RHSA-2026:28043HighCVSS 7.5

Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (python-urllib3) security update

Published
June 22, 2026
Last Modified
July 6, 2026

🔗 CVE IDs covered (3)

📋 Description

CVE-2025-66418 — urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion CVE-2025-66471 — urllib3: urllib3 Streaming API improperly handles highly compressed data CVE-2026-21441 — urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

🔗 References (6)