Description
urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.
Published: 2026-01-07
Score: 8.9 High
EPSS: < 1% Very Low
KEV: No
Impact: Excessive resource consumption via decompression bomb attack
Action: Immediate Upgrade
AI Analysis

Impact

urllib3’s streaming API, which reads HTTP responses in chunks, was found to decompress the entire body of HTTP redirect responses before any application read method was invoked. This bypassed the library’s safeguard against decompression bombs, allowing a malicious server to trigger large decompression operations that consume excessive CPU and memory on the client. The flaw is a classical example of resource exhaustion, captured by CWE-409.

Affected Systems

The vulnerability affects any application that uses the urllib3 client library between versions 1.22 up to, but not including, 2.6.3. These include instance libraries and applications written in Python that perform streaming HTTP requests, particularly when they enable automatic redirects and set preload_content=False to avoid unnecessary data loading.

Risk and Exploitability

The CVSS score of 8.9 indicates high severity, while the EPSS score of less than 1% shows a low current exploit likelihood in the wild. The vulnerability is not listed in CISA’s KEV catalog. Exploitation requires an attacker to serve an HTTP redirect response from an untrusted source that the vulnerable client follows. Once the redirect occurs, the client decompresses the entire response body regardless of content size, potentially leading to denial of service if the payload is sufficiently large. The lack of a read limit for decompressed data allows the attack to scale with the payload size.

Generated by OpenCVE AI on April 18, 2026 at 07:52 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade urllib3 to version 2.6.3 or later, which disables decompression of redirect responses when preload_content is set to False
  • If upgrading cannot be performed immediately, configure requests to set redirect=False when accessing untrusted sources to prevent automatic following of redirects that trigger decompression
  • Ensure that any downstream systems using urllib3 verify maximum content size or apply additional resource limits to mitigate the impact of large decompressed payloads

Generated by OpenCVE AI on April 18, 2026 at 07:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-4446-1 python-urllib3 security update
Debian DSA Debian DSA DSA-6102-1 python-urllib3 security update
Debian DSA Debian DSA DSA-6102-2 python-urllib3 regression update
Github GHSA Github GHSA GHSA-38jv-5279-wg99 Decompression-bomb safeguards bypassed when following HTTP redirects (streaming API)
Ubuntu USN Ubuntu USN USN-7955-1 urllib3 vulnerability
History

Fri, 23 Jan 2026 09:30:00 +0000

Type Values Removed Values Added
References

Thu, 15 Jan 2026 19:30:00 +0000

Type Values Removed Values Added
First Time appeared Python
Python urllib3
CPEs cpe:2.3:a:python:urllib3:*:*:*:*:*:*:*:*
Vendors & Products Python
Python urllib3
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

Fri, 09 Jan 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 threat_severity

Important

Thu, 08 Jan 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 08 Jan 2026 10:00:00 +0000

Type Values Removed Values Added
First Time appeared Urllib3
Urllib3 urllib3
Vendors & Products Urllib3
Urllib3 urllib3

Wed, 07 Jan 2026 22:15:00 +0000

Type Values Removed Values Added
Description urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.
Title urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)
Weaknesses CWE-409
References
Metrics cvssV4_0

{'score': 8.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H'}

Subscriptions

Python Urllib3
Urllib3 Urllib3
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-01-23T09:07:22.785Z

Reserved: 2025-12-29T03:00:29.276Z

Link: CVE-2026-21441

cve-icon Vulnrichment

Updated: 2026-01-23T09:07:22.785Z

cve-icon NVD

Status : Modified

Published: 2026-01-07T22:15:44.040

Modified: 2026-01-23T09:15:47.823

Link: CVE-2026-21441

cve-icon Redhat

Severity : Important

Publid Date: 2026-01-07T22:09:01Z

Links: CVE-2026-21441 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T08:00:05Z

Weaknesses