Red Hat Security Advisory: Satellite 6.17.6.3 Async Update
Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments. Security Fix(es): * python-urllib3: urllib3 Streaming API improperly handles highly compressed data (CVE-2025-66471) * python-urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API) (CVE-2026-21441) * python-urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion (CVE-2025-66418) Bug Fix(es): * Satellite upgrade from 6.17.5 to 6.18 failed during Pulpcore database migration due to incompatible versions detected for some of the pulpcore plugins (SAT-41761)
Red Hat Security Advisory: Satellite 6.17.6.3 Async Update
Description
Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments. Security Fix(es): * python-urllib3: urllib3 Streaming API improperly handles highly compressed data (CVE-2025-66471) * python-urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API) (CVE-2026-21441) * python-urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion (CVE-2025-66418) Bug Fix(es): * Satellite upgrade from 6.17.5 to 6.18 failed during Pulpcore database migration due to incompatible versions detected for some of the pulpcore plugins (SAT-41761)
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2026:2764
- Cve Count
- 3
- Additional Cves
- ["CVE-2025-66471","CVE-2026-21441"]
- Cvss Version
- null
Threat ID: 6a160972e29bf47b5063a969
Added to database: 5/26/2026, 8:58:26 PM
Last updated: 5/26/2026, 8:59:31 PM
Views: 1
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.