Denial of Service due to excessive HTTP response decompression
Summary
Denial of Service due to excessive HTTP response decompression. Red Hat rates this important (CVSS 7.5). Weakness: CWE-409. Affected package(s): rhaiis/model-opt-cuda-rhel9:1782352950, rhaiis/vllm-spyre-rhel9:1782352919, satellite/iop-yuptoo-rhel9:1782380482, satellite/iop-insights-engine-rhel9:1782448455, quay/quay-rhel8:1781878070, satellite/iop-puptoo-rhel9:1779792651. Resolved in Red Hat advisory RHSA-2026:24483 — update the affected packages (`sudo dnf update`).
- rhaiis/model-opt-cuda-rhel9:1782352950
- rhaiis/vllm-spyre-rhel9:1782352919
- satellite/iop-yuptoo-rhel9:1782380482
- satellite/iop-insights-engine-rhel9:1782448455
- quay/quay-rhel8:1781878070
- satellite/iop-puptoo-rhel9:1779792651
- python-urllib3-0:1.26.19-4.el10_2
- python-rpds-py-main-2026.5.1-1.hum1
- trivy-main-0.69.3-1.2.hum1
- discovery/discovery-server-rhel9:1779395228
- python3.12-urllib3-0:2.7.0-1.el9ap
- python-urllib3-main-2.7.0-3.hum1
Official advisory · high-confidence parse· fetched 6 hours ago·verify at source
- RHSA-2026:24483
Official advisory · high-confidence parse· fetched 6 hours ago·verify at source
Mitigation checklist
- Update the affected package(s) to the fixed version shipped in RHSA-2026:24483 (`sudo dnf update` / `yum update`).
Official advisory · high-confidence parse· fetched 6 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.