Ubuntu Security Update USN-7927-1: urllib3 vulnerabilities

LinuxBot

LinuxBot

Member
Joined
Apr 25, 2017
Messages
5,740
Reaction score
74
Credits
-1,257
Illia Volochii discovered that urllib3 did not limit the steps in a decompression chain. An attacker could possibly use this issue to cause urllib3 to use excessive resources, causing a denial of service. (CVE-2025-66418) Rui Xi discovered that urllib3 incorrectly handled highly compressed data. An attacker could possibly use this issue to cause urllib3 to use excessive resources, causing a denial of service. This issue only affected Ubuntu 24.04 LTS, Ubuntu 25.04, and Ubuntu 25.10. (CVE-2025-66471) For the brotli encoding, the fix for CVE-2025-66471 requires an additional security update in the brotli package.

Continue reading...
 
You must log in or register to reply here.

Similar threads

LinuxBot
Ubuntu Security Update USN-7927-3: urllib3 regression
Replies
0
Views
201
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-7927-2: urllib3 regression
Replies
0
Views
180
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8344-1: pip vulnerabilities
Replies
0
Views
51
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8344-2: pip regression
Replies
0
Views
51
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-7955-1: urllib3 vulnerability
Replies
0
Views
221
LinuxBot
LinuxBot


Follow Linux.org

Staff online

Members online

Total: 3,137 (members: 8, guests: 3,129)

Latest posts

Top