Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/python3.12-urllib3@1.26.18-2.el9_4?arch=2
Typerpm
Namespaceredhat
Namepython3.12-urllib3
Version1.26.18-2.el9_4
Qualifiers
arch 2
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-kjka-a931-uygj
vulnerability_id VCID-kjka-a931-uygj
summary 
Decompression-bomb safeguards bypassed when following HTTP redirects (streaming API)
### Impact

urllib3's [streaming API](https://urllib3.readthedocs.io/en/2.6.2/advanced-usage.html#streaming-and-i-o) is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once.

urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption.

However, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client (high CPU usage and large memory allocations for decompressed data; CWE-409).

### Affected usages

Applications and libraries using urllib3 version 2.6.2 and earlier to stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects.


### Remediation

Upgrade to at least urllib3 v2.6.3 in which the library does not decode content of redirect responses when `preload_content=False`.

If upgrading is not immediately possible, disable [redirects](https://urllib3.readthedocs.io/en/2.6.2/user-guide.html#retrying-requests) by setting `redirect=False` for requests to untrusted source.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21441.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21441.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-21441
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07515
published_at 2026-04-18T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07535
published_at 2026-04-02T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07575
published_at 2026-04-04T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07552
published_at 2026-04-07T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.0761
published_at 2026-04-08T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07629
published_at 2026-04-11T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07616
published_at 2026-04-12T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07602
published_at 2026-04-13T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07527
published_at 2026-04-16T12:55:00Z
9
value 0.0003
scoring_system epss
scoring_elements 0.08731
published_at 2026-04-24T12:55:00Z
10
value 0.0003
scoring_system epss
scoring_elements 0.08765
published_at 2026-05-07T12:55:00Z
11
value 0.0003
scoring_system epss
scoring_elements 0.08622
published_at 2026-05-05T12:55:00Z
12
value 0.0003
scoring_system epss
scoring_elements 0.08688
published_at 2026-04-29T12:55:00Z
13
value 0.0003
scoring_system epss
scoring_elements 0.08685
published_at 2026-04-26T12:55:00Z
14
value 0.0003
scoring_system epss
scoring_elements 0.08719
published_at 2026-04-21T12:55:00Z
15
value 0.00032
scoring_system epss
scoring_elements 0.09176
published_at 2026-05-11T12:55:00Z
16
value 0.00032
scoring_system epss
scoring_elements 0.09274
published_at 2026-05-14T12:55:00Z
17
value 0.00032
scoring_system epss
scoring_elements 0.09199
published_at 2026-05-12T12:55:00Z
18
value 0.00032
scoring_system epss
scoring_elements 0.0921
published_at 2026-05-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-21441
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21441
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21441
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/urllib3/urllib3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3
5
reference_url https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-08T20:08:04Z/
url https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b
6
reference_url https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-08T20:08:04Z/
url https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99
7
reference_url https://lists.debian.org/debian-lts-announce/2026/01/msg00017.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2026/01/msg00017.html
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-21441
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-21441
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125062
reference_id 1125062
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125062
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2427726
reference_id 2427726
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2427726
11
reference_url https://github.com/advisories/GHSA-38jv-5279-wg99
reference_id GHSA-38jv-5279-wg99
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-38jv-5279-wg99
12
reference_url https://access.redhat.com/errata/RHSA-2026:0981
reference_id RHSA-2026:0981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0981
13
reference_url https://access.redhat.com/errata/RHSA-2026:0990
reference_id RHSA-2026:0990
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0990
14
reference_url https://access.redhat.com/errata/RHSA-2026:10184
reference_id RHSA-2026:10184
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10184
15
reference_url https://access.redhat.com/errata/RHSA-2026:1038
reference_id RHSA-2026:1038
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1038
16
reference_url https://access.redhat.com/errata/RHSA-2026:1041
reference_id RHSA-2026:1041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1041
17
reference_url https://access.redhat.com/errata/RHSA-2026:1042
reference_id RHSA-2026:1042
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1042
18
reference_url https://access.redhat.com/errata/RHSA-2026:1086
reference_id RHSA-2026:1086
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1086
19
reference_url https://access.redhat.com/errata/RHSA-2026:1087
reference_id RHSA-2026:1087
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1087
20
reference_url https://access.redhat.com/errata/RHSA-2026:1088
reference_id RHSA-2026:1088
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1088
21
reference_url https://access.redhat.com/errata/RHSA-2026:1089
reference_id RHSA-2026:1089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1089
22
reference_url https://access.redhat.com/errata/RHSA-2026:1166
reference_id RHSA-2026:1166
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1166
23
reference_url https://access.redhat.com/errata/RHSA-2026:1168
reference_id RHSA-2026:1168
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1168
24
reference_url https://access.redhat.com/errata/RHSA-2026:1176
reference_id RHSA-2026:1176
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1176
25
reference_url https://access.redhat.com/errata/RHSA-2026:1224
reference_id RHSA-2026:1224
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1224
26
reference_url https://access.redhat.com/errata/RHSA-2026:1226
reference_id RHSA-2026:1226
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1226
27
reference_url https://access.redhat.com/errata/RHSA-2026:1239
reference_id RHSA-2026:1239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1239
28
reference_url https://access.redhat.com/errata/RHSA-2026:1240
reference_id RHSA-2026:1240
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1240
29
reference_url https://access.redhat.com/errata/RHSA-2026:1241
reference_id RHSA-2026:1241
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1241
30
reference_url https://access.redhat.com/errata/RHSA-2026:1254
reference_id RHSA-2026:1254
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1254
31
reference_url https://access.redhat.com/errata/RHSA-2026:1485
reference_id RHSA-2026:1485
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1485
32
reference_url https://access.redhat.com/errata/RHSA-2026:14877
reference_id RHSA-2026:14877
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:14877
33
reference_url https://access.redhat.com/errata/RHSA-2026:1504
reference_id RHSA-2026:1504
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1504
34
reference_url https://access.redhat.com/errata/RHSA-2026:1546
reference_id RHSA-2026:1546
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1546
35
reference_url https://access.redhat.com/errata/RHSA-2026:1596
reference_id RHSA-2026:1596
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1596
36
reference_url https://access.redhat.com/errata/RHSA-2026:1599
reference_id RHSA-2026:1599
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1599
37
reference_url https://access.redhat.com/errata/RHSA-2026:1609
reference_id RHSA-2026:1609
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1609
38
reference_url https://access.redhat.com/errata/RHSA-2026:1618
reference_id RHSA-2026:1618
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1618
39
reference_url https://access.redhat.com/errata/RHSA-2026:1619
reference_id RHSA-2026:1619
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1619
40
reference_url https://access.redhat.com/errata/RHSA-2026:1652
reference_id RHSA-2026:1652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1652
41
reference_url https://access.redhat.com/errata/RHSA-2026:1674
reference_id RHSA-2026:1674
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1674
42
reference_url https://access.redhat.com/errata/RHSA-2026:1676
reference_id RHSA-2026:1676
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1676
43
reference_url https://access.redhat.com/errata/RHSA-2026:1693
reference_id RHSA-2026:1693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1693
44
reference_url https://access.redhat.com/errata/RHSA-2026:1704
reference_id RHSA-2026:1704
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1704
45
reference_url https://access.redhat.com/errata/RHSA-2026:1706
reference_id RHSA-2026:1706
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1706
46
reference_url https://access.redhat.com/errata/RHSA-2026:1712
reference_id RHSA-2026:1712
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1712
47
reference_url https://access.redhat.com/errata/RHSA-2026:1717
reference_id RHSA-2026:1717
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1717
48
reference_url https://access.redhat.com/errata/RHSA-2026:1726
reference_id RHSA-2026:1726
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1726
49
reference_url https://access.redhat.com/errata/RHSA-2026:1729
reference_id RHSA-2026:1729
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1729
50
reference_url https://access.redhat.com/errata/RHSA-2026:1730
reference_id RHSA-2026:1730
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1730
51
reference_url https://access.redhat.com/errata/RHSA-2026:1734
reference_id RHSA-2026:1734
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1734
52
reference_url https://access.redhat.com/errata/RHSA-2026:1735
reference_id RHSA-2026:1735
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1735
53
reference_url https://access.redhat.com/errata/RHSA-2026:1736
reference_id RHSA-2026:1736
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1736
54
reference_url https://access.redhat.com/errata/RHSA-2026:17456
reference_id RHSA-2026:17456
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17456
55
reference_url https://access.redhat.com/errata/RHSA-2026:17457
reference_id RHSA-2026:17457
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17457
56
reference_url https://access.redhat.com/errata/RHSA-2026:17460
reference_id RHSA-2026:17460
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17460
57
reference_url https://access.redhat.com/errata/RHSA-2026:17461
reference_id RHSA-2026:17461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17461
58
reference_url https://access.redhat.com/errata/RHSA-2026:17462
reference_id RHSA-2026:17462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17462
59
reference_url https://access.redhat.com/errata/RHSA-2026:17463
reference_id RHSA-2026:17463
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17463
60
reference_url https://access.redhat.com/errata/RHSA-2026:1791
reference_id RHSA-2026:1791
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1791
61
reference_url https://access.redhat.com/errata/RHSA-2026:1792
reference_id RHSA-2026:1792
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1792
62
reference_url https://access.redhat.com/errata/RHSA-2026:1793
reference_id RHSA-2026:1793
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1793
63
reference_url https://access.redhat.com/errata/RHSA-2026:1794
reference_id RHSA-2026:1794
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1794
64
reference_url https://access.redhat.com/errata/RHSA-2026:1803
reference_id RHSA-2026:1803
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1803
65
reference_url https://access.redhat.com/errata/RHSA-2026:1805
reference_id RHSA-2026:1805
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1805
66
reference_url https://access.redhat.com/errata/RHSA-2026:1942
reference_id RHSA-2026:1942
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1942
67
reference_url https://access.redhat.com/errata/RHSA-2026:1957
reference_id RHSA-2026:1957
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1957
68
reference_url https://access.redhat.com/errata/RHSA-2026:2106
reference_id RHSA-2026:2106
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2106
69
reference_url https://access.redhat.com/errata/RHSA-2026:2126
reference_id RHSA-2026:2126
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2126
70
reference_url https://access.redhat.com/errata/RHSA-2026:2137
reference_id RHSA-2026:2137
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2137
71
reference_url https://access.redhat.com/errata/RHSA-2026:2139
reference_id RHSA-2026:2139
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2139
72
reference_url https://access.redhat.com/errata/RHSA-2026:2144
reference_id RHSA-2026:2144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2144
73
reference_url https://access.redhat.com/errata/RHSA-2026:2256
reference_id RHSA-2026:2256
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2256
74
reference_url https://access.redhat.com/errata/RHSA-2026:2456
reference_id RHSA-2026:2456
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2456
75
reference_url https://access.redhat.com/errata/RHSA-2026:2500
reference_id RHSA-2026:2500
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2500
76
reference_url https://access.redhat.com/errata/RHSA-2026:2563
reference_id RHSA-2026:2563
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2563
77
reference_url https://access.redhat.com/errata/RHSA-2026:2681
reference_id RHSA-2026:2681
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2681
78
reference_url https://access.redhat.com/errata/RHSA-2026:2695
reference_id RHSA-2026:2695
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2695
79
reference_url https://access.redhat.com/errata/RHSA-2026:2717
reference_id RHSA-2026:2717
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2717
80
reference_url https://access.redhat.com/errata/RHSA-2026:2718
reference_id RHSA-2026:2718
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2718
81
reference_url https://access.redhat.com/errata/RHSA-2026:2723
reference_id RHSA-2026:2723
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2723
82
reference_url https://access.redhat.com/errata/RHSA-2026:2728
reference_id RHSA-2026:2728
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2728
83
reference_url https://access.redhat.com/errata/RHSA-2026:2760
reference_id RHSA-2026:2760
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2760
84
reference_url https://access.redhat.com/errata/RHSA-2026:2762
reference_id RHSA-2026:2762
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2762
85
reference_url https://access.redhat.com/errata/RHSA-2026:2764
reference_id RHSA-2026:2764
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2764
86
reference_url https://access.redhat.com/errata/RHSA-2026:2765
reference_id RHSA-2026:2765
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2765
87
reference_url https://access.redhat.com/errata/RHSA-2026:2900
reference_id RHSA-2026:2900
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2900
88
reference_url https://access.redhat.com/errata/RHSA-2026:2911
reference_id RHSA-2026:2911
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2911
89
reference_url https://access.redhat.com/errata/RHSA-2026:2919
reference_id RHSA-2026:2919
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2919
90
reference_url https://access.redhat.com/errata/RHSA-2026:2924
reference_id RHSA-2026:2924
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2924
91
reference_url https://access.redhat.com/errata/RHSA-2026:2925
reference_id RHSA-2026:2925
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2925
92
reference_url https://access.redhat.com/errata/RHSA-2026:2926
reference_id RHSA-2026:2926
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2926
93
reference_url https://access.redhat.com/errata/RHSA-2026:3296
reference_id RHSA-2026:3296
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3296
94
reference_url https://access.redhat.com/errata/RHSA-2026:3406
reference_id RHSA-2026:3406
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3406
95
reference_url https://access.redhat.com/errata/RHSA-2026:3444
reference_id RHSA-2026:3444
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3444
96
reference_url https://access.redhat.com/errata/RHSA-2026:3461
reference_id RHSA-2026:3461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3461
97
reference_url https://access.redhat.com/errata/RHSA-2026:3462
reference_id RHSA-2026:3462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3462
98
reference_url https://access.redhat.com/errata/RHSA-2026:3713
reference_id RHSA-2026:3713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3713
99
reference_url https://access.redhat.com/errata/RHSA-2026:3782
reference_id RHSA-2026:3782
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3782
100
reference_url https://access.redhat.com/errata/RHSA-2026:3869
reference_id RHSA-2026:3869
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3869
101
reference_url https://access.redhat.com/errata/RHSA-2026:3874
reference_id RHSA-2026:3874
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3874
102
reference_url https://access.redhat.com/errata/RHSA-2026:3884
reference_id RHSA-2026:3884
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3884
103
reference_url https://access.redhat.com/errata/RHSA-2026:3960
reference_id RHSA-2026:3960
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3960
104
reference_url https://access.redhat.com/errata/RHSA-2026:4185
reference_id RHSA-2026:4185
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4185
105
reference_url https://access.redhat.com/errata/RHSA-2026:4215
reference_id RHSA-2026:4215
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4215
106
reference_url https://access.redhat.com/errata/RHSA-2026:4271
reference_id RHSA-2026:4271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4271
107
reference_url https://access.redhat.com/errata/RHSA-2026:4466
reference_id RHSA-2026:4466
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4466
108
reference_url https://access.redhat.com/errata/RHSA-2026:4467
reference_id RHSA-2026:4467
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4467
109
reference_url https://access.redhat.com/errata/RHSA-2026:5459
reference_id RHSA-2026:5459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5459
110
reference_url https://access.redhat.com/errata/RHSA-2026:6287
reference_id RHSA-2026:6287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6287
111
reference_url https://access.redhat.com/errata/RHSA-2026:6292
reference_id RHSA-2026:6292
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6292
112
reference_url https://access.redhat.com/errata/RHSA-2026:8151
reference_id RHSA-2026:8151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8151
113
reference_url https://access.redhat.com/errata/RHSA-2026:8500
reference_id RHSA-2026:8500
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8500
114
reference_url https://access.redhat.com/errata/RHSA-2026:8501
reference_id RHSA-2026:8501
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8501
115
reference_url https://usn.ubuntu.com/7955-1/
reference_id USN-7955-1
reference_type
scores
url https://usn.ubuntu.com/7955-1/
116
reference_url https://usn.ubuntu.com/7955-2/
reference_id USN-7955-2
reference_type
scores
url https://usn.ubuntu.com/7955-2/
117
reference_url https://usn.ubuntu.com/8010-1/
reference_id USN-8010-1
reference_type
scores
url https://usn.ubuntu.com/8010-1/
fixed_packages
aliases CVE-2026-21441, GHSA-38jv-5279-wg99
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kjka-a931-uygj
1
url VCID-v365-pn8r-e7dh
vulnerability_id VCID-v365-pn8r-e7dh
summary 
urllib3 allows an unbounded number of links in the decompression chain
urllib3 supports chained HTTP encoding algorithms for response content according to RFC 9110 (e.g., `Content-Encoding: gzip, zstd`).

However, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps leading to high CPU usage and massive memory allocation for the decompressed data.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66418.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66418.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-66418
reference_id
reference_type
scores
0
value 0.00016
scoring_system epss
scoring_elements 0.03657
published_at 2026-05-14T12:55:00Z
1
value 0.00016
scoring_system epss
scoring_elements 0.03618
published_at 2026-05-12T12:55:00Z
2
value 0.00016
scoring_system epss
scoring_elements 0.03612
published_at 2026-05-11T12:55:00Z
3
value 0.00016
scoring_system epss
scoring_elements 0.03574
published_at 2026-05-07T12:55:00Z
4
value 0.00016
scoring_system epss
scoring_elements 0.0361
published_at 2026-05-09T12:55:00Z
5
value 0.00021
scoring_system epss
scoring_elements 0.05827
published_at 2026-05-05T12:55:00Z
6
value 0.00029
scoring_system epss
scoring_elements 0.08131
published_at 2026-04-04T12:55:00Z
7
value 0.00029
scoring_system epss
scoring_elements 0.08088
published_at 2026-04-02T12:55:00Z
8
value 0.00033
scoring_system epss
scoring_elements 0.09706
published_at 2026-04-08T12:55:00Z
9
value 0.00033
scoring_system epss
scoring_elements 0.09635
published_at 2026-04-07T12:55:00Z
10
value 0.00033
scoring_system epss
scoring_elements 0.09755
published_at 2026-04-09T12:55:00Z
11
value 0.00033
scoring_system epss
scoring_elements 0.09767
published_at 2026-04-11T12:55:00Z
12
value 0.00033
scoring_system epss
scoring_elements 0.09734
published_at 2026-04-12T12:55:00Z
13
value 0.00033
scoring_system epss
scoring_elements 0.09718
published_at 2026-04-13T12:55:00Z
14
value 0.00033
scoring_system epss
scoring_elements 0.09606
published_at 2026-04-16T12:55:00Z
15
value 0.00033
scoring_system epss
scoring_elements 0.09577
published_at 2026-04-18T12:55:00Z
16
value 0.00033
scoring_system epss
scoring_elements 0.09724
published_at 2026-04-21T12:55:00Z
17
value 0.00033
scoring_system epss
scoring_elements 0.09766
published_at 2026-04-24T12:55:00Z
18
value 0.00033
scoring_system epss
scoring_elements 0.09732
published_at 2026-04-26T12:55:00Z
19
value 0.00033
scoring_system epss
scoring_elements 0.09691
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-66418
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66418
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66418
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/urllib3/urllib3
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3
5
reference_url https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-05T16:15:39Z/
url https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122030
reference_id 1122030
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122030
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2419455
reference_id 2419455
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2419455
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-66418
reference_id CVE-2025-66418
reference_type
scores
0
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-66418
9
reference_url https://github.com/advisories/GHSA-gm62-xv2j-4w53
reference_id GHSA-gm62-xv2j-4w53
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gm62-xv2j-4w53
10
reference_url https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53
reference_id GHSA-gm62-xv2j-4w53
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-05T16:15:39Z/
url https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53
11
reference_url https://access.redhat.com/errata/RHSA-2026:0050
reference_id RHSA-2026:0050
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0050
12
reference_url https://access.redhat.com/errata/RHSA-2026:0414
reference_id RHSA-2026:0414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0414
13
reference_url https://access.redhat.com/errata/RHSA-2026:0990
reference_id RHSA-2026:0990
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0990
14
reference_url https://access.redhat.com/errata/RHSA-2026:10184
reference_id RHSA-2026:10184
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10184
15
reference_url https://access.redhat.com/errata/RHSA-2026:1026
reference_id RHSA-2026:1026
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1026
16
reference_url https://access.redhat.com/errata/RHSA-2026:1027
reference_id RHSA-2026:1027
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1027
17
reference_url https://access.redhat.com/errata/RHSA-2026:1041
reference_id RHSA-2026:1041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1041
18
reference_url https://access.redhat.com/errata/RHSA-2026:1042
reference_id RHSA-2026:1042
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1042
19
reference_url https://access.redhat.com/errata/RHSA-2026:1086
reference_id RHSA-2026:1086
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1086
20
reference_url https://access.redhat.com/errata/RHSA-2026:1087
reference_id RHSA-2026:1087
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1087
21
reference_url https://access.redhat.com/errata/RHSA-2026:1088
reference_id RHSA-2026:1088
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1088
22
reference_url https://access.redhat.com/errata/RHSA-2026:1089
reference_id RHSA-2026:1089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1089
23
reference_url https://access.redhat.com/errata/RHSA-2026:1168
reference_id RHSA-2026:1168
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1168
24
reference_url https://access.redhat.com/errata/RHSA-2026:1176
reference_id RHSA-2026:1176
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1176
25
reference_url https://access.redhat.com/errata/RHSA-2026:1224
reference_id RHSA-2026:1224
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1224
26
reference_url https://access.redhat.com/errata/RHSA-2026:1226
reference_id RHSA-2026:1226
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1226
27
reference_url https://access.redhat.com/errata/RHSA-2026:1239
reference_id RHSA-2026:1239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1239
28
reference_url https://access.redhat.com/errata/RHSA-2026:1240
reference_id RHSA-2026:1240
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1240
29
reference_url https://access.redhat.com/errata/RHSA-2026:1241
reference_id RHSA-2026:1241
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1241
30
reference_url https://access.redhat.com/errata/RHSA-2026:1254
reference_id RHSA-2026:1254
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1254
31
reference_url https://access.redhat.com/errata/RHSA-2026:1329
reference_id RHSA-2026:1329
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1329
32
reference_url https://access.redhat.com/errata/RHSA-2026:1330
reference_id RHSA-2026:1330
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1330
33
reference_url https://access.redhat.com/errata/RHSA-2026:1331
reference_id RHSA-2026:1331
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1331
34
reference_url https://access.redhat.com/errata/RHSA-2026:1332
reference_id RHSA-2026:1332
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1332
35
reference_url https://access.redhat.com/errata/RHSA-2026:1336
reference_id RHSA-2026:1336
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1336
36
reference_url https://access.redhat.com/errata/RHSA-2026:1337
reference_id RHSA-2026:1337
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1337
37
reference_url https://access.redhat.com/errata/RHSA-2026:1338
reference_id RHSA-2026:1338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1338
38
reference_url https://access.redhat.com/errata/RHSA-2026:1339
reference_id RHSA-2026:1339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1339
39
reference_url https://access.redhat.com/errata/RHSA-2026:1340
reference_id RHSA-2026:1340
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1340
40
reference_url https://access.redhat.com/errata/RHSA-2026:1485
reference_id RHSA-2026:1485
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1485
41
reference_url https://access.redhat.com/errata/RHSA-2026:14877
reference_id RHSA-2026:14877
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:14877
42
reference_url https://access.redhat.com/errata/RHSA-2026:1504
reference_id RHSA-2026:1504
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1504
43
reference_url https://access.redhat.com/errata/RHSA-2026:1546
reference_id RHSA-2026:1546
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1546
44
reference_url https://access.redhat.com/errata/RHSA-2026:1618
reference_id RHSA-2026:1618
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1618
45
reference_url https://access.redhat.com/errata/RHSA-2026:1619
reference_id RHSA-2026:1619
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1619
46
reference_url https://access.redhat.com/errata/RHSA-2026:1652
reference_id RHSA-2026:1652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1652
47
reference_url https://access.redhat.com/errata/RHSA-2026:1674
reference_id RHSA-2026:1674
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1674
48
reference_url https://access.redhat.com/errata/RHSA-2026:1676
reference_id RHSA-2026:1676
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1676
49
reference_url https://access.redhat.com/errata/RHSA-2026:1693
reference_id RHSA-2026:1693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1693
50
reference_url https://access.redhat.com/errata/RHSA-2026:1701
reference_id RHSA-2026:1701
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1701
51
reference_url https://access.redhat.com/errata/RHSA-2026:1702
reference_id RHSA-2026:1702
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1702
52
reference_url https://access.redhat.com/errata/RHSA-2026:1704
reference_id RHSA-2026:1704
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1704
53
reference_url https://access.redhat.com/errata/RHSA-2026:1712
reference_id RHSA-2026:1712
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1712
54
reference_url https://access.redhat.com/errata/RHSA-2026:1726
reference_id RHSA-2026:1726
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1726
55
reference_url https://access.redhat.com/errata/RHSA-2026:1729
reference_id RHSA-2026:1729
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1729
56
reference_url https://access.redhat.com/errata/RHSA-2026:1730
reference_id RHSA-2026:1730
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1730
57
reference_url https://access.redhat.com/errata/RHSA-2026:1736
reference_id RHSA-2026:1736
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1736
58
reference_url https://access.redhat.com/errata/RHSA-2026:1942
reference_id RHSA-2026:1942
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1942
59
reference_url https://access.redhat.com/errata/RHSA-2026:1957
reference_id RHSA-2026:1957
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1957
60
reference_url https://access.redhat.com/errata/RHSA-2026:2106
reference_id RHSA-2026:2106
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2106
61
reference_url https://access.redhat.com/errata/RHSA-2026:2126
reference_id RHSA-2026:2126
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2126
62
reference_url https://access.redhat.com/errata/RHSA-2026:2137
reference_id RHSA-2026:2137
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2137
63
reference_url https://access.redhat.com/errata/RHSA-2026:2139
reference_id RHSA-2026:2139
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2139
64
reference_url https://access.redhat.com/errata/RHSA-2026:2144
reference_id RHSA-2026:2144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2144
65
reference_url https://access.redhat.com/errata/RHSA-2026:2256
reference_id RHSA-2026:2256
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2256
66
reference_url https://access.redhat.com/errata/RHSA-2026:2279
reference_id RHSA-2026:2279
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2279
67
reference_url https://access.redhat.com/errata/RHSA-2026:2456
reference_id RHSA-2026:2456
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2456
68
reference_url https://access.redhat.com/errata/RHSA-2026:2500
reference_id RHSA-2026:2500
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2500
69
reference_url https://access.redhat.com/errata/RHSA-2026:2563
reference_id RHSA-2026:2563
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2563
70
reference_url https://access.redhat.com/errata/RHSA-2026:2681
reference_id RHSA-2026:2681
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2681
71
reference_url https://access.redhat.com/errata/RHSA-2026:2695
reference_id RHSA-2026:2695
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2695
72
reference_url https://access.redhat.com/errata/RHSA-2026:2717
reference_id RHSA-2026:2717
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2717
73
reference_url https://access.redhat.com/errata/RHSA-2026:2718
reference_id RHSA-2026:2718
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2718
74
reference_url https://access.redhat.com/errata/RHSA-2026:2723
reference_id RHSA-2026:2723
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2723
75
reference_url https://access.redhat.com/errata/RHSA-2026:2728
reference_id RHSA-2026:2728
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2728
76
reference_url https://access.redhat.com/errata/RHSA-2026:2737
reference_id RHSA-2026:2737
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2737
77
reference_url https://access.redhat.com/errata/RHSA-2026:2754
reference_id RHSA-2026:2754
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2754
78
reference_url https://access.redhat.com/errata/RHSA-2026:2762
reference_id RHSA-2026:2762
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2762
79
reference_url https://access.redhat.com/errata/RHSA-2026:2764
reference_id RHSA-2026:2764
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2764
80
reference_url https://access.redhat.com/errata/RHSA-2026:2765
reference_id RHSA-2026:2765
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2765
81
reference_url https://access.redhat.com/errata/RHSA-2026:2800
reference_id RHSA-2026:2800
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2800
82
reference_url https://access.redhat.com/errata/RHSA-2026:2900
reference_id RHSA-2026:2900
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2900
83
reference_url https://access.redhat.com/errata/RHSA-2026:2919
reference_id RHSA-2026:2919
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2919
84
reference_url https://access.redhat.com/errata/RHSA-2026:2924
reference_id RHSA-2026:2924
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2924
85
reference_url https://access.redhat.com/errata/RHSA-2026:2925
reference_id RHSA-2026:2925
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2925
86
reference_url https://access.redhat.com/errata/RHSA-2026:2926
reference_id RHSA-2026:2926
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2926
87
reference_url https://access.redhat.com/errata/RHSA-2026:3296
reference_id RHSA-2026:3296
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3296
88
reference_url https://access.redhat.com/errata/RHSA-2026:3406
reference_id RHSA-2026:3406
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3406
89
reference_url https://access.redhat.com/errata/RHSA-2026:3444
reference_id RHSA-2026:3444
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3444
90
reference_url https://access.redhat.com/errata/RHSA-2026:3461
reference_id RHSA-2026:3461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3461
91
reference_url https://access.redhat.com/errata/RHSA-2026:3462
reference_id RHSA-2026:3462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3462
92
reference_url https://access.redhat.com/errata/RHSA-2026:3713
reference_id RHSA-2026:3713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3713
93
reference_url https://access.redhat.com/errata/RHSA-2026:3782
reference_id RHSA-2026:3782
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3782
94
reference_url https://access.redhat.com/errata/RHSA-2026:3869
reference_id RHSA-2026:3869
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3869
95
reference_url https://access.redhat.com/errata/RHSA-2026:3874
reference_id RHSA-2026:3874
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3874
96
reference_url https://access.redhat.com/errata/RHSA-2026:4185
reference_id RHSA-2026:4185
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4185
97
reference_url https://access.redhat.com/errata/RHSA-2026:4215
reference_id RHSA-2026:4215
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4215
98
reference_url https://access.redhat.com/errata/RHSA-2026:4271
reference_id RHSA-2026:4271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4271
99
reference_url https://access.redhat.com/errata/RHSA-2026:4466
reference_id RHSA-2026:4466
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4466
100
reference_url https://access.redhat.com/errata/RHSA-2026:4467
reference_id RHSA-2026:4467
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4467
101
reference_url https://access.redhat.com/errata/RHSA-2026:5807
reference_id RHSA-2026:5807
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5807
102
reference_url https://access.redhat.com/errata/RHSA-2026:6292
reference_id RHSA-2026:6292
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6292
103
reference_url https://usn.ubuntu.com/7927-1/
reference_id USN-7927-1
reference_type
scores
url https://usn.ubuntu.com/7927-1/
104
reference_url https://usn.ubuntu.com/8010-1/
reference_id USN-8010-1
reference_type
scores
url https://usn.ubuntu.com/8010-1/
fixed_packages
aliases CVE-2025-66418, GHSA-gm62-xv2j-4w53
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v365-pn8r-e7dh
2
url VCID-zevs-1ge5-y7g7
vulnerability_id VCID-zevs-1ge5-y7g7
summary 
urllib3 streaming API improperly handles highly compressed data
urllib3's [streaming API](https://urllib3.readthedocs.io/en/2.5.0/advanced-usage.html#streaming-and-i-o) is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once.

When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation.

The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66471.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66471.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-66471
reference_id
reference_type
scores
0
value 0.00014
scoring_system epss
scoring_elements 0.02869
published_at 2026-05-14T12:55:00Z
1
value 0.00014
scoring_system epss
scoring_elements 0.02837
published_at 2026-05-12T12:55:00Z
2
value 0.00014
scoring_system epss
scoring_elements 0.02836
published_at 2026-05-11T12:55:00Z
3
value 0.00014
scoring_system epss
scoring_elements 0.02792
published_at 2026-05-07T12:55:00Z
4
value 0.00014
scoring_system epss
scoring_elements 0.02776
published_at 2026-05-05T12:55:00Z
5
value 0.00014
scoring_system epss
scoring_elements 0.02828
published_at 2026-05-09T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07482
published_at 2026-04-04T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.0744
published_at 2026-04-02T12:55:00Z
8
value 0.00031
scoring_system epss
scoring_elements 0.08924
published_at 2026-04-07T12:55:00Z
9
value 0.00031
scoring_system epss
scoring_elements 0.09002
published_at 2026-04-08T12:55:00Z
10
value 0.00031
scoring_system epss
scoring_elements 0.09034
published_at 2026-04-11T12:55:00Z
11
value 0.00031
scoring_system epss
scoring_elements 0.08998
published_at 2026-04-21T12:55:00Z
12
value 0.00031
scoring_system epss
scoring_elements 0.08985
published_at 2026-04-13T12:55:00Z
13
value 0.00031
scoring_system epss
scoring_elements 0.08877
published_at 2026-04-16T12:55:00Z
14
value 0.00031
scoring_system epss
scoring_elements 0.08852
published_at 2026-04-18T12:55:00Z
15
value 0.00031
scoring_system epss
scoring_elements 0.09044
published_at 2026-04-24T12:55:00Z
16
value 0.00031
scoring_system epss
scoring_elements 0.08993
published_at 2026-04-26T12:55:00Z
17
value 0.00031
scoring_system epss
scoring_elements 0.08975
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-66471
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66471
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66471
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/urllib3/urllib3
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3
5
reference_url https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-05T19:32:57Z/
url https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122029
reference_id 1122029
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122029
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2419467
reference_id 2419467
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2419467
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-66471
reference_id CVE-2025-66471
reference_type
scores
0
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-66471
9
reference_url https://github.com/advisories/GHSA-2xpw-w6gg-jr37
reference_id GHSA-2xpw-w6gg-jr37
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2xpw-w6gg-jr37
10
reference_url https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37
reference_id GHSA-2xpw-w6gg-jr37
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-05T19:32:57Z/
url https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37
11
reference_url https://access.redhat.com/errata/RHSA-2026:0981
reference_id RHSA-2026:0981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0981
12
reference_url https://access.redhat.com/errata/RHSA-2026:0990
reference_id RHSA-2026:0990
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0990
13
reference_url https://access.redhat.com/errata/RHSA-2026:10184
reference_id RHSA-2026:10184
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10184
14
reference_url https://access.redhat.com/errata/RHSA-2026:1038
reference_id RHSA-2026:1038
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1038
15
reference_url https://access.redhat.com/errata/RHSA-2026:1041
reference_id RHSA-2026:1041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1041
16
reference_url https://access.redhat.com/errata/RHSA-2026:1042
reference_id RHSA-2026:1042
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1042
17
reference_url https://access.redhat.com/errata/RHSA-2026:1086
reference_id RHSA-2026:1086
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1086
18
reference_url https://access.redhat.com/errata/RHSA-2026:1087
reference_id RHSA-2026:1087
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1087
19
reference_url https://access.redhat.com/errata/RHSA-2026:1088
reference_id RHSA-2026:1088
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1088
20
reference_url https://access.redhat.com/errata/RHSA-2026:1089
reference_id RHSA-2026:1089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1089
21
reference_url https://access.redhat.com/errata/RHSA-2026:1166
reference_id RHSA-2026:1166
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1166
22
reference_url https://access.redhat.com/errata/RHSA-2026:1168
reference_id RHSA-2026:1168
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1168
23
reference_url https://access.redhat.com/errata/RHSA-2026:11722
reference_id RHSA-2026:11722
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:11722
24
reference_url https://access.redhat.com/errata/RHSA-2026:1176
reference_id RHSA-2026:1176
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1176
25
reference_url https://access.redhat.com/errata/RHSA-2026:1224
reference_id RHSA-2026:1224
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1224
26
reference_url https://access.redhat.com/errata/RHSA-2026:1226
reference_id RHSA-2026:1226
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1226
27
reference_url https://access.redhat.com/errata/RHSA-2026:1239
reference_id RHSA-2026:1239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1239
28
reference_url https://access.redhat.com/errata/RHSA-2026:1240
reference_id RHSA-2026:1240
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1240
29
reference_url https://access.redhat.com/errata/RHSA-2026:1241
reference_id RHSA-2026:1241
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1241
30
reference_url https://access.redhat.com/errata/RHSA-2026:1249
reference_id RHSA-2026:1249
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1249
31
reference_url https://access.redhat.com/errata/RHSA-2026:1254
reference_id RHSA-2026:1254
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1254
32
reference_url https://access.redhat.com/errata/RHSA-2026:1485
reference_id RHSA-2026:1485
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1485
33
reference_url https://access.redhat.com/errata/RHSA-2026:14877
reference_id RHSA-2026:14877
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:14877
34
reference_url https://access.redhat.com/errata/RHSA-2026:1497
reference_id RHSA-2026:1497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1497
35
reference_url https://access.redhat.com/errata/RHSA-2026:1504
reference_id RHSA-2026:1504
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1504
36
reference_url https://access.redhat.com/errata/RHSA-2026:1506
reference_id RHSA-2026:1506
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1506
37
reference_url https://access.redhat.com/errata/RHSA-2026:1546
reference_id RHSA-2026:1546
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1546
38
reference_url https://access.redhat.com/errata/RHSA-2026:1596
reference_id RHSA-2026:1596
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1596
39
reference_url https://access.redhat.com/errata/RHSA-2026:1599
reference_id RHSA-2026:1599
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1599
40
reference_url https://access.redhat.com/errata/RHSA-2026:1600
reference_id RHSA-2026:1600
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1600
41
reference_url https://access.redhat.com/errata/RHSA-2026:1609
reference_id RHSA-2026:1609
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1609
42
reference_url https://access.redhat.com/errata/RHSA-2026:1618
reference_id RHSA-2026:1618
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1618
43
reference_url https://access.redhat.com/errata/RHSA-2026:1619
reference_id RHSA-2026:1619
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1619
44
reference_url https://access.redhat.com/errata/RHSA-2026:1652
reference_id RHSA-2026:1652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1652
45
reference_url https://access.redhat.com/errata/RHSA-2026:1674
reference_id RHSA-2026:1674
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1674
46
reference_url https://access.redhat.com/errata/RHSA-2026:1676
reference_id RHSA-2026:1676
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1676
47
reference_url https://access.redhat.com/errata/RHSA-2026:1693
reference_id RHSA-2026:1693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1693
48
reference_url https://access.redhat.com/errata/RHSA-2026:1704
reference_id RHSA-2026:1704
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1704
49
reference_url https://access.redhat.com/errata/RHSA-2026:1706
reference_id RHSA-2026:1706
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1706
50
reference_url https://access.redhat.com/errata/RHSA-2026:1712
reference_id RHSA-2026:1712
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1712
51
reference_url https://access.redhat.com/errata/RHSA-2026:1717
reference_id RHSA-2026:1717
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1717
52
reference_url https://access.redhat.com/errata/RHSA-2026:1726
reference_id RHSA-2026:1726
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1726
53
reference_url https://access.redhat.com/errata/RHSA-2026:1729
reference_id RHSA-2026:1729
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1729
54
reference_url https://access.redhat.com/errata/RHSA-2026:1730
reference_id RHSA-2026:1730
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1730
55
reference_url https://access.redhat.com/errata/RHSA-2026:1734
reference_id RHSA-2026:1734
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1734
56
reference_url https://access.redhat.com/errata/RHSA-2026:1735
reference_id RHSA-2026:1735
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1735
57
reference_url https://access.redhat.com/errata/RHSA-2026:1736
reference_id RHSA-2026:1736
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1736
58
reference_url https://access.redhat.com/errata/RHSA-2026:1791
reference_id RHSA-2026:1791
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1791
59
reference_url https://access.redhat.com/errata/RHSA-2026:1792
reference_id RHSA-2026:1792
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1792
60
reference_url https://access.redhat.com/errata/RHSA-2026:1793
reference_id RHSA-2026:1793
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1793
61
reference_url https://access.redhat.com/errata/RHSA-2026:1794
reference_id RHSA-2026:1794
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1794
62
reference_url https://access.redhat.com/errata/RHSA-2026:1795
reference_id RHSA-2026:1795
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1795
63
reference_url https://access.redhat.com/errata/RHSA-2026:1803
reference_id RHSA-2026:1803
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1803
64
reference_url https://access.redhat.com/errata/RHSA-2026:1805
reference_id RHSA-2026:1805
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1805
65
reference_url https://access.redhat.com/errata/RHSA-2026:1942
reference_id RHSA-2026:1942
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1942
66
reference_url https://access.redhat.com/errata/RHSA-2026:1957
reference_id RHSA-2026:1957
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1957
67
reference_url https://access.redhat.com/errata/RHSA-2026:2060
reference_id RHSA-2026:2060
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2060
68
reference_url https://access.redhat.com/errata/RHSA-2026:2106
reference_id RHSA-2026:2106
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2106
69
reference_url https://access.redhat.com/errata/RHSA-2026:2126
reference_id RHSA-2026:2126
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2126
70
reference_url https://access.redhat.com/errata/RHSA-2026:2137
reference_id RHSA-2026:2137
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2137
71
reference_url https://access.redhat.com/errata/RHSA-2026:2139
reference_id RHSA-2026:2139
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2139
72
reference_url https://access.redhat.com/errata/RHSA-2026:2144
reference_id RHSA-2026:2144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2144
73
reference_url https://access.redhat.com/errata/RHSA-2026:2256
reference_id RHSA-2026:2256
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2256
74
reference_url https://access.redhat.com/errata/RHSA-2026:2456
reference_id RHSA-2026:2456
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2456
75
reference_url https://access.redhat.com/errata/RHSA-2026:2500
reference_id RHSA-2026:2500
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2500
76
reference_url https://access.redhat.com/errata/RHSA-2026:2563
reference_id RHSA-2026:2563
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2563
77
reference_url https://access.redhat.com/errata/RHSA-2026:2681
reference_id RHSA-2026:2681
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2681
78
reference_url https://access.redhat.com/errata/RHSA-2026:2695
reference_id RHSA-2026:2695
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2695
79
reference_url https://access.redhat.com/errata/RHSA-2026:2717
reference_id RHSA-2026:2717
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2717
80
reference_url https://access.redhat.com/errata/RHSA-2026:2718
reference_id RHSA-2026:2718
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2718
81
reference_url https://access.redhat.com/errata/RHSA-2026:2723
reference_id RHSA-2026:2723
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2723
82
reference_url https://access.redhat.com/errata/RHSA-2026:2728
reference_id RHSA-2026:2728
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2728
83
reference_url https://access.redhat.com/errata/RHSA-2026:2737
reference_id RHSA-2026:2737
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2737
84
reference_url https://access.redhat.com/errata/RHSA-2026:2760
reference_id RHSA-2026:2760
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2760
85
reference_url https://access.redhat.com/errata/RHSA-2026:2762
reference_id RHSA-2026:2762
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2762
86
reference_url https://access.redhat.com/errata/RHSA-2026:2764
reference_id RHSA-2026:2764
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2764
87
reference_url https://access.redhat.com/errata/RHSA-2026:2765
reference_id RHSA-2026:2765
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2765
88
reference_url https://access.redhat.com/errata/RHSA-2026:2800
reference_id RHSA-2026:2800
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2800
89
reference_url https://access.redhat.com/errata/RHSA-2026:2900
reference_id RHSA-2026:2900
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2900
90
reference_url https://access.redhat.com/errata/RHSA-2026:2919
reference_id RHSA-2026:2919
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2919
91
reference_url https://access.redhat.com/errata/RHSA-2026:2924
reference_id RHSA-2026:2924
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2924
92
reference_url https://access.redhat.com/errata/RHSA-2026:2925
reference_id RHSA-2026:2925
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2925
93
reference_url https://access.redhat.com/errata/RHSA-2026:2926
reference_id RHSA-2026:2926
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2926
94
reference_url https://access.redhat.com/errata/RHSA-2026:3296
reference_id RHSA-2026:3296
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3296
95
reference_url https://access.redhat.com/errata/RHSA-2026:3406
reference_id RHSA-2026:3406
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3406
96
reference_url https://access.redhat.com/errata/RHSA-2026:3444
reference_id RHSA-2026:3444
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3444
97
reference_url https://access.redhat.com/errata/RHSA-2026:3461
reference_id RHSA-2026:3461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3461
98
reference_url https://access.redhat.com/errata/RHSA-2026:3462
reference_id RHSA-2026:3462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3462
99
reference_url https://access.redhat.com/errata/RHSA-2026:3713
reference_id RHSA-2026:3713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3713
100
reference_url https://access.redhat.com/errata/RHSA-2026:3782
reference_id RHSA-2026:3782
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3782
101
reference_url https://access.redhat.com/errata/RHSA-2026:3869
reference_id RHSA-2026:3869
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3869
102
reference_url https://access.redhat.com/errata/RHSA-2026:3874
reference_id RHSA-2026:3874
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3874
103
reference_url https://access.redhat.com/errata/RHSA-2026:3960
reference_id RHSA-2026:3960
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3960
104
reference_url https://access.redhat.com/errata/RHSA-2026:4185
reference_id RHSA-2026:4185
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4185
105
reference_url https://access.redhat.com/errata/RHSA-2026:4215
reference_id RHSA-2026:4215
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4215
106
reference_url https://access.redhat.com/errata/RHSA-2026:4271
reference_id RHSA-2026:4271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4271
107
reference_url https://access.redhat.com/errata/RHSA-2026:4466
reference_id RHSA-2026:4466
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4466
108
reference_url https://access.redhat.com/errata/RHSA-2026:4467
reference_id RHSA-2026:4467
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4467
109
reference_url https://access.redhat.com/errata/RHSA-2026:5459
reference_id RHSA-2026:5459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5459
110
reference_url https://access.redhat.com/errata/RHSA-2026:5549
reference_id RHSA-2026:5549
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5549
111
reference_url https://access.redhat.com/errata/RHSA-2026:6055
reference_id RHSA-2026:6055
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6055
112
reference_url https://access.redhat.com/errata/RHSA-2026:6292
reference_id RHSA-2026:6292
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6292
113
reference_url https://access.redhat.com/errata/RHSA-2026:9031
reference_id RHSA-2026:9031
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9031
114
reference_url https://usn.ubuntu.com/7927-1/
reference_id USN-7927-1
reference_type
scores
url https://usn.ubuntu.com/7927-1/
115
reference_url https://usn.ubuntu.com/7927-2/
reference_id USN-7927-2
reference_type
scores
url https://usn.ubuntu.com/7927-2/
116
reference_url https://usn.ubuntu.com/7927-3/
reference_id USN-7927-3
reference_type
scores
url https://usn.ubuntu.com/7927-3/
fixed_packages
aliases CVE-2025-66471, GHSA-2xpw-w6gg-jr37
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zevs-1ge5-y7g7
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python3.12-urllib3@1.26.18-2.el9_4%3Farch=2