Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/python3.11-urllib3@1.26.12-5.el9_7?arch=1
Typerpm
Namespaceredhat
Namepython3.11-urllib3
Version1.26.12-5.el9_7
Qualifiers
arch 1
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-kjka-a931-uygj
vulnerability_id VCID-kjka-a931-uygj
summary 
Decompression-bomb safeguards bypassed when following HTTP redirects (streaming API)
### Impact

urllib3's [streaming API](https://urllib3.readthedocs.io/en/2.6.2/advanced-usage.html#streaming-and-i-o) is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once.

urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption.

However, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client (high CPU usage and large memory allocations for decompressed data; CWE-409).

### Affected usages

Applications and libraries using urllib3 version 2.6.2 and earlier to stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects.


### Remediation

Upgrade to at least urllib3 v2.6.3 in which the library does not decode content of redirect responses when `preload_content=False`.

If upgrading is not immediately possible, disable [redirects](https://urllib3.readthedocs.io/en/2.6.2/user-guide.html#retrying-requests) by setting `redirect=False` for requests to untrusted source.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21441.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21441.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-21441
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07515
published_at 2026-04-18T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07527
published_at 2026-04-16T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07602
published_at 2026-04-13T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07616
published_at 2026-04-12T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07629
published_at 2026-04-11T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.0761
published_at 2026-04-08T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07552
published_at 2026-04-07T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07575
published_at 2026-04-04T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07535
published_at 2026-04-02T12:55:00Z
9
value 0.0003
scoring_system epss
scoring_elements 0.08719
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-21441
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21441
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21441
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/urllib3/urllib3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3
5
reference_url https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-08T20:08:04Z/
url https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b
6
reference_url https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-08T20:08:04Z/
url https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99
7
reference_url https://lists.debian.org/debian-lts-announce/2026/01/msg00017.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2026/01/msg00017.html
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-21441
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-21441
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125062
reference_id 1125062
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125062
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2427726
reference_id 2427726
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2427726
11
reference_url https://github.com/advisories/GHSA-38jv-5279-wg99
reference_id GHSA-38jv-5279-wg99
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-38jv-5279-wg99
12
reference_url https://access.redhat.com/errata/RHSA-2026:0981
reference_id RHSA-2026:0981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0981
13
reference_url https://access.redhat.com/errata/RHSA-2026:0990
reference_id RHSA-2026:0990
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0990
14
reference_url https://access.redhat.com/errata/RHSA-2026:10184
reference_id RHSA-2026:10184
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10184
15
reference_url https://access.redhat.com/errata/RHSA-2026:1038
reference_id RHSA-2026:1038
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1038
16
reference_url https://access.redhat.com/errata/RHSA-2026:1041
reference_id RHSA-2026:1041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1041
17
reference_url https://access.redhat.com/errata/RHSA-2026:1042
reference_id RHSA-2026:1042
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1042
18
reference_url https://access.redhat.com/errata/RHSA-2026:1086
reference_id RHSA-2026:1086
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1086
19
reference_url https://access.redhat.com/errata/RHSA-2026:1087
reference_id RHSA-2026:1087
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1087
20
reference_url https://access.redhat.com/errata/RHSA-2026:1088
reference_id RHSA-2026:1088
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1088
21
reference_url https://access.redhat.com/errata/RHSA-2026:1089
reference_id RHSA-2026:1089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1089
22
reference_url https://access.redhat.com/errata/RHSA-2026:1166
reference_id RHSA-2026:1166
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1166
23
reference_url https://access.redhat.com/errata/RHSA-2026:1168
reference_id RHSA-2026:1168
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1168
24
reference_url https://access.redhat.com/errata/RHSA-2026:1176
reference_id RHSA-2026:1176
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1176
25
reference_url https://access.redhat.com/errata/RHSA-2026:1224
reference_id RHSA-2026:1224
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1224
26
reference_url https://access.redhat.com/errata/RHSA-2026:1226
reference_id RHSA-2026:1226
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1226
27
reference_url https://access.redhat.com/errata/RHSA-2026:1239
reference_id RHSA-2026:1239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1239
28
reference_url https://access.redhat.com/errata/RHSA-2026:1240
reference_id RHSA-2026:1240
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1240
29
reference_url https://access.redhat.com/errata/RHSA-2026:1241
reference_id RHSA-2026:1241
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1241
30
reference_url https://access.redhat.com/errata/RHSA-2026:1254
reference_id RHSA-2026:1254
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1254
31
reference_url https://access.redhat.com/errata/RHSA-2026:1485
reference_id RHSA-2026:1485
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1485
32
reference_url https://access.redhat.com/errata/RHSA-2026:1504
reference_id RHSA-2026:1504
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1504
33
reference_url https://access.redhat.com/errata/RHSA-2026:1546
reference_id RHSA-2026:1546
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1546
34
reference_url https://access.redhat.com/errata/RHSA-2026:1596
reference_id RHSA-2026:1596
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1596
35
reference_url https://access.redhat.com/errata/RHSA-2026:1599
reference_id RHSA-2026:1599
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1599
36
reference_url https://access.redhat.com/errata/RHSA-2026:1609
reference_id RHSA-2026:1609
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1609
37
reference_url https://access.redhat.com/errata/RHSA-2026:1618
reference_id RHSA-2026:1618
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1618
38
reference_url https://access.redhat.com/errata/RHSA-2026:1619
reference_id RHSA-2026:1619
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1619
39
reference_url https://access.redhat.com/errata/RHSA-2026:1652
reference_id RHSA-2026:1652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1652
40
reference_url https://access.redhat.com/errata/RHSA-2026:1674
reference_id RHSA-2026:1674
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1674
41
reference_url https://access.redhat.com/errata/RHSA-2026:1676
reference_id RHSA-2026:1676
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1676
42
reference_url https://access.redhat.com/errata/RHSA-2026:1693
reference_id RHSA-2026:1693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1693
43
reference_url https://access.redhat.com/errata/RHSA-2026:1704
reference_id RHSA-2026:1704
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1704
44
reference_url https://access.redhat.com/errata/RHSA-2026:1706
reference_id RHSA-2026:1706
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1706
45
reference_url https://access.redhat.com/errata/RHSA-2026:1712
reference_id RHSA-2026:1712
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1712
46
reference_url https://access.redhat.com/errata/RHSA-2026:1717
reference_id RHSA-2026:1717
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1717
47
reference_url https://access.redhat.com/errata/RHSA-2026:1726
reference_id RHSA-2026:1726
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1726
48
reference_url https://access.redhat.com/errata/RHSA-2026:1729
reference_id RHSA-2026:1729
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1729
49
reference_url https://access.redhat.com/errata/RHSA-2026:1730
reference_id RHSA-2026:1730
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1730
50
reference_url https://access.redhat.com/errata/RHSA-2026:1734
reference_id RHSA-2026:1734
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1734
51
reference_url https://access.redhat.com/errata/RHSA-2026:1735
reference_id RHSA-2026:1735
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1735
52
reference_url https://access.redhat.com/errata/RHSA-2026:1736
reference_id RHSA-2026:1736
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1736
53
reference_url https://access.redhat.com/errata/RHSA-2026:1791
reference_id RHSA-2026:1791
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1791
54
reference_url https://access.redhat.com/errata/RHSA-2026:1792
reference_id RHSA-2026:1792
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1792
55
reference_url https://access.redhat.com/errata/RHSA-2026:1793
reference_id RHSA-2026:1793
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1793
56
reference_url https://access.redhat.com/errata/RHSA-2026:1794
reference_id RHSA-2026:1794
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1794
57
reference_url https://access.redhat.com/errata/RHSA-2026:1803
reference_id RHSA-2026:1803
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1803
58
reference_url https://access.redhat.com/errata/RHSA-2026:1805
reference_id RHSA-2026:1805
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1805
59
reference_url https://access.redhat.com/errata/RHSA-2026:1942
reference_id RHSA-2026:1942
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1942
60
reference_url https://access.redhat.com/errata/RHSA-2026:1957
reference_id RHSA-2026:1957
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1957
61
reference_url https://access.redhat.com/errata/RHSA-2026:2106
reference_id RHSA-2026:2106
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2106
62
reference_url https://access.redhat.com/errata/RHSA-2026:2126
reference_id RHSA-2026:2126
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2126
63
reference_url https://access.redhat.com/errata/RHSA-2026:2137
reference_id RHSA-2026:2137
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2137
64
reference_url https://access.redhat.com/errata/RHSA-2026:2139
reference_id RHSA-2026:2139
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2139
65
reference_url https://access.redhat.com/errata/RHSA-2026:2144
reference_id RHSA-2026:2144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2144
66
reference_url https://access.redhat.com/errata/RHSA-2026:2256
reference_id RHSA-2026:2256
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2256
67
reference_url https://access.redhat.com/errata/RHSA-2026:2456
reference_id RHSA-2026:2456
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2456
68
reference_url https://access.redhat.com/errata/RHSA-2026:2500
reference_id RHSA-2026:2500
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2500
69
reference_url https://access.redhat.com/errata/RHSA-2026:2563
reference_id RHSA-2026:2563
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2563
70
reference_url https://access.redhat.com/errata/RHSA-2026:2681
reference_id RHSA-2026:2681
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2681
71
reference_url https://access.redhat.com/errata/RHSA-2026:2695
reference_id RHSA-2026:2695
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2695
72
reference_url https://access.redhat.com/errata/RHSA-2026:2717
reference_id RHSA-2026:2717
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2717
73
reference_url https://access.redhat.com/errata/RHSA-2026:2718
reference_id RHSA-2026:2718
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2718
74
reference_url https://access.redhat.com/errata/RHSA-2026:2723
reference_id RHSA-2026:2723
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2723
75
reference_url https://access.redhat.com/errata/RHSA-2026:2728
reference_id RHSA-2026:2728
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2728
76
reference_url https://access.redhat.com/errata/RHSA-2026:2760
reference_id RHSA-2026:2760
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2760
77
reference_url https://access.redhat.com/errata/RHSA-2026:2762
reference_id RHSA-2026:2762
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2762
78
reference_url https://access.redhat.com/errata/RHSA-2026:2764
reference_id RHSA-2026:2764
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2764
79
reference_url https://access.redhat.com/errata/RHSA-2026:2765
reference_id RHSA-2026:2765
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2765
80
reference_url https://access.redhat.com/errata/RHSA-2026:2900
reference_id RHSA-2026:2900
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2900
81
reference_url https://access.redhat.com/errata/RHSA-2026:2911
reference_id RHSA-2026:2911
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2911
82
reference_url https://access.redhat.com/errata/RHSA-2026:2919
reference_id RHSA-2026:2919
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2919
83
reference_url https://access.redhat.com/errata/RHSA-2026:2924
reference_id RHSA-2026:2924
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2924
84
reference_url https://access.redhat.com/errata/RHSA-2026:2925
reference_id RHSA-2026:2925
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2925
85
reference_url https://access.redhat.com/errata/RHSA-2026:2926
reference_id RHSA-2026:2926
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2926
86
reference_url https://access.redhat.com/errata/RHSA-2026:3296
reference_id RHSA-2026:3296
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3296
87
reference_url https://access.redhat.com/errata/RHSA-2026:3406
reference_id RHSA-2026:3406
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3406
88
reference_url https://access.redhat.com/errata/RHSA-2026:3444
reference_id RHSA-2026:3444
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3444
89
reference_url https://access.redhat.com/errata/RHSA-2026:3461
reference_id RHSA-2026:3461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3461
90
reference_url https://access.redhat.com/errata/RHSA-2026:3462
reference_id RHSA-2026:3462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3462
91
reference_url https://access.redhat.com/errata/RHSA-2026:3713
reference_id RHSA-2026:3713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3713
92
reference_url https://access.redhat.com/errata/RHSA-2026:3782
reference_id RHSA-2026:3782
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3782
93
reference_url https://access.redhat.com/errata/RHSA-2026:3869
reference_id RHSA-2026:3869
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3869
94
reference_url https://access.redhat.com/errata/RHSA-2026:3874
reference_id RHSA-2026:3874
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3874
95
reference_url https://access.redhat.com/errata/RHSA-2026:3884
reference_id RHSA-2026:3884
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3884
96
reference_url https://access.redhat.com/errata/RHSA-2026:3960
reference_id RHSA-2026:3960
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3960
97
reference_url https://access.redhat.com/errata/RHSA-2026:4185
reference_id RHSA-2026:4185
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4185
98
reference_url https://access.redhat.com/errata/RHSA-2026:4215
reference_id RHSA-2026:4215
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4215
99
reference_url https://access.redhat.com/errata/RHSA-2026:4271
reference_id RHSA-2026:4271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4271
100
reference_url https://access.redhat.com/errata/RHSA-2026:4466
reference_id RHSA-2026:4466
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4466
101
reference_url https://access.redhat.com/errata/RHSA-2026:4467
reference_id RHSA-2026:4467
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4467
102
reference_url https://access.redhat.com/errata/RHSA-2026:5459
reference_id RHSA-2026:5459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5459
103
reference_url https://access.redhat.com/errata/RHSA-2026:6287
reference_id RHSA-2026:6287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6287
104
reference_url https://access.redhat.com/errata/RHSA-2026:6292
reference_id RHSA-2026:6292
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6292
105
reference_url https://access.redhat.com/errata/RHSA-2026:8151
reference_id RHSA-2026:8151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8151
106
reference_url https://access.redhat.com/errata/RHSA-2026:8500
reference_id RHSA-2026:8500
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8500
107
reference_url https://access.redhat.com/errata/RHSA-2026:8501
reference_id RHSA-2026:8501
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8501
108
reference_url https://usn.ubuntu.com/7955-1/
reference_id USN-7955-1
reference_type
scores
url https://usn.ubuntu.com/7955-1/
109
reference_url https://usn.ubuntu.com/7955-2/
reference_id USN-7955-2
reference_type
scores
url https://usn.ubuntu.com/7955-2/
110
reference_url https://usn.ubuntu.com/8010-1/
reference_id USN-8010-1
reference_type
scores
url https://usn.ubuntu.com/8010-1/
fixed_packages
aliases CVE-2026-21441, GHSA-38jv-5279-wg99
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kjka-a931-uygj
1
url VCID-v365-pn8r-e7dh
vulnerability_id VCID-v365-pn8r-e7dh
summary 
urllib3 allows an unbounded number of links in the decompression chain
urllib3 supports chained HTTP encoding algorithms for response content according to RFC 9110 (e.g., `Content-Encoding: gzip, zstd`).

However, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps leading to high CPU usage and massive memory allocation for the decompressed data.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66418.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66418.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-66418
reference_id
reference_type
scores
0
value 0.00029
scoring_system epss
scoring_elements 0.08131
published_at 2026-04-04T12:55:00Z
1
value 0.00029
scoring_system epss
scoring_elements 0.08088
published_at 2026-04-02T12:55:00Z
2
value 0.00033
scoring_system epss
scoring_elements 0.09724
published_at 2026-04-21T12:55:00Z
3
value 0.00033
scoring_system epss
scoring_elements 0.09635
published_at 2026-04-07T12:55:00Z
4
value 0.00033
scoring_system epss
scoring_elements 0.09706
published_at 2026-04-08T12:55:00Z
5
value 0.00033
scoring_system epss
scoring_elements 0.09755
published_at 2026-04-09T12:55:00Z
6
value 0.00033
scoring_system epss
scoring_elements 0.09767
published_at 2026-04-11T12:55:00Z
7
value 0.00033
scoring_system epss
scoring_elements 0.09734
published_at 2026-04-12T12:55:00Z
8
value 0.00033
scoring_system epss
scoring_elements 0.09718
published_at 2026-04-13T12:55:00Z
9
value 0.00033
scoring_system epss
scoring_elements 0.09606
published_at 2026-04-16T12:55:00Z
10
value 0.00033
scoring_system epss
scoring_elements 0.09577
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-66418
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66418
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66418
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/urllib3/urllib3
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3
5
reference_url https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-05T16:15:39Z/
url https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122030
reference_id 1122030
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122030
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2419455
reference_id 2419455
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2419455
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-66418
reference_id CVE-2025-66418
reference_type
scores
0
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-66418
9
reference_url https://github.com/advisories/GHSA-gm62-xv2j-4w53
reference_id GHSA-gm62-xv2j-4w53
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gm62-xv2j-4w53
10
reference_url https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53
reference_id GHSA-gm62-xv2j-4w53
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-05T16:15:39Z/
url https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53
11
reference_url https://access.redhat.com/errata/RHSA-2026:0050
reference_id RHSA-2026:0050
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0050
12
reference_url https://access.redhat.com/errata/RHSA-2026:0414
reference_id RHSA-2026:0414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0414
13
reference_url https://access.redhat.com/errata/RHSA-2026:0990
reference_id RHSA-2026:0990
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0990
14
reference_url https://access.redhat.com/errata/RHSA-2026:10184
reference_id RHSA-2026:10184
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10184
15
reference_url https://access.redhat.com/errata/RHSA-2026:1026
reference_id RHSA-2026:1026
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1026
16
reference_url https://access.redhat.com/errata/RHSA-2026:1027
reference_id RHSA-2026:1027
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1027
17
reference_url https://access.redhat.com/errata/RHSA-2026:1041
reference_id RHSA-2026:1041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1041
18
reference_url https://access.redhat.com/errata/RHSA-2026:1042
reference_id RHSA-2026:1042
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1042
19
reference_url https://access.redhat.com/errata/RHSA-2026:1086
reference_id RHSA-2026:1086
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1086
20
reference_url https://access.redhat.com/errata/RHSA-2026:1087
reference_id RHSA-2026:1087
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1087
21
reference_url https://access.redhat.com/errata/RHSA-2026:1088
reference_id RHSA-2026:1088
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1088
22
reference_url https://access.redhat.com/errata/RHSA-2026:1089
reference_id RHSA-2026:1089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1089
23
reference_url https://access.redhat.com/errata/RHSA-2026:1168
reference_id RHSA-2026:1168
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1168
24
reference_url https://access.redhat.com/errata/RHSA-2026:1176
reference_id RHSA-2026:1176
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1176
25
reference_url https://access.redhat.com/errata/RHSA-2026:1224
reference_id RHSA-2026:1224
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1224
26
reference_url https://access.redhat.com/errata/RHSA-2026:1226
reference_id RHSA-2026:1226
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1226
27
reference_url https://access.redhat.com/errata/RHSA-2026:1239
reference_id RHSA-2026:1239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1239
28
reference_url https://access.redhat.com/errata/RHSA-2026:1240
reference_id RHSA-2026:1240
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1240
29
reference_url https://access.redhat.com/errata/RHSA-2026:1241
reference_id RHSA-2026:1241
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1241
30
reference_url https://access.redhat.com/errata/RHSA-2026:1254
reference_id RHSA-2026:1254
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1254
31
reference_url https://access.redhat.com/errata/RHSA-2026:1329
reference_id RHSA-2026:1329
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1329
32
reference_url https://access.redhat.com/errata/RHSA-2026:1330
reference_id RHSA-2026:1330
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1330
33
reference_url https://access.redhat.com/errata/RHSA-2026:1331
reference_id RHSA-2026:1331
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1331
34
reference_url https://access.redhat.com/errata/RHSA-2026:1332
reference_id RHSA-2026:1332
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1332
35
reference_url https://access.redhat.com/errata/RHSA-2026:1336
reference_id RHSA-2026:1336
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1336
36
reference_url https://access.redhat.com/errata/RHSA-2026:1337
reference_id RHSA-2026:1337
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1337
37
reference_url https://access.redhat.com/errata/RHSA-2026:1338
reference_id RHSA-2026:1338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1338
38
reference_url https://access.redhat.com/errata/RHSA-2026:1339
reference_id RHSA-2026:1339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1339
39
reference_url https://access.redhat.com/errata/RHSA-2026:1340
reference_id RHSA-2026:1340
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1340
40
reference_url https://access.redhat.com/errata/RHSA-2026:1485
reference_id RHSA-2026:1485
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1485
41
reference_url https://access.redhat.com/errata/RHSA-2026:1504
reference_id RHSA-2026:1504
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1504
42
reference_url https://access.redhat.com/errata/RHSA-2026:1546
reference_id RHSA-2026:1546
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1546
43
reference_url https://access.redhat.com/errata/RHSA-2026:1618
reference_id RHSA-2026:1618
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1618
44
reference_url https://access.redhat.com/errata/RHSA-2026:1619
reference_id RHSA-2026:1619
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1619
45
reference_url https://access.redhat.com/errata/RHSA-2026:1652
reference_id RHSA-2026:1652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1652
46
reference_url https://access.redhat.com/errata/RHSA-2026:1674
reference_id RHSA-2026:1674
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1674
47
reference_url https://access.redhat.com/errata/RHSA-2026:1676
reference_id RHSA-2026:1676
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1676
48
reference_url https://access.redhat.com/errata/RHSA-2026:1693
reference_id RHSA-2026:1693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1693
49
reference_url https://access.redhat.com/errata/RHSA-2026:1701
reference_id RHSA-2026:1701
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1701
50
reference_url https://access.redhat.com/errata/RHSA-2026:1702
reference_id RHSA-2026:1702
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1702
51
reference_url https://access.redhat.com/errata/RHSA-2026:1704
reference_id RHSA-2026:1704
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1704
52
reference_url https://access.redhat.com/errata/RHSA-2026:1712
reference_id RHSA-2026:1712
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1712
53
reference_url https://access.redhat.com/errata/RHSA-2026:1726
reference_id RHSA-2026:1726
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1726
54
reference_url https://access.redhat.com/errata/RHSA-2026:1729
reference_id RHSA-2026:1729
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1729
55
reference_url https://access.redhat.com/errata/RHSA-2026:1730
reference_id RHSA-2026:1730
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1730
56
reference_url https://access.redhat.com/errata/RHSA-2026:1736
reference_id RHSA-2026:1736
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1736
57
reference_url https://access.redhat.com/errata/RHSA-2026:1942
reference_id RHSA-2026:1942
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1942
58
reference_url https://access.redhat.com/errata/RHSA-2026:1957
reference_id RHSA-2026:1957
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1957
59
reference_url https://access.redhat.com/errata/RHSA-2026:2106
reference_id RHSA-2026:2106
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2106
60
reference_url https://access.redhat.com/errata/RHSA-2026:2126
reference_id RHSA-2026:2126
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2126
61
reference_url https://access.redhat.com/errata/RHSA-2026:2137
reference_id RHSA-2026:2137
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2137
62
reference_url https://access.redhat.com/errata/RHSA-2026:2139
reference_id RHSA-2026:2139
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2139
63
reference_url https://access.redhat.com/errata/RHSA-2026:2144
reference_id RHSA-2026:2144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2144
64
reference_url https://access.redhat.com/errata/RHSA-2026:2256
reference_id RHSA-2026:2256
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2256
65
reference_url https://access.redhat.com/errata/RHSA-2026:2279
reference_id RHSA-2026:2279
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2279
66
reference_url https://access.redhat.com/errata/RHSA-2026:2456
reference_id RHSA-2026:2456
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2456
67
reference_url https://access.redhat.com/errata/RHSA-2026:2500
reference_id RHSA-2026:2500
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2500
68
reference_url https://access.redhat.com/errata/RHSA-2026:2563
reference_id RHSA-2026:2563
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2563
69
reference_url https://access.redhat.com/errata/RHSA-2026:2681
reference_id RHSA-2026:2681
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2681
70
reference_url https://access.redhat.com/errata/RHSA-2026:2695
reference_id RHSA-2026:2695
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2695
71
reference_url https://access.redhat.com/errata/RHSA-2026:2717
reference_id RHSA-2026:2717
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2717
72
reference_url https://access.redhat.com/errata/RHSA-2026:2718
reference_id RHSA-2026:2718
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2718
73
reference_url https://access.redhat.com/errata/RHSA-2026:2723
reference_id RHSA-2026:2723
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2723
74
reference_url https://access.redhat.com/errata/RHSA-2026:2728
reference_id RHSA-2026:2728
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2728
75
reference_url https://access.redhat.com/errata/RHSA-2026:2737
reference_id RHSA-2026:2737
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2737
76
reference_url https://access.redhat.com/errata/RHSA-2026:2754
reference_id RHSA-2026:2754
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2754
77
reference_url https://access.redhat.com/errata/RHSA-2026:2762
reference_id RHSA-2026:2762
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2762
78
reference_url https://access.redhat.com/errata/RHSA-2026:2764
reference_id RHSA-2026:2764
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2764
79
reference_url https://access.redhat.com/errata/RHSA-2026:2765
reference_id RHSA-2026:2765
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2765
80
reference_url https://access.redhat.com/errata/RHSA-2026:2800
reference_id RHSA-2026:2800
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2800
81
reference_url https://access.redhat.com/errata/RHSA-2026:2900
reference_id RHSA-2026:2900
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2900
82
reference_url https://access.redhat.com/errata/RHSA-2026:2919
reference_id RHSA-2026:2919
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2919
83
reference_url https://access.redhat.com/errata/RHSA-2026:2924
reference_id RHSA-2026:2924
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2924
84
reference_url https://access.redhat.com/errata/RHSA-2026:2925
reference_id RHSA-2026:2925
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2925
85
reference_url https://access.redhat.com/errata/RHSA-2026:2926
reference_id RHSA-2026:2926
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2926
86
reference_url https://access.redhat.com/errata/RHSA-2026:3296
reference_id RHSA-2026:3296
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3296
87
reference_url https://access.redhat.com/errata/RHSA-2026:3406
reference_id RHSA-2026:3406
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3406
88
reference_url https://access.redhat.com/errata/RHSA-2026:3444
reference_id RHSA-2026:3444
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3444
89
reference_url https://access.redhat.com/errata/RHSA-2026:3461
reference_id RHSA-2026:3461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3461
90
reference_url https://access.redhat.com/errata/RHSA-2026:3462
reference_id RHSA-2026:3462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3462
91
reference_url https://access.redhat.com/errata/RHSA-2026:3713
reference_id RHSA-2026:3713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3713
92
reference_url https://access.redhat.com/errata/RHSA-2026:3782
reference_id RHSA-2026:3782
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3782
93
reference_url https://access.redhat.com/errata/RHSA-2026:3869
reference_id RHSA-2026:3869
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3869
94
reference_url https://access.redhat.com/errata/RHSA-2026:3874
reference_id RHSA-2026:3874
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3874
95
reference_url https://access.redhat.com/errata/RHSA-2026:4185
reference_id RHSA-2026:4185
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4185
96
reference_url https://access.redhat.com/errata/RHSA-2026:4215
reference_id RHSA-2026:4215
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4215
97
reference_url https://access.redhat.com/errata/RHSA-2026:4271
reference_id RHSA-2026:4271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4271
98
reference_url https://access.redhat.com/errata/RHSA-2026:4466
reference_id RHSA-2026:4466
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4466
99
reference_url https://access.redhat.com/errata/RHSA-2026:4467
reference_id RHSA-2026:4467
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4467
100
reference_url https://access.redhat.com/errata/RHSA-2026:5807
reference_id RHSA-2026:5807
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5807
101
reference_url https://access.redhat.com/errata/RHSA-2026:6292
reference_id RHSA-2026:6292
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6292
102
reference_url https://usn.ubuntu.com/7927-1/
reference_id USN-7927-1
reference_type
scores
url https://usn.ubuntu.com/7927-1/
103
reference_url https://usn.ubuntu.com/8010-1/
reference_id USN-8010-1
reference_type
scores
url https://usn.ubuntu.com/8010-1/
fixed_packages
aliases CVE-2025-66418, GHSA-gm62-xv2j-4w53
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v365-pn8r-e7dh
2
url VCID-zevs-1ge5-y7g7
vulnerability_id VCID-zevs-1ge5-y7g7
summary 
urllib3 streaming API improperly handles highly compressed data
urllib3's [streaming API](https://urllib3.readthedocs.io/en/2.5.0/advanced-usage.html#streaming-and-i-o) is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once.

When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation.

The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66471.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66471.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-66471
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.0744
published_at 2026-04-02T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07482
published_at 2026-04-04T12:55:00Z
2
value 0.00031
scoring_system epss
scoring_elements 0.08985
published_at 2026-04-13T12:55:00Z
3
value 0.00031
scoring_system epss
scoring_elements 0.08998
published_at 2026-04-21T12:55:00Z
4
value 0.00031
scoring_system epss
scoring_elements 0.09034
published_at 2026-04-11T12:55:00Z
5
value 0.00031
scoring_system epss
scoring_elements 0.09002
published_at 2026-04-08T12:55:00Z
6
value 0.00031
scoring_system epss
scoring_elements 0.08924
published_at 2026-04-07T12:55:00Z
7
value 0.00031
scoring_system epss
scoring_elements 0.08852
published_at 2026-04-18T12:55:00Z
8
value 0.00031
scoring_system epss
scoring_elements 0.08877
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-66471
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66471
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66471
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/urllib3/urllib3
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3
5
reference_url https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-05T19:32:57Z/
url https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122029
reference_id 1122029
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122029
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2419467
reference_id 2419467
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2419467
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-66471
reference_id CVE-2025-66471
reference_type
scores
0
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-66471
9
reference_url https://github.com/advisories/GHSA-2xpw-w6gg-jr37
reference_id GHSA-2xpw-w6gg-jr37
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2xpw-w6gg-jr37
10
reference_url https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37
reference_id GHSA-2xpw-w6gg-jr37
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-05T19:32:57Z/
url https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37
11
reference_url https://access.redhat.com/errata/RHSA-2026:0981
reference_id RHSA-2026:0981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0981
12
reference_url https://access.redhat.com/errata/RHSA-2026:0990
reference_id RHSA-2026:0990
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0990
13
reference_url https://access.redhat.com/errata/RHSA-2026:10184
reference_id RHSA-2026:10184
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10184
14
reference_url https://access.redhat.com/errata/RHSA-2026:1038
reference_id RHSA-2026:1038
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1038
15
reference_url https://access.redhat.com/errata/RHSA-2026:1041
reference_id RHSA-2026:1041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1041
16
reference_url https://access.redhat.com/errata/RHSA-2026:1042
reference_id RHSA-2026:1042
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1042
17
reference_url https://access.redhat.com/errata/RHSA-2026:1086
reference_id RHSA-2026:1086
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1086
18
reference_url https://access.redhat.com/errata/RHSA-2026:1087
reference_id RHSA-2026:1087
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1087
19
reference_url https://access.redhat.com/errata/RHSA-2026:1088
reference_id RHSA-2026:1088
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1088
20
reference_url https://access.redhat.com/errata/RHSA-2026:1089
reference_id RHSA-2026:1089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1089
21
reference_url https://access.redhat.com/errata/RHSA-2026:1166
reference_id RHSA-2026:1166
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1166
22
reference_url https://access.redhat.com/errata/RHSA-2026:1168
reference_id RHSA-2026:1168
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1168
23
reference_url https://access.redhat.com/errata/RHSA-2026:1176
reference_id RHSA-2026:1176
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1176
24
reference_url https://access.redhat.com/errata/RHSA-2026:1224
reference_id RHSA-2026:1224
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1224
25
reference_url https://access.redhat.com/errata/RHSA-2026:1226
reference_id RHSA-2026:1226
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1226
26
reference_url https://access.redhat.com/errata/RHSA-2026:1239
reference_id RHSA-2026:1239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1239
27
reference_url https://access.redhat.com/errata/RHSA-2026:1240
reference_id RHSA-2026:1240
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1240
28
reference_url https://access.redhat.com/errata/RHSA-2026:1241
reference_id RHSA-2026:1241
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1241
29
reference_url https://access.redhat.com/errata/RHSA-2026:1249
reference_id RHSA-2026:1249
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1249
30
reference_url https://access.redhat.com/errata/RHSA-2026:1254
reference_id RHSA-2026:1254
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1254
31
reference_url https://access.redhat.com/errata/RHSA-2026:1485
reference_id RHSA-2026:1485
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1485
32
reference_url https://access.redhat.com/errata/RHSA-2026:1497
reference_id RHSA-2026:1497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1497
33
reference_url https://access.redhat.com/errata/RHSA-2026:1504
reference_id RHSA-2026:1504
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1504
34
reference_url https://access.redhat.com/errata/RHSA-2026:1506
reference_id RHSA-2026:1506
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1506
35
reference_url https://access.redhat.com/errata/RHSA-2026:1546
reference_id RHSA-2026:1546
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1546
36
reference_url https://access.redhat.com/errata/RHSA-2026:1596
reference_id RHSA-2026:1596
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1596
37
reference_url https://access.redhat.com/errata/RHSA-2026:1599
reference_id RHSA-2026:1599
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1599
38
reference_url https://access.redhat.com/errata/RHSA-2026:1600
reference_id RHSA-2026:1600
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1600
39
reference_url https://access.redhat.com/errata/RHSA-2026:1609
reference_id RHSA-2026:1609
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1609
40
reference_url https://access.redhat.com/errata/RHSA-2026:1618
reference_id RHSA-2026:1618
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1618
41
reference_url https://access.redhat.com/errata/RHSA-2026:1619
reference_id RHSA-2026:1619
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1619
42
reference_url https://access.redhat.com/errata/RHSA-2026:1652
reference_id RHSA-2026:1652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1652
43
reference_url https://access.redhat.com/errata/RHSA-2026:1674
reference_id RHSA-2026:1674
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1674
44
reference_url https://access.redhat.com/errata/RHSA-2026:1676
reference_id RHSA-2026:1676
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1676
45
reference_url https://access.redhat.com/errata/RHSA-2026:1693
reference_id RHSA-2026:1693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1693
46
reference_url https://access.redhat.com/errata/RHSA-2026:1704
reference_id RHSA-2026:1704
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1704
47
reference_url https://access.redhat.com/errata/RHSA-2026:1706
reference_id RHSA-2026:1706
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1706
48
reference_url https://access.redhat.com/errata/RHSA-2026:1712
reference_id RHSA-2026:1712
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1712
49
reference_url https://access.redhat.com/errata/RHSA-2026:1717
reference_id RHSA-2026:1717
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1717
50
reference_url https://access.redhat.com/errata/RHSA-2026:1726
reference_id RHSA-2026:1726
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1726
51
reference_url https://access.redhat.com/errata/RHSA-2026:1729
reference_id RHSA-2026:1729
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1729
52
reference_url https://access.redhat.com/errata/RHSA-2026:1730
reference_id RHSA-2026:1730
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1730
53
reference_url https://access.redhat.com/errata/RHSA-2026:1734
reference_id RHSA-2026:1734
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1734
54
reference_url https://access.redhat.com/errata/RHSA-2026:1735
reference_id RHSA-2026:1735
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1735
55
reference_url https://access.redhat.com/errata/RHSA-2026:1736
reference_id RHSA-2026:1736
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1736
56
reference_url https://access.redhat.com/errata/RHSA-2026:1791
reference_id RHSA-2026:1791
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1791
57
reference_url https://access.redhat.com/errata/RHSA-2026:1792
reference_id RHSA-2026:1792
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1792
58
reference_url https://access.redhat.com/errata/RHSA-2026:1793
reference_id RHSA-2026:1793
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1793
59
reference_url https://access.redhat.com/errata/RHSA-2026:1794
reference_id RHSA-2026:1794
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1794
60
reference_url https://access.redhat.com/errata/RHSA-2026:1795
reference_id RHSA-2026:1795
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1795
61
reference_url https://access.redhat.com/errata/RHSA-2026:1803
reference_id RHSA-2026:1803
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1803
62
reference_url https://access.redhat.com/errata/RHSA-2026:1805
reference_id RHSA-2026:1805
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1805
63
reference_url https://access.redhat.com/errata/RHSA-2026:1942
reference_id RHSA-2026:1942
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1942
64
reference_url https://access.redhat.com/errata/RHSA-2026:1957
reference_id RHSA-2026:1957
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1957
65
reference_url https://access.redhat.com/errata/RHSA-2026:2060
reference_id RHSA-2026:2060
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2060
66
reference_url https://access.redhat.com/errata/RHSA-2026:2106
reference_id RHSA-2026:2106
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2106
67
reference_url https://access.redhat.com/errata/RHSA-2026:2126
reference_id RHSA-2026:2126
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2126
68
reference_url https://access.redhat.com/errata/RHSA-2026:2137
reference_id RHSA-2026:2137
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2137
69
reference_url https://access.redhat.com/errata/RHSA-2026:2139
reference_id RHSA-2026:2139
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2139
70
reference_url https://access.redhat.com/errata/RHSA-2026:2144
reference_id RHSA-2026:2144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2144
71
reference_url https://access.redhat.com/errata/RHSA-2026:2256
reference_id RHSA-2026:2256
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2256
72
reference_url https://access.redhat.com/errata/RHSA-2026:2456
reference_id RHSA-2026:2456
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2456
73
reference_url https://access.redhat.com/errata/RHSA-2026:2500
reference_id RHSA-2026:2500
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2500
74
reference_url https://access.redhat.com/errata/RHSA-2026:2563
reference_id RHSA-2026:2563
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2563
75
reference_url https://access.redhat.com/errata/RHSA-2026:2681
reference_id RHSA-2026:2681
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2681
76
reference_url https://access.redhat.com/errata/RHSA-2026:2695
reference_id RHSA-2026:2695
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2695
77
reference_url https://access.redhat.com/errata/RHSA-2026:2717
reference_id RHSA-2026:2717
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2717
78
reference_url https://access.redhat.com/errata/RHSA-2026:2718
reference_id RHSA-2026:2718
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2718
79
reference_url https://access.redhat.com/errata/RHSA-2026:2723
reference_id RHSA-2026:2723
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2723
80
reference_url https://access.redhat.com/errata/RHSA-2026:2728
reference_id RHSA-2026:2728
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2728
81
reference_url https://access.redhat.com/errata/RHSA-2026:2737
reference_id RHSA-2026:2737
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2737
82
reference_url https://access.redhat.com/errata/RHSA-2026:2760
reference_id RHSA-2026:2760
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2760
83
reference_url https://access.redhat.com/errata/RHSA-2026:2762
reference_id RHSA-2026:2762
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2762
84
reference_url https://access.redhat.com/errata/RHSA-2026:2764
reference_id RHSA-2026:2764
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2764
85
reference_url https://access.redhat.com/errata/RHSA-2026:2765
reference_id RHSA-2026:2765
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2765
86
reference_url https://access.redhat.com/errata/RHSA-2026:2800
reference_id RHSA-2026:2800
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2800
87
reference_url https://access.redhat.com/errata/RHSA-2026:2900
reference_id RHSA-2026:2900
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2900
88
reference_url https://access.redhat.com/errata/RHSA-2026:2919
reference_id RHSA-2026:2919
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2919
89
reference_url https://access.redhat.com/errata/RHSA-2026:2924
reference_id RHSA-2026:2924
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2924
90
reference_url https://access.redhat.com/errata/RHSA-2026:2925
reference_id RHSA-2026:2925
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2925
91
reference_url https://access.redhat.com/errata/RHSA-2026:2926
reference_id RHSA-2026:2926
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2926
92
reference_url https://access.redhat.com/errata/RHSA-2026:3296
reference_id RHSA-2026:3296
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3296
93
reference_url https://access.redhat.com/errata/RHSA-2026:3406
reference_id RHSA-2026:3406
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3406
94
reference_url https://access.redhat.com/errata/RHSA-2026:3444
reference_id RHSA-2026:3444
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3444
95
reference_url https://access.redhat.com/errata/RHSA-2026:3461
reference_id RHSA-2026:3461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3461
96
reference_url https://access.redhat.com/errata/RHSA-2026:3462
reference_id RHSA-2026:3462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3462
97
reference_url https://access.redhat.com/errata/RHSA-2026:3713
reference_id RHSA-2026:3713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3713
98
reference_url https://access.redhat.com/errata/RHSA-2026:3782
reference_id RHSA-2026:3782
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3782
99
reference_url https://access.redhat.com/errata/RHSA-2026:3869
reference_id RHSA-2026:3869
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3869
100
reference_url https://access.redhat.com/errata/RHSA-2026:3874
reference_id RHSA-2026:3874
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3874
101
reference_url https://access.redhat.com/errata/RHSA-2026:3960
reference_id RHSA-2026:3960
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3960
102
reference_url https://access.redhat.com/errata/RHSA-2026:4185
reference_id RHSA-2026:4185
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4185
103
reference_url https://access.redhat.com/errata/RHSA-2026:4215
reference_id RHSA-2026:4215
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4215
104
reference_url https://access.redhat.com/errata/RHSA-2026:4271
reference_id RHSA-2026:4271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4271
105
reference_url https://access.redhat.com/errata/RHSA-2026:4466
reference_id RHSA-2026:4466
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4466
106
reference_url https://access.redhat.com/errata/RHSA-2026:4467
reference_id RHSA-2026:4467
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4467
107
reference_url https://access.redhat.com/errata/RHSA-2026:5459
reference_id RHSA-2026:5459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5459
108
reference_url https://access.redhat.com/errata/RHSA-2026:5549
reference_id RHSA-2026:5549
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5549
109
reference_url https://access.redhat.com/errata/RHSA-2026:6055
reference_id RHSA-2026:6055
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6055
110
reference_url https://access.redhat.com/errata/RHSA-2026:6292
reference_id RHSA-2026:6292
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6292
111
reference_url https://access.redhat.com/errata/RHSA-2026:9031
reference_id RHSA-2026:9031
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9031
112
reference_url https://usn.ubuntu.com/7927-1/
reference_id USN-7927-1
reference_type
scores
url https://usn.ubuntu.com/7927-1/
113
reference_url https://usn.ubuntu.com/7927-2/
reference_id USN-7927-2
reference_type
scores
url https://usn.ubuntu.com/7927-2/
114
reference_url https://usn.ubuntu.com/7927-3/
reference_id USN-7927-3
reference_type
scores
url https://usn.ubuntu.com/7927-3/
fixed_packages
aliases CVE-2025-66471, GHSA-2xpw-w6gg-jr37
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zevs-1ge5-y7g7
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python3.11-urllib3@1.26.12-5.el9_7%3Farch=1