urllib3 - CVE-2026-21441
urllib3 is vulnerable to a Denial-Of-Service (DoS). The vulnerability is due to unbounded decompression of redirect response bodies in the streaming API, where urllib3 decompresses entire redirect responses regardless of read limits, allowing a malicious server to trigger excessive resource consumption via decompression bombs when streaming content from untrusted sources.
CVSS Score: 5 - Medium
CVE Link: http://nvd.nist.gov/vuln/detail/CVE-2026-21441
License: mit
/nDon't know how to fix this? Don't know why this was reported?
Get Assistance from Veracode
urllib3 - CVE-2026-21441
urllib3 is vulnerable to a Denial-Of-Service (DoS). The vulnerability is due to unbounded decompression of redirect response bodies in the streaming API, where urllib3 decompresses entire redirect responses regardless of read limits, allowing a malicious server to trigger excessive resource consumption via decompression bombs when streaming content from untrusted sources.
CVSS Score: 5 - Medium
CVE Link: http://nvd.nist.gov/vuln/detail/CVE-2026-21441
License: mit
/nDon't know how to fix this? Don't know why this was reported?
Get Assistance from Veracode