CLSA-2026-1775723090

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2026-1775723090.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2026-1775723090
Upstream
Published
2026-04-09T14:43:15Z
Modified
2026-06-01T00:33:18.415696891Z
Summary
python-pip: Fix of 2 CVEs
Details
  • CVE-2025-66471: add decompression size limit to bundled urllib3
  • CVE-2026-21441: skip decompression when draining redirect responses in bundled urllib3
References

Affected packages

TuxCare:CentOS:7 / python3-pip

Package

Name
python3-pip
Purl
pkg:rpm/tuxcare/python3-pip?distro=centos-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
9.0.3-8.el7.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2026-1775723090.json"