference_id RHSA-2026:2256
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2256
66
reference_url https://access.redhat.com/errata/RHSA-2026:2456
reference_id RHSA-2026:2456
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2456
67
reference_url https://access.redhat.com/errata/RHSA-2026:2500
reference_id RHSA-2026:2500
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2500
68
reference_url https://access.redhat.com/errata/RHSA-2026:2563
reference_id RHSA-2026:2563
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2563
69
reference_url https://access.redhat.com/errata/RHSA-2026:2681
reference_id RHSA-2026:2681
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2681
70
reference_url https://access.redhat.com/errata/RHSA-2026:2695
reference_id RHSA-2026:2695
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2695
71
reference_url https://access.redhat.com/errata/RHSA-2026:2717
reference_id RHSA-2026:2717
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2717
72
reference_url https://access.redhat.com/errata/RHSA-2026:2718
reference_id RHSA-2026:2718
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2718
73
reference_url https://access.redhat.com/errata/RHSA-2026:2723
reference_id RHSA-2026:2723
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2723
74
reference_url https://access.redhat.com/errata/RHSA-2026:2728
reference_id RHSA-2026:2728
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2728
75
reference_url https://access.redhat.com/errata/RHSA-2026:2760
reference_id RHSA-2026:2760
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2760
76
reference_url https://access.redhat.com/errata/RHSA-2026:2762
reference_id RHSA-2026:2762
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2762
77
reference_url https://access.redhat.com/errata/RHSA-2026:2764
reference_id RHSA-2026:2764
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2764
78
reference_url https://access.redhat.com/errata/RHSA-2026:2765
reference_id RHSA-2026:2765
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2765
79
reference_url https://access.redhat.com/errata/RHSA-2026:2900
reference_id RHSA-2026:2900
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2900
80
reference_url https://access.redhat.com/errata/RHSA-2026:2911
reference_id RHSA-2026:2911
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2911
81
reference_url https://access.redhat.com/errata/RHSA-2026:2919
reference_id RHSA-2026:2919
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2919
82
reference_url https://access.redhat.com/errata/RHSA-2026:2924
reference_id RHSA-2026:2924
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2924
83
reference_url https://access.redhat.com/errata/RHSA-2026:2925
reference_id RHSA-2026:2925
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2925
84
reference_url https://access.redhat.com/errata/RHSA-2026:2926
reference_id RHSA-2026:2926
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2926
85
reference_url https://access.redhat.com/errata/RHSA-2026:3296
reference_id RHSA-2026:3296
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3296
86
reference_url https://access.redhat.com/errata/RHSA-2026:3406
reference_id RHSA-2026:3406
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3406
87
reference_url https://access.redhat.com/errata/RHSA-2026:3444
reference_id RHSA-2026:3444
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3444
88
reference_url https://access.redhat.com/errata/RHSA-2026:3461
reference_id RHSA-2026:3461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3461
89
reference_url https://access.redhat.com/errata/RHSA-2026:3462
reference_id RHSA-2026:3462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3462
90
reference_url https://access.redhat.com/errata/RHSA-2026:3713
reference_id RHSA-2026:3713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3713
91
reference_url https://access.redhat.com/errata/RHSA-2026:3782
reference_id RHSA-2026:3782
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3782
92
reference_url https://access.redhat.com/errata/RHSA-2026:3869
reference_id RHSA-2026:3869
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3869
93
reference_url https://access.redhat.com/errata/RHSA-2026:3874
reference_id RHSA-2026:3874
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3874
94
reference_url https://access.redhat.com/errata/RHSA-2026:3884
reference_id RHSA-2026:3884
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3884
95
reference_url https://access.redhat.com/errata/RHSA-2026:3960
reference_id RHSA-2026:3960
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3960
96
reference_url https://access.redhat.com/errata/RHSA-2026:4185
reference_id RHSA-2026:4185
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4185
97
reference_url https://access.redhat.com/errata/RHSA-2026:4215
reference_id RHSA-2026:4215
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4215
98
reference_url https://access.redhat.com/errata/RHSA-2026:4271
reference_id RHSA-2026:4271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4271
99
reference_url https://access.redhat.com/errata/RHSA-2026:4466
reference_id RHSA-2026:4466
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4466
100
reference_url https://access.redhat.com/errata/RHSA-2026:4467
reference_id RHSA-2026:4467
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4467
101
reference_url https://access.redhat.com/errata/RHSA-2026:5459
reference_id RHSA-2026:5459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5459
102
reference_url https://access.redhat.com/errata/RHSA-2026:6287
reference_id RHSA-2026:6287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6287
103
reference_url https://access.redhat.com/errata/RHSA-2026:6292
reference_id RHSA-2026:6292
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6292
104
reference_url https://access.redhat.com/errata/RHSA-2026:8151
reference_id RHSA-2026:8151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8151
105
reference_url https://usn.ubuntu.com/7955-1/
reference_id USN-7955-1
reference_type
scores
url https://usn.ubuntu.com/7955-1/
106
reference_url https://usn.ubuntu.com/7955-2/
reference_id USN-7955-2
reference_type
scores
url https://usn.ubuntu.com/7955-2/
107
reference_url https://usn.ubuntu.com/8010-1/
reference_id USN-8010-1
reference_type
scores
url https://usn.ubuntu.com/8010-1/
fixed_packages
0
url pkg:pypi/urllib3@2.6.3
purl pkg:pypi/urllib3@2.6.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@2.6.3
aliases CVE-2026-21441, GHSA-38jv-5279-wg99
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kjka-a931-uygj
Fixing_vulnerabilities
0
url VCID-v365-pn8r-e7dh
vulnerability_id VCID-v365-pn8r-e7dh
summary 
urllib3 allows an unbounded number of links in the decompression chain
urllib3 supports chained HTTP encoding algorithms for response content according to RFC 9110 (e.g., `Content-Encoding: gzip, zstd`).

However, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps leading to high CPU usage and massive memory allocation for the decompressed data.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66418.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66418.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-66418
reference_id
reference_type
scores
0
value 0.00029
scoring_system epss
scoring_elements 0.08088
published_at 2026-04-02T12:55:00Z
1
value 0.00029
scoring_system epss
scoring_elements 0.08131
published_at 2026-04-04T12:55:00Z
2
value 0.00033
scoring_system epss
scoring_elements 0.09734
published_at 2026-04-12T12:55:00Z
3
value 0.00033
scoring_system epss
scoring_elements 0.09767
published_at 2026-04-11T12:55:00Z
4
value 0.00033
scoring_system epss
scoring_elements 0.09755
published_at 2026-04-09T12:55:00Z
5
value 0.00033
scoring_system epss
scoring_elements 0.09706
published_at 2026-04-08T12:55:00Z
6
value 0.00033
scoring_system epss
scoring_elements 0.09635
published_at 2026-04-07T12:55:00Z
7
value 0.00033
scoring_system epss
scoring_elements 0.09606
published_at 2026-04-16T12:55:00Z
8
value 0.00033
scoring_system epss
scoring_elements 0.09718
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-66418
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66418
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66418
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/urllib3/urllib3
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3
5
reference_url https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-05T16:15:39Z/
url https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122030
reference_id 1122030
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122030
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2419455
reference_id 2419455
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2419455
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-66418
reference_id CVE-2025-66418
reference_type
scores
0
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-66418
9
reference_url https://github.com/advisories/GHSA-gm62-xv2j-4w53
reference_id GHSA-gm62-xv2j-4w53
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gm62-xv2j-4w53
10
reference_url https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53
reference_id GHSA-gm62-xv2j-4w53
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-05T16:15:39Z/
url https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53
11
reference_url https://access.redhat.com/errata/RHSA-2026:0050
reference_id RHSA-2026:0050
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0050
12
reference_url https://access.redhat.com/errata/RHSA-2026:0414
reference_id RHSA-2026:0414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0414
13
reference_url https://access.redhat.com/errata/RHSA-2026:0990
reference_id RHSA-2026:0990
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0990
14
reference_url https://access.redhat.com/errata/RHSA-2026:1026
reference_id RHSA-2026:1026
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1026
15
reference_url https://access.redhat.com/errata/RHSA-2026:1027
reference_id RHSA-2026:1027
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1027
16
reference_url https://access.redhat.com/errata/RHSA-2026:1041
reference_id RHSA-2026:1041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1041
17
reference_url https://access.redhat.com/errata/RHSA-2026:1042
reference_id RHSA-2026:1042
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1042
18
reference_url https://access.redhat.com/errata/RHSA-2026:1086
reference_id RHSA-2026:1086
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1086
19
reference_url https://access.redhat.com/errata/RHSA-2026:1087
reference_id RHSA-2026:1087
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1087
20
reference_url https://access.redhat.com/errata/RHSA-2026:1088
reference_id RHSA-2026:1088
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1088
21
reference_url https://access.redhat.com/errata/RHSA-2026:1089
reference_id RHSA-2026:1089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1089
22
reference_url https://access.redhat.com/errata/RHSA-2026:1168
reference_id RHSA-2026:1168
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1168
23
reference_url https://access.redhat.com/errata/RHSA-2026:1176
reference_id RHSA-2026:1176
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1176
24
reference_url https://access.redhat.com/errata/RHSA-2026:1224
reference_id RHSA-2026:1224
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1224
25
reference_url https://access.redhat.com/errata/RHSA-2026:1226
reference_id RHSA-2026:1226
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1226
26
reference_url https://access.redhat.com/errata/RHSA-2026:1239
reference_id RHSA-2026:1239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1239
27
reference_url https://access.redhat.com/errata/RHSA-2026:1240
reference_id RHSA-2026:1240
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1240
28
reference_url https://access.redhat.com/errata/RHSA-2026:1241
reference_id RHSA-2026:1241
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1241
29
reference_url https://access.redhat.com/errata/RHSA-2026:1254
reference_id RHSA-2026:1254
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1254
30
reference_url https://access.redhat.com/errata/RHSA-2026:1329
reference_id RHSA-2026:1329
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1329
31
reference_url https://access.redhat.com/errata/RHSA-2026:1330
reference_id RHSA-2026:1330
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1330
32
reference_url https://access.redhat.com/errata/RHSA-2026:1331
reference_id RHSA-2026:1331
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1331
33
reference_url https://access.redhat.com/errata/RHSA-2026:1332
reference_id RHSA-2026:1332
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1332
34
reference_url https://access.redhat.com/errata/RHSA-2026:1336
reference_id RHSA-2026:1336
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1336
35
reference_url https://access.redhat.com/errata/RHSA-2026:1337
reference_id RHSA-2026:1337
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1337
36
reference_url https://access.redhat.com/errata/RHSA-2026:1338
reference_id RHSA-2026:1338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1338
37
reference_url https://access.redhat.com/errata/RHSA-2026:1339
reference_id RHSA-2026:1339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1339
38
reference_url https://access.redhat.com/errata/RHSA-2026:1340
reference_id RHSA-2026:1340
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1340
39
reference_url https://access.redhat.com/errata/RHSA-2026:1485
reference_id RHSA-2026:1485
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1485
40
reference_url https://access.redhat.com/errata/RHSA-2026:1504
reference_id RHSA-2026:1504
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1504
41
reference_url https://access.redhat.com/errata/RHSA-2026:1546
reference_id RHSA-2026:1546
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1546
42
reference_url https://access.redhat.com/errata/RHSA-2026:1618
reference_id RHSA-2026:1618
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1618
43
reference_url https://access.redhat.com/errata/RHSA-2026:1619
reference_id RHSA-2026:1619
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1619
44
reference_url https://access.redhat.com/errata/RHSA-2026:1652
reference_id RHSA-2026:1652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1652
45
reference_url https://access.redhat.com/errata/RHSA-2026:1674
reference_id RHSA-2026:1674
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1674
46
reference_url https://access.redhat.com/errata/RHSA-2026:1676
reference_id RHSA-2026:1676
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1676
47
reference_url https://access.redhat.com/errata/RHSA-2026:1693
reference_id RHSA-2026:1693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1693
48
reference_url https://access.redhat.com/errata/RHSA-2026:1701
reference_id RHSA-2026:1701
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1701
49
reference_url https://access.redhat.com/errata/RHSA-2026:1702
reference_id RHSA-2026:1702
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1702
50
reference_url https://access.redhat.com/errata/RHSA-2026:1704
reference_id RHSA-2026:1704
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1704
51
reference_url https://access.redhat.com/errata/RHSA-2026:1712
reference_id RHSA-2026:1712
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1712
52
reference_url https://access.redhat.com/errata/RHSA-2026:1726
reference_id RHSA-2026:1726
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1726
53
reference_url https://access.redhat.com/errata/RHSA-2026:1729
reference_id RHSA-2026:1729
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1729
54
reference_url https://access.redhat.com/errata/RHSA-2026:1730
reference_id RHSA-2026:1730
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1730
55
reference_url https://access.redhat.com/errata/RHSA-2026:1736
reference_id RHSA-2026:1736
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1736
56
reference_url https://access.redhat.com/errata/RHSA-2026:1942
reference_id RHSA-2026:1942
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1942
57
reference_url https://access.redhat.com/errata/RHSA-2026:1957
reference_id RHSA-2026:1957
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1957
58
reference_url https://access.redhat.com/errata/RHSA-2026:2106
reference_id RHSA-2026:2106
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2106
59
reference_url https://access.redhat.com/errata/RHSA-2026:2126
reference_id RHSA-2026:2126
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2126
60
reference_url https://access.redhat.com/errata/RHSA-2026:2137
reference_id RHSA-2026:2137
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2137
61
reference_url https://access.redhat.com/errata/RHSA-2026:2139
reference_id RHSA-2026:2139
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2139
62
reference_url https://access.redhat.com/errata/RHSA-2026:2144
reference_id RHSA-2026:2144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2144
63
reference_url https://access.redhat.com/errata/RHSA-2026:2256
reference_id RHSA-2026:2256
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2256
64
reference_url https://access.redhat.com/errata/RHSA-2026:2279
reference_id RHSA-2026:2279
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2279
65
reference_url https://access.redhat.com/errata/RHSA-2026:2456
reference_id RHSA-2026:2456
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2456
66
reference_url https://access.redhat.com/errata/RHSA-2026:2500
reference_id RHSA-2026:2500
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2500
67
reference_url https://access.redhat.com/errata/RHSA-2026:2563
reference_id RHSA-2026:2563
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2563
68
reference_url https://access.redhat.com/errata/RHSA-2026:2681
reference_id RHSA-2026:2681
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2681
69
reference_url https://access.redhat.com/errata/RHSA-2026:2695
reference_id RHSA-2026:2695
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2695
70
reference_url https://access.redhat.com/errata/RHSA-2026:2717
reference_id RHSA-2026:2717
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2717
71
reference_url https://access.redhat.com/errata/RHSA-2026:2718
reference_id RHSA-2026:2718
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2718
72
reference_url https://access.redhat.com/errata/RHSA-2026:2723
reference_id RHSA-2026:2723
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2723
73
reference_url https://access.redhat.com/errata/RHSA-2026:2728
reference_id RHSA-2026:2728
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2728
74
reference_url https://access.redhat.com/errata/RHSA-2026:2737
reference_id RHSA-2026:2737
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2737
75
reference_url https://access.redhat.com/errata/RHSA-2026:2754
reference_id RHSA-2026:2754
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2754
76
reference_url https://access.redhat.com/errata/RHSA-2026:2762
reference_id RHSA-2026:2762
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2762
77
reference_url https://access.redhat.com/errata/RHSA-2026:2764
reference_id RHSA-2026:2764
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2764
78
reference_url https://access.redhat.com/errata/RHSA-2026:2765
reference_id RHSA-2026:2765
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2765
79
reference_url https://access.redhat.com/errata/RHSA-2026:2800
reference_id RHSA-2026:2800
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2800
80
reference_url https://access.redhat.com/errata/RHSA-2026:2900
reference_id RHSA-2026:2900
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2900
81
reference_url https://access.redhat.com/errata/RHSA-2026:2919
reference_id RHSA-2026:2919
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2919
82
reference_url https://access.redhat.com/errata/RHSA-2026:2924
reference_id RHSA-2026:2924
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2924
83
reference_url https://access.redhat.com/errata/RHSA-2026:2925
reference_id RHSA-2026:2925
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2925
84
reference_url https://access.redhat.com/errata/RHSA-2026:2926
reference_id RHSA-2026:2926
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2926
85
reference_url https://access.redhat.com/errata/RHSA-2026:3296
reference_id RHSA-2026:3296
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3296
86
reference_url https://access.redhat.com/errata/RHSA-2026:3406
reference_id RHSA-2026:3406
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3406
87
reference_url https://access.redhat.com/errata/RHSA-2026:3444
reference_id RHSA-2026:3444
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3444
88
reference_url https://access.redhat.com/errata/RHSA-2026:3461
reference_id RHSA-2026:3461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3461
89
reference_url https://access.redhat.com/errata/RHSA-2026:3462
reference_id RHSA-2026:3462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3462
90
reference_url https://access.redhat.com/errata/RHSA-2026:3713
reference_id RHSA-2026:3713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3713
91
reference_url https://access.redhat.com/errata/RHSA-2026:3782
reference_id RHSA-2026:3782
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3782
92
reference_url https://access.redhat.com/errata/RHSA-2026:3869
reference_id RHSA-2026:3869
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3869
93
reference_url https://access.redhat.com/errata/RHSA-2026:3874
reference_id RHSA-2026:3874
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3874
94
reference_url https://access.redhat.com/errata/RHSA-2026:4185
reference_id RHSA-2026:4185
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4185
95
reference_url https://access.redhat.com/errata/RHSA-2026:4215
reference_id RHSA-2026:4215
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4215
96
reference_url https://access.redhat.com/errata/RHSA-2026:4271
reference_id RHSA-2026:4271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4271
97
reference_url https://access.redhat.com/errata/RHSA-2026:4466
reference_id RHSA-2026:4466
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4466
98
reference_url https://access.redhat.com/errata/RHSA-2026:4467
reference_id RHSA-2026:4467
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4467
99
reference_url https://access.redhat.com/errata/RHSA-2026:5807
reference_id RHSA-2026:5807
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5807
100
reference_url https://access.redhat.com/errata/RHSA-2026:6292
reference_id RHSA-2026:6292
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6292
101
reference_url https://usn.ubuntu.com/7927-1/
reference_id USN-7927-1
reference_type
scores
url https://usn.ubuntu.com/7927-1/
102
reference_url https://usn.ubuntu.com/8010-1/
reference_id USN-8010-1
reference_type
scores
url https://usn.ubuntu.com/8010-1/
fixed_packages
0
url pkg:pypi/urllib3@2.6.0
purl pkg:pypi/urllib3@2.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kjka-a931-uygj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@2.6.0
aliases CVE-2025-66418, GHSA-gm62-xv2j-4w53
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v365-pn8r-e7dh
1
url VCID-zevs-1ge5-y7g7
vulnerability_id VCID-zevs-1ge5-y7g7
summary 
urllib3 streaming API improperly handles highly compressed data
urllib3's [streaming API](https://urllib3.readthedocs.io/en/2.5.0/advanced-usage.html#streaming-and-i-o) is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once.

When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation.

The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66471.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66471.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-66471
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.0744
published_at 2026-04-02T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07482
published_at 2026-04-04T12:55:00Z
2
value 0.00031
scoring_system epss
scoring_elements 0.08998
published_at 2026-04-12T12:55:00Z
3
value 0.00031
scoring_system epss
scoring_elements 0.09034
published_at 2026-04-11T12:55:00Z
4
value 0.00031
scoring_system epss
scoring_elements 0.09002
published_at 2026-04-08T12:55:00Z
5
value 0.00031
scoring_system epss
scoring_elements 0.08924
published_at 2026-04-07T12:55:00Z
6
value 0.00031
scoring_system epss
scoring_elements 0.08877
published_at 2026-04-16T12:55:00Z
7
value 0.00031
scoring_system epss
scoring_elements 0.08985
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-66471
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66471
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66471
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/urllib3/urllib3
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3
5
reference_url https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-05T19:32:57Z/
url https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122029
reference_id 1122029
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122029
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2419467
reference_id 2419467
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2419467
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-66471
reference_id CVE-2025-66471
reference_type
scores
0
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-66471
9
reference_url https://github.com/advisories/GHSA-2xpw-w6gg-jr37
reference_id GHSA-2xpw-w6gg-jr37
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2xpw-w6gg-jr37
10
reference_url https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37
reference_id GHSA-2xpw-w6gg-jr37
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-05T19:32:57Z/
url https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37
11
reference_url https://access.redhat.com/errata/RHSA-2026:0981
reference_id RHSA-2026:0981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0981
12
reference_url https://access.redhat.com/errata/RHSA-2026:0990
reference_id RHSA-2026:0990
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0990
13
reference_url https://access.redhat.com/errata/RHSA-2026:1038
reference_id RHSA-2026:1038
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1038
14
reference_url https://access.redhat.com/errata/RHSA-2026:1041
reference_id RHSA-2026:1041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1041
15
reference_url https://access.redhat.com/errata/RHSA-2026:1042
reference_id RHSA-2026:1042
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1042
16
reference_url https://access.redhat.com/errata/RHSA-2026:1086
reference_id RHSA-2026:1086
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1086
17
reference_url https://access.redhat.com/errata/RHSA-2026:1087
reference_id RHSA-2026:1087
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1087
18
reference_url https://access.redhat.com/errata/RHSA-2026:1088
reference_id RHSA-2026:1088
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1088
19
reference_url https://access.redhat.com/errata/RHSA-2026:1089
reference_id RHSA-2026:1089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1089
20
reference_url https://access.redhat.com/errata/RHSA-2026:1166
reference_id RHSA-2026:1166
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1166
21
reference_url https://access.redhat.com/errata/RHSA-2026:1168
reference_id RHSA-2026:1168
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1168
22
reference_url https://access.redhat.com/errata/RHSA-2026:1176
reference_id RHSA-2026:1176
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1176
23
reference_url https://access.redhat.com/errata/RHSA-2026:1224
reference_id RHSA-2026:1224
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1224
24
reference_url https://access.redhat.com/errata/RHSA-2026:1226
reference_id RHSA-2026:1226
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1226
25
reference_url https://access.redhat.com/errata/RHSA-2026:1239
reference_id RHSA-2026:1239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1239
26
reference_url https://access.redhat.com/errata/RHSA-2026:1240
reference_id RHSA-2026:1240
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1240
27
reference_url https://access.redhat.com/errata/RHSA-2026:1241
reference_id RHSA-2026:1241
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1241
28
reference_url https://access.redhat.com/errata/RHSA-2026:1249
reference_id RHSA-2026:1249
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1249
29
reference_url https://access.redhat.com/errata/RHSA-2026:1254
reference_id RHSA-2026:1254
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1254
30
reference_url https://access.redhat.com/errata/RHSA-2026:1485
reference_id RHSA-2026:1485
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1485
31
reference_url https://access.redhat.com/errata/RHSA-2026:1497
reference_id RHSA-2026:1497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1497
32
reference_url https://access.redhat.com/errata/RHSA-2026:1504
reference_id RHSA-2026:1504
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1504
33
reference_url https://access.redhat.com/errata/RHSA-2026:1506
reference_id RHSA-2026:1506
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1506
34
reference_url https://access.redhat.com/errata/RHSA-2026:1546
reference_id RHSA-2026:1546
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1546
35
reference_url https://access.redhat.com/errata/RHSA-2026:1596
reference_id RHSA-2026:1596
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1596
36
reference_url https://access.redhat.com/errata/RHSA-2026:1599
reference_id RHSA-2026:1599
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1599
37
reference_url https://access.redhat.com/errata/RHSA-2026:1600
reference_id RHSA-2026:1600
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1600
38
reference_url https://access.redhat.com/errata/RHSA-2026:1609
reference_id RHSA-2026:1609
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1609
39
reference_url https://access.redhat.com/errata/RHSA-2026:1618
reference_id RHSA-2026:1618
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1618
40
reference_url https://access.redhat.com/errata/RHSA-2026:1619
reference_id RHSA-2026:1619
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1619
41
reference_url https://access.redhat.com/errata/RHSA-2026:1652
reference_id RHSA-2026:1652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1652
42
reference_url https://access.redhat.com/errata/RHSA-2026:1674
reference_id RHSA-2026:1674
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1674
43
reference_url https://access.redhat.com/errata/RHSA-2026:1676
reference_id RHSA-2026:1676
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1676
44
reference_url https://access.redhat.com/errata/RHSA-2026:1693
reference_id RHSA-2026:1693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1693
45
reference_url https://access.redhat.com/errata/RHSA-2026:1704
reference_id RHSA-2026:1704
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1704
46
reference_url https://access.redhat.com/errata/RHSA-2026:1706
reference_id RHSA-2026:1706
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1706
47
reference_url https://access.redhat.com/errata/RHSA-2026:1712
reference_id RHSA-2026:1712
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1712
48
reference_url https://access.redhat.com/errata/RHSA-2026:1717
reference_id RHSA-2026:1717
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1717
49
reference_url https://access.redhat.com/errata/RHSA-2026:1726
reference_id RHSA-2026:1726
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1726
50
reference_url https://access.redhat.com/errata/RHSA-2026:1729
reference_id RHSA-2026:1729
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1729
51
reference_url https://access.redhat.com/errata/RHSA-2026:1730
reference_id RHSA-2026:1730
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1730
52
reference_url https://access.redhat.com/errata/RHSA-2026:1734
reference_id RHSA-2026:1734
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1734
53
reference_url https://access.redhat.com/errata/RHSA-2026:1735
reference_id RHSA-2026:1735
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1735
54
reference_url https://access.redhat.com/errata/RHSA-2026:1736
reference_id RHSA-2026:1736
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1736
55
reference_url https://access.redhat.com/errata/RHSA-2026:1791
reference_id RHSA-2026:1791
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1791
56
reference_url https://access.redhat.com/errata/RHSA-2026:1792
reference_id RHSA-2026:1792
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1792
57
reference_url https://access.redhat.com/errata/RHSA-2026:1793
reference_id RHSA-2026:1793
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1793
58
reference_url https://access.redhat.com/errata/RHSA-2026:1794
reference_id RHSA-2026:1794
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1794
59
reference_url https://access.redhat.com/errata/RHSA-2026:1795
reference_id RHSA-2026:1795
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1795
60
reference_url https://access.redhat.com/errata/RHSA-2026:1803
reference_id RHSA-2026:1803
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1803
61
reference_url https://access.redhat.com/errata/RHSA-2026:1805
reference_id RHSA-2026:1805
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1805
62
reference_url https://access.redhat.com/errata/RHSA-2026:1942
reference_id RHSA-2026:1942
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1942
63
reference_url https://access.redhat.com/errata/RHSA-2026:1957
reference_id RHSA-2026:1957
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1957
64
reference_url https://access.redhat.com/errata/RHSA-2026:2060
reference_id RHSA-2026:2060
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2060
65
reference_url https://access.redhat.com/errata/RHSA-2026:2106
reference_id RHSA-2026:2106
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2106
66
reference_url https://access.redhat.com/errata/RHSA-2026:2126
reference_id RHSA-2026:2126
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2126
67
reference_url https://access.redhat.com/errata/RHSA-2026:2137
reference_id RHSA-2026:2137
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2137
68
reference_url https://access.redhat.com/errata/RHSA-2026:2139
reference_id RHSA-2026:2139
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2139
69
reference_url https://access.redhat.com/errata/RHSA-2026:2144
reference_id RHSA-2026:2144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2144
70
reference_url https://access.redhat.com/errata/RHSA-2026:2256
reference_id RHSA-2026:2256
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2256
71
reference_url https://access.redhat.com/errata/RHSA-2026:2456
reference_id RHSA-2026:2456
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2456
72
reference_url https://access.redhat.com/errata/RHSA-2026:2500
reference_id RHSA-2026:2500
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2500
73
reference_url https://access.redhat.com/errata/RHSA-2026:2563
reference_id RHSA-2026:2563
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2563
74
reference_url https://access.redhat.com/errata/RHSA-2026:2681
reference_id RHSA-2026:2681
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2681
75
reference_url https://access.redhat.com/errata/RHSA-2026:2695
reference_id RHSA-2026:2695
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2695
76
reference_url https://access.redhat.com/errata/RHSA-2026:2717
reference_id RHSA-2026:2717
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2717
77
reference_url https://access.redhat.com/errata/RHSA-2026:2718
reference_id RHSA-2026:2718
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2718
78
reference_url https://access.redhat.com/errata/RHSA-2026:2723
reference_id RHSA-2026:2723
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2723
79
reference_url https://access.redhat.com/errata/RHSA-2026:2728
reference_id RHSA-2026:2728
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2728
80
reference_url https://access.redhat.com/errata/RHSA-2026:2737
reference_id RHSA-2026:2737
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2737
81
reference_url https://access.redhat.com/errata/RHSA-2026:2760
reference_id RHSA-2026:2760
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2760
82
reference_url https://access.redhat.com/errata/RHSA-2026:2762
reference_id RHSA-2026:2762
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2762
83
reference_url https://access.redhat.com/errata/RHSA-2026:2764
reference_id RHSA-2026:2764
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2764
84
reference_url https://access.redhat.com/errata/RHSA-2026:2765
reference_id RHSA-2026:2765
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2765
85
reference_url https://access.redhat.com/errata/RHSA-2026:2800
reference_id RHSA-2026:2800
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2800
86
reference_url https://access.redhat.com/errata/RHSA-2026:2900
reference_id RHSA-2026:2900
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2900
87
reference_url https://access.redhat.com/errata/RHSA-2026:2919
reference_id RHSA-2026:2919
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2919
88
reference_url https://access.redhat.com/errata/RHSA-2026:2924
reference_id RHSA-2026:2924
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2924
89
reference_url https://access.redhat.com/errata/RHSA-2026:2925
reference_id RHSA-2026:2925
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2925
90
reference_url https://access.redhat.com/errata/RHSA-2026:2926
reference_id RHSA-2026:2926
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2926
91
reference_url https://access.redhat.com/errata/RHSA-2026:3296
reference_id RHSA-2026:3296
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3296
92
reference_url https://access.redhat.com/errata/RHSA-2026:3406
reference_id RHSA-2026:3406
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3406
93
reference_url https://access.redhat.com/errata/RHSA-2026:3444
reference_id RHSA-2026:3444
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3444
94
reference_url https://access.redhat.com/errata/RHSA-2026:3461
reference_id RHSA-2026:3461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3461
95
reference_url https://access.redhat.com/errata/RHSA-2026:3462
reference_id RHSA-2026:3462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3462
96
reference_url https://access.redhat.com/errata/RHSA-2026:3713
reference_id RHSA-2026:3713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3713
97
reference_url https://access.redhat.com/errata/RHSA-2026:3782
reference_id RHSA-2026:3782
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3782
98
reference_url https://access.redhat.com/errata/RHSA-2026:3869
reference_id RHSA-2026:3869
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3869
99
reference_url https://access.redhat.com/errata/RHSA-2026:3874
reference_id RHSA-2026:3874
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3874
100
reference_url https://access.redhat.com/errata/RHSA-2026:3960
reference_id RHSA-2026:3960
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3960
101
reference_url https://access.redhat.com/errata/RHSA-2026:4185
reference_id RHSA-2026:4185
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4185
102
reference_url https://access.redhat.com/errata/RHSA-2026:4215
reference_id RHSA-2026:4215
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4215
103
reference_url https://access.redhat.com/errata/RHSA-2026:4271
reference_id RHSA-2026:4271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4271
104
reference_url https://access.redhat.com/errata/RHSA-2026:4466
reference_id RHSA-2026:4466
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4466
105
reference_url https://access.redhat.com/errata/RHSA-2026:4467
reference_id RHSA-2026:4467
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4467
106
reference_url https://access.redhat.com/errata/RHSA-2026:5459
reference_id RHSA-2026:5459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5459
107
reference_url https://access.redhat.com/errata/RHSA-2026:5549
reference_id RHSA-2026:5549
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5549
108
reference_url https://access.redhat.com/errata/RHSA-2026:6055
reference_id RHSA-2026:6055
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6055
109
reference_url https://access.redhat.com/errata/RHSA-2026:6292
reference_id RHSA-2026:6292
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6292
110
reference_url https://usn.ubuntu.com/7927-1/
reference_id USN-7927-1
reference_type
scores
url https://usn.ubuntu.com/7927-1/
111
reference_url https://usn.ubuntu.com/7927-2/
reference_id USN-7927-2
reference_type
scores
url https://usn.ubuntu.com/7927-2/
112
reference_url https://usn.ubuntu.com/7927-3/
reference_id USN-7927-3
reference_type
scores
url https://usn.ubuntu.com/7927-3/
fixed_packages
0
url pkg:pypi/urllib3@2.6.0
purl pkg:pypi/urllib3@2.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kjka-a931-uygj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@2.6.0
aliases CVE-2025-66471, GHSA-2xpw-w6gg-jr37
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zevs-1ge5-y7g7
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/urllib3@2.6.0