📦 Urllib3

This vulnerability in urllib3 allows a malicious server to cause excessive resource consumption on clients through decompression bombs in HTTP redirect responses. It affects Python applications using ...

CVE-2025-66471 is a resource exhaustion vulnerability in urllib3's streaming API that occurs when processing highly compressed HTTP responses. Attackers can send specially crafted compressed data caus...

This vulnerability in urllib3 allows a malicious HTTP server to send specially crafted compressed responses that cause excessive CPU usage and memory allocation during decompression. It affects Python...

This CVE describes a vulnerability in urllib3 where disabling redirects at the PoolManager level fails to properly mitigate SSRF or open redirect attacks. Applications that rely on this method for sec...

urllib3's CVE-2024-37891 allows the Proxy-Authorization header to leak during cross-origin redirects when configured incorrectly without using urllib3's built-in proxy support. This could expose proxy...