urllib3 - CVE-2025-66418
urllib3 is vulnerable to a Denial-Of-Service (DoS) vulnerability. The vulnerability is due to an unbounded decompression chain, where nested compression layers are not limited, allowing a malicious server to send specially crafted responses that trigger excessive CPU usage and large memory allocation during decompression, potentially causing service slowdown or crashes.
CVSS Score: 7.8 - High
CVE Link: http://nvd.nist.gov/vuln/detail/CVE-2025-66418
License: mit
/nDon't know how to fix this? Don't know why this was reported?
Get Assistance from Veracode
urllib3 - CVE-2025-66418
urllib3 is vulnerable to a Denial-Of-Service (DoS) vulnerability. The vulnerability is due to an unbounded decompression chain, where nested compression layers are not limited, allowing a malicious server to send specially crafted responses that trigger excessive CPU usage and large memory allocation during decompression, potentially causing service slowdown or crashes.
CVSS Score: 7.8 - High
CVE Link: http://nvd.nist.gov/vuln/detail/CVE-2025-66418
License: mit
/nDon't know how to fix this? Don't know why this was reported?
Get Assistance from Veracode