Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 551
Alerts This Week
Warning Icon 1 551

Ubuntu 26.04 LTS urllib3 Important Issues Denial of Service CVE-2026-44431

ubuntu
Calendar Grey June 3, 2026
Scroller Ubuntu
Fixes for multiple security issues in urllib3 affecting Ubuntu systems, including denial of service risk and sensitive data exposure.
Several security issues were fixed in urllib3.

Summary

Several security issues were fixed in urllib3.

Software Description:

- python-urllib3: HTTP library with thread-safe connection pooling

Details:

It was discovered that urllib3 incorrectly handled cross-origin redirects

in ProxyManager. A remote attacker could possibly use this issue to obtain

sensitive information. (CVE-2026-44431)

It was discovered that urllib3 incorrectly handled decompression of

specially crafted responses. A remote attacker could possibly use this

issue to cause urllib3 to consume resources, leading to a denial of

service. This issue only affected Ubuntu 26.04 LTS. (CVE-2026-44432)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 26.04 LTS
  python3-urllib3                 2.6.3-1ubuntu1.1

Ubuntu 25.10
  python3-urllib3                 2.3.0-3ubuntu0.6

Ubuntu 24.04 LTS
  python3-urllib3                 2.0.7-1ubuntu0.7

Ubuntu 22.04 LTS
  python3-urllib3                 1.26.5-1~exp1ubuntu0.7

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8379-1

CVE-2026-44431, CVE-2026-44432

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8379-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.