SUSE-SU-2026:1980-1 Security update for cloud-init

This update for cloud-init fixes the following issues: - Update to version 25.1.3 bsc1245403, CVE-2024-11584, CVE-2024-6174 - Update to version 25.1.1 bsc1239715, jscPED-8680, bsc1228414, bsc1237764 - Make sure a directory exists, if not create it, before writing in that location bsc1236720 -...

CVE-2021-47952

A flaw was found in python-jsonpickle. A remote attacker can exploit this vulnerability by crafting and sending malicious JSON payloads. When these payloads, which contain specially crafted py/repr objects, are deserialized, they can trigger the execution of arbitrary Python commands and system...

search-cve

Intelligence Engine A lean Python CLI that aggregates CVE i...

OPENSUSE-SU-2026:20777-1 Security update for python-GitPython

This update for python-GitPython fixes the following issues - CVE-2026-42215: command injection via Git options bypass bsc1264604. - CVE-2026-42284: unsafe option check validates multioptions before shlex.split transforms it bsc1264605. - CVE-2026-44243: path traversal in GitPython reference APIs...

SUSE-SU-2026:21731-1 Security update for python-lxml

This update for python-lxml fixes the following issue - CVE-2026-41066: Information disclosure via untrusted XML input leading to local file read bsc1263254...

Security update for python-python-multipart

This update for python-python-multipart fixes the following issue CVE-2026-42561: denial of service vulnerability in multipart part header parsing bsc1265250. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

SUSE-SU-2026:1961-1 Security update for python-python-multipart

This update for python-python-multipart fixes the following issue - CVE-2026-42561: denial of service vulnerability in multipart part header parsing bsc1265250...

SUSE-SU-2026:1947-1 Security update for python310

This update for python310 fixes the following issues Security issues: - CVE-2026-1502: HTTP client proxy tunnel headers not validated for CR/LF bsc1261969. - CVE-2026-3446: base64 decoding stops at first padded quad by default bsc1261970. - CVE-2026-4786: incomplete mitigation of , %action...

Web-Application-Vulnerability-Scanner

Web-Application-Vulnerability-Scanner Developed a Python-...

BIT-GITLAB-2026-3073 Authorization Bypass Through User-Controlled Key in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.6 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with developer-role permissions to bypass PyPI package protection rules and upload restricted packages due to...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431-CopyFail Artifacts and scripts for the CopyFai...

[SECURITY] Fedora 42 Update: uv-0.11.11-1.fc42

An extremely fast Python package and project manager, written in Rust. Highlights: =E2=80=A2 A single tool to replace pip, pip-tools, pipx, poetry, pyenv, twi ne, virtualenv, and more. =E2=80=A2 10-100x faster than pip. =E2=80=A2 Provides comprehensive project management, with a universal lockf...

[SECURITY] Fedora 42 Update: python-uv-build-0.11.11-1.fc42

This package is a slimmed down version of uv containing only the build backend...

[SECURITY] Fedora 43 Update: python-uv-build-0.11.11-1.fc43

This package is a slimmed down version of uv containing only the build backend...

[SECURITY] Fedora 43 Update: uv-0.11.11-1.fc43

An extremely fast Python package and project manager, written in Rust. Highlights: =E2=80=A2 A single tool to replace pip, pip-tools, pipx, poetry, pyenv, twi ne, virtualenv, and more. =E2=80=A2 10-100x faster than pip. =E2=80=A2 Provides comprehensive project management, with a universal lockf...

[SECURITY] Fedora 44 Update: python-uv-build-0.11.11-1.fc44

This package is a slimmed down version of uv containing only the build backend...

[SECURITY] Fedora 44 Update: uv-0.11.11-1.fc44

An extremely fast Python package and project manager, written in Rust. Highlights: =E2=80=A2 A single tool to replace pip, pip-tools, pipx, poetry, pyenv, twi ne, virtualenv, and more. =E2=80=A2 10-100x faster than pip. =E2=80=A2 Provides comprehensive project management, with a universal lockf...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-cryptography (UTSA-2026-021489)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021489 advisory. A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges,...

python311-urllib3-2.7.0-1.1 on GA media (moderate)

python311-urllib3-2.7.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10798-1 Rating: moderate Cross-References: CVE-2026-44432 CVSS scores: CVE-2026-44432 SUSE : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-44432 SUSE : 8.2...

PT-2026-41734

Name of the Vulnerable Software and Affected Versions amazon-redshift-python-driver versions prior to 2.1.14 Description Unsafe use of Python's eval function on data received from a server within the vector in function allows a rogue server or man-in-the-middle actor to execute arbitrary code on...