[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2021-33503":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":86,"aliases":87,"duplicate_of":9,"upstream":90,"downstream":91,"duplicates":124,"related":125,"reserved_at":9,"published_at":134,"modified_at":135,"state":136,"summary":137,"references_raw":146,"kevs":212,"epss":213,"epss_history":216,"metrics":478,"affected":493},"CVE-2021-33503","An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component, the authority regular expression exhibits catastrophic backtracking, causing a denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-400","Uncontrolled Resource Consumption","The product does not properly control the allocation and maintenance of a limited resource.","weakness","Draft","Class","High",[20,24,82],{"id":21,"name":22,"techniques":23},"CAPEC-147","XML Ping of the Death",[],{"id":25,"name":26,"techniques":27},"CAPEC-227","Sustained Client Engagement",[28],{"id":29,"name":30,"tactics":31,"countermeasures":35},"T1499","Endpoint Denial of Service",[32],{"id":33,"name":34},"TA0105","Impact",[36,41,45,49,53,57,61,65,69,73,78],{"id":37,"name":38,"tactic":39},"D3-UGLPA","User Geolocation Logon Pattern Analysis",{"name":40},"Detect",{"id":42,"name":43,"tactic":44},"D3-PMAD","Protocol Metadata Anomaly Detection",{"name":40},{"id":46,"name":47,"tactic":48},"D3-CSPP","Client-server Payload Profiling",{"name":40},{"id":50,"name":51,"tactic":52},"D3-PHDURA","Per Host Download-Upload Ratio Analysis",{"name":40},{"id":54,"name":55,"tactic":56},"D3-NTSA","Network Traffic Signature Analysis",{"name":40},{"id":58,"name":59,"tactic":60},"D3-APCA","Application Protocol Command Analysis",{"name":40},{"id":62,"name":63,"tactic":64},"D3-NTCD","Network Traffic Community Deviation",{"name":40},{"id":66,"name":67,"tactic":68},"D3-RTSD","Remote Terminal Session Detection",{"name":40},{"id":70,"name":71,"tactic":72},"D3-ISVA","Inbound Session Volume Analysis",{"name":40},{"id":74,"name":75,"tactic":76},"D3-NTF","Network Traffic Filtering",{"name":77},"Isolate",{"id":79,"name":80,"tactic":81},"D3-ITF","Inbound Traffic Filtering",{"name":77},{"id":83,"name":84,"techniques":85},"CAPEC-492","Regular Expression Exponential Blowup",[],[],[88,89],"GHSA-q2q7-5pp4-w6pg","PYSEC-2021-108",[],[92,94,96,98,100,102,104,106,108,110,112,114,116,118,120,122],{"_key":93},"SUSE-SU-2021:2012-1",{"_key":95},"SUSE-SU-2021:2195-1",{"_key":97},"UBUNTU-CVE-2021-33503",{"_key":99},"USN-5812-1",{"_key":101},"OPENSUSE-SU-2021:2012-1",{"_key":103},"OPENSUSE-SU-2024:11277-1",{"_key":105},"OPENSUSE-SU-2024:14055-1",{"_key":107},"RHSA-2021:3473",{"_key":109},"SUSE-RU-2021:2194-1",{"_key":111},"RHSA-2021:3254",{"_key":113},"RHSA-2021:4160",{"_key":115},"RHSA-2021:4162",{"_key":117},"MGASA-2021-0371",{"_key":119},"MGASA-2021-0377",{"_key":121},"DEBIAN-CVE-2021-33503",{"_key":123},"RHSA-2021:4702",[],[126,127,128,129,130,131,132,133],{"_key":93},{"_key":95},{"_key":101},{"_key":103},{"_key":105},{"_key":109},{"_key":117},{"_key":119},"2021-06-29T10:55:35.000Z","2024-08-03T23:50:42.973Z","Modified",{"cisa_kev":138,"cisa_ransomware":138,"cisa_vendor":9,"epss_severity":139,"epss_score":140,"severity":141,"severity_score":142,"severity_version":143,"severity_source":144,"severity_vector":145,"severity_status":136},false,"low",0.00863,"high",7.5,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",[147,154,158,166,172,178,183,187,191,195,199,204,208],{"url":148,"sources":149,"tags":151},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMUGWEAUYGGHTPPXT6YBD53WYXQGVV73/",[150,144],"cve.org",[152,153],"Vendor Advisory","X Refsource FEDORA",{"url":155,"sources":156,"tags":157},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6SCV7ZNAHS3E6PBFLJGENCDRDRWRZZ6W/",[150,144],[152,153],{"url":159,"sources":160,"tags":162},"https://security.gentoo.org/glsa/202107-36",[150,144,161],"osv_pypi",[152,163,164,165],"X Refsource GENTOO","Third Party Advisory","WEB",{"url":167,"sources":168,"tags":169},"https://www.oracle.com/security-alerts/cpuoct2021.html",[150,144,161],[170,171,164,165],"X Refsource MISC","Patch",{"url":173,"sources":174,"tags":175},"https://github.com/advisories/GHSA-q2q7-5pp4-w6pg",[150,144,161],[176,164,177],"X Refsource CONFIRM","Advisory",{"url":179,"sources":180,"tags":181},"https://github.com/urllib3/urllib3/commit/2d4a3fee6de2fa45eb82169361918f759269b4ec",[150,144,161],[176,171,164,165,182],"FIX",{"url":184,"sources":185,"tags":186},"https://github.com/urllib3/urllib3/security/advisories/GHSA-q2q7-5pp4-w6pg",[161],[165],{"url":188,"sources":189,"tags":190},"https://nvd.nist.gov/vuln/detail/CVE-2021-33503",[161],[177],{"url":192,"sources":193,"tags":194},"https://github.com/urllib3/urllib3/commit/5b047b645f5f93900d5e2fc31230848c25eb1f5f#diff-52026d639119bf1e0364836b4e8a18bd9ed3c95c6ba39b26534a5057a65e35bbR65",[161],[165],{"url":196,"sources":197,"tags":198},"https://github.com/pypa/advisory-database/tree/main/vulns/urllib3/PYSEC-2021-108.yaml",[161],[165],{"url":200,"sources":201,"tags":202},"https://github.com/urllib3/urllib3",[161],[203],"PACKAGE",{"url":205,"sources":206,"tags":207},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6SCV7ZNAHS3E6PBFLJGENCDRDRWRZZ6W",[161],[165],{"url":209,"sources":210,"tags":211},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FMUGWEAUYGGHTPPXT6YBD53WYXQGVV73",[161],[165],[],{"date":214,"score":140,"percentile":215},"2026-06-04",0.75437,[217,220,223,225,228,231,234,237,240,242,245,248,251,254,257,260,262,265,269,271,274,277,280,283,286,289,291,293,296,299,302,305,308,311,314,317,320,323,326,329,332,335,338,341,344,347,350,353,356,359,362,364,367,370,373,376,379,382,385,388,391,394,397,400,403,406,409,412,415,417,420,423,425,428,431,434,437,440,443,445,448,451,454,457,460,463,466,469,472,475],{"date":218,"score":140,"percentile":219},"2025-11-04",0.74335,{"date":221,"score":140,"percentile":222},"2025-11-05",0.74324,{"date":224,"score":140,"percentile":222},"2025-11-06",{"date":226,"score":140,"percentile":227},"2025-11-07",0.74341,{"date":229,"score":140,"percentile":230},"2025-11-08",0.74339,{"date":232,"score":140,"percentile":233},"2025-11-09",0.74334,{"date":235,"score":140,"percentile":236},"2025-11-10",0.7432,{"date":238,"score":140,"percentile":239},"2025-11-11",0.74322,{"date":241,"score":140,"percentile":227},"2025-11-12",{"date":243,"score":140,"percentile":244},"2025-11-13",0.74348,{"date":246,"score":140,"percentile":247},"2025-11-14",0.74353,{"date":249,"score":140,"percentile":250},"2025-11-15",0.7435,{"date":252,"score":140,"percentile":253},"2025-11-16",0.74349,{"date":255,"score":140,"percentile":256},"2025-11-17",0.74343,{"date":258,"score":259,"percentile":227},"2025-11-18",0.00946,{"date":261,"score":259,"percentile":250},"2025-11-19",{"date":263,"score":259,"percentile":264},"2025-11-20",0.74359,{"date":266,"score":267,"percentile":268},"2025-11-21",0.0094,0.75505,{"date":270,"score":267,"percentile":268},"2025-11-22",{"date":272,"score":267,"percentile":273},"2025-11-23",0.7549,{"date":275,"score":267,"percentile":276},"2025-11-24",0.75488,{"date":278,"score":267,"percentile":279},"2025-11-25",0.75493,{"date":281,"score":267,"percentile":282},"2025-11-26",0.755,{"date":284,"score":267,"percentile":285},"2025-11-27",0.75502,{"date":287,"score":267,"percentile":288},"2025-11-28",0.75491,{"date":290,"score":267,"percentile":279},"2025-11-29",{"date":292,"score":267,"percentile":273},"2025-11-30",{"date":294,"score":267,"percentile":295},"2025-12-01",0.75617,{"date":297,"score":267,"percentile":298},"2025-12-02",0.75624,{"date":300,"score":140,"percentile":301},"2025-12-03",0.7446,{"date":303,"score":140,"percentile":304},"2025-12-04",0.74327,{"date":306,"score":140,"percentile":307},"2025-12-05",0.74336,{"date":309,"score":140,"percentile":310},"2025-12-06",0.7434,{"date":312,"score":140,"percentile":313},"2025-12-07",0.74338,{"date":315,"score":140,"percentile":316},"2025-12-08",0.74342,{"date":318,"score":140,"percentile":319},"2025-12-09",0.7437,{"date":321,"score":140,"percentile":322},"2025-12-10",0.74398,{"date":324,"score":140,"percentile":325},"2025-12-11",0.74413,{"date":327,"score":140,"percentile":328},"2025-12-12",0.74437,{"date":330,"score":140,"percentile":331},"2025-12-13",0.74444,{"date":333,"score":140,"percentile":334},"2025-12-14",0.74443,{"date":336,"score":140,"percentile":337},"2025-12-15",0.74447,{"date":339,"score":140,"percentile":340},"2025-12-16",0.74458,{"date":342,"score":140,"percentile":343},"2025-12-17",0.74468,{"date":345,"score":140,"percentile":346},"2025-12-18",0.74489,{"date":348,"score":140,"percentile":349},"2025-12-19",0.74506,{"date":351,"score":140,"percentile":352},"2025-12-20",0.74503,{"date":354,"score":140,"percentile":355},"2025-12-21",0.74496,{"date":357,"score":140,"percentile":358},"2025-12-22",0.74497,{"date":360,"score":140,"percentile":361},"2025-12-23",0.74491,{"date":363,"score":140,"percentile":352},"2025-12-24",{"date":365,"score":140,"percentile":366},"2025-12-25",0.74531,{"date":368,"score":140,"percentile":369},"2025-12-26",0.74526,{"date":371,"score":140,"percentile":372},"2025-12-27",0.74576,{"date":374,"score":140,"percentile":375},"2025-12-28",0.74508,{"date":377,"score":140,"percentile":378},"2025-12-29",0.74504,{"date":380,"score":140,"percentile":381},"2025-12-30",0.74518,{"date":383,"score":140,"percentile":384},"2025-12-31",0.74545,{"date":386,"score":140,"percentile":387},"2026-01-01",0.74686,{"date":389,"score":140,"percentile":390},"2026-01-02",0.74687,{"date":392,"score":140,"percentile":393},"2026-01-03",0.74688,{"date":395,"score":140,"percentile":396},"2026-01-04",0.74555,{"date":398,"score":140,"percentile":399},"2026-01-05",0.74548,{"date":401,"score":140,"percentile":402},"2026-01-06",0.74565,{"date":404,"score":140,"percentile":405},"2026-01-07",0.74573,{"date":407,"score":140,"percentile":408},"2026-01-08",0.74587,{"date":410,"score":140,"percentile":411},"2026-01-09",0.74591,{"date":413,"score":140,"percentile":414},"2026-01-10",0.74588,{"date":416,"score":140,"percentile":372},"2026-01-11",{"date":418,"score":140,"percentile":419},"2026-01-12",0.74563,{"date":421,"score":140,"percentile":422},"2026-01-13",0.74562,{"date":424,"score":140,"percentile":408},"2026-01-14",{"date":426,"score":140,"percentile":427},"2026-01-15",0.74594,{"date":429,"score":140,"percentile":430},"2026-01-16",0.7461,{"date":432,"score":140,"percentile":433},"2026-01-17",0.74608,{"date":435,"score":140,"percentile":436},"2026-01-18",0.74589,{"date":438,"score":140,"percentile":439},"2026-01-19",0.74579,{"date":441,"score":140,"percentile":442},"2026-01-20",0.74585,{"date":444,"score":140,"percentile":411},"2026-01-21",{"date":446,"score":140,"percentile":447},"2026-01-22",0.74596,{"date":449,"score":140,"percentile":450},"2026-01-23",0.74625,{"date":452,"score":140,"percentile":453},"2026-01-24",0.74634,{"date":455,"score":140,"percentile":456},"2026-01-25",0.74616,{"date":458,"score":140,"percentile":459},"2026-01-26",0.74614,{"date":461,"score":140,"percentile":462},"2026-01-27",0.74623,{"date":464,"score":140,"percentile":465},"2026-01-28",0.74631,{"date":467,"score":140,"percentile":468},"2026-01-29",0.74629,{"date":470,"score":140,"percentile":471},"2026-01-30",0.7463,{"date":473,"score":140,"percentile":474},"2026-01-31",0.74635,{"date":476,"score":140,"percentile":477},"2026-02-01",0.74754,[479,488],{"source":144,"cvss_v2_0":480,"cvss_v3_0":9,"cvss_v3_1":485,"cvss_v4_0":9},{"baseScore":481,"baseSeverity":9,"vectorString":482,"impactScore":483,"exploitabilityScore":484},5,"AV:N/AC:L/Au:N/C:N/I:N/A:P",2.9,10,{"baseScore":142,"baseSeverity":486,"vectorString":145,"impactScore":487,"exploitabilityScore":484},"HIGH",6,{"source":161,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":489,"cvss_v4_0":490},{"baseScore":142,"baseSeverity":9,"vectorString":145,"impactScore":487,"exploitabilityScore":484},{"baseScore":491,"baseSeverity":9,"vectorString":492,"impactScore":9,"exploitabilityScore":9},8.7,"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",[494,504,512,522,528,546],{"ecosystem":9,"name":495,"vendor":496,"product":495,"cpe_part":497,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":498},"fedora","fedoraproject","o",[499,502],{"version":500,"is_range":138,"range_type":501,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"33","cpe",{"version":503,"is_range":138,"range_type":501,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"34",{"ecosystem":9,"name":505,"vendor":506,"product":507,"cpe_part":508,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":509},"enterprise manager ops center","oracle","enterprise_manager_ops_center","a",[510],{"version":511,"is_range":138,"range_type":501,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.4.0.0",{"ecosystem":9,"name":513,"vendor":506,"product":514,"cpe_part":508,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":515},"instantis enterprisetrack","instantis_enterprisetrack",[516,518,520],{"version":517,"is_range":138,"range_type":501,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"17.1",{"version":519,"is_range":138,"range_type":501,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"17.2",{"version":521,"is_range":138,"range_type":501,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"17.3",{"ecosystem":9,"name":523,"vendor":506,"product":524,"cpe_part":508,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":525},"zfs storage appliance kit","zfs_storage_appliance_kit",[526],{"version":527,"is_range":138,"range_type":501,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.8",{"ecosystem":529,"name":530,"vendor":529,"product":530,"cpe_part":9,"purl_type":531,"purl_namespace":9,"purl_name":530,"source":9,"versions":532},"PyPI","urllib3","pypi",[533,539,542],{"version":534,"is_range":535,"range_type":536,"version_start":9,"version_start_type":9,"version_end":537,"version_end_type":538,"fixed_in":9},"lt2d4a3fee6de2fa45eb82169361918f759269b4ec",true,"ecosystem","2d4a3fee6de2fa45eb82169361918f759269b4ec","excluding",{"version":540,"is_range":535,"range_type":536,"version_start":9,"version_start_type":9,"version_end":541,"version_end_type":538,"fixed_in":9},"lt1_26_5","1.26.5",{"version":543,"is_range":535,"range_type":536,"version_start":544,"version_start_type":545,"version_end":541,"version_end_type":538,"fixed_in":9},"gte1_25_4_lt1_26_5","1.25.4","including",{"ecosystem":9,"name":530,"vendor":547,"product":530,"cpe_part":508,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":548},"python",[549],{"version":550,"is_range":535,"range_type":501,"version_start":544,"version_start_type":545,"version_end":541,"version_end_type":538,"fixed_in":9},"gte1.25.4_lt1.26.5"]