20 matches found
CVE-2019-11340
creationtimestamp| type| source ---|---|--- 2026-04-02 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0395/...
CVE-2019-11340
util/emailutils.py in Matrix Sydent before 1.0.2 mishandles registration restrictions that are based on e-mail domain, if the allowedlocal3pids option is enabled. This occurs because of potentially unwanted behavior in Python, in which an email.utils.parseaddr call on...
CVE-2025-11340
GitLab has remediated an issue in GitLab EE affecting all versions from 18.3 to 18.3.4, 18.4 to 18.4.2 that, under certain conditions, could have allowed authenticated users with read-only API tokens to perform unauthorized write operations on vulnerability records by exploiting incorrectly scope...
CVE-2025-11340 Incorrect Authorization in GitLab
GitLab has remediated an issue in GitLab EE affecting all versions from 18.3 to 18.3.4, 18.4 to 18.4.2 that, under certain conditions, could have allowed authenticated users with read-only API tokens to perform unauthorized write operations on vulnerability records by exploiting incorrectly scope...
Linux Distros Unpatched Vulnerability : CVE-2017-11340
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a Segmentation fault in the XmpParser::terminate function in Exiv2 0.26, related to an exit call. A Crafted input will lead to a remote denial of servi...
Mageia: Security Advisory (MGASA-2017-0391)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-11340
CVE-2020-11340 is rejected/not used per description; not an active vulnerability entry.
CVE-2020-11340
...
python: email.utils.parseaddr wrongly parses email addresses
An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To header...
python: email.utils.parseaddr wrongly parses email addresses
An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To header...
python: email.utils.parseaddr wrongly parses email addresses
An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To header...
PSF-2019-5 email.utils.parseaddr mistakenly parse an email
An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To header...
CVE-2019-11340
util/emailutils.py in Matrix Sydent before 1.0.2 mishandles registration restrictions that are based on e-mail domain, if the allowedlocal3pids option is enabled. This occurs because of potentially unwanted behavior in Python, in which an email.utils.parseaddr call on...
CVE-2019-11340
util/emailutils.py in Matrix Sydent before 1.0.2 mishandles registration restrictions that are based on e-mail domain, if the allowedlocal3pids option is enabled. This occurs because of potentially unwanted behavior in Python, in which an email.utils.parseaddr call on...
CVE-2019-11340
CVE-2019-11340 stems from Matrix Sydent’s pre-1.0.2 email-domain registration checks, where Python’s email parsing edge-case allows an address like [email protected]@good.example.com to bypass restrictions because email.utils.parseaddr can return the wrong substring. The issue is tied to the e...
openSUSE Security Update : exiv2 (openSUSE-2019-504)
This update for exiv2 to 0.26 fixes the following security issues : - CVE-2017-14864: Prevent invalid memory address dereference in Exiv2::getULong that could have caused a segmentation fault and application crash, which leads to denial of service bsc1060995. - CVE-2017-14862: Prevent invalid...
openSUSE Security Update : exiv2 (openSUSE-2018-727)
This update for exiv2 to 0.26 fixes the following security issues : - CVE-2017-14864: Prevent invalid memory address dereference in Exiv2::getULong that could have caused a segmentation fault and application crash, which leads to denial of service bsc1060995. - CVE-2017-14862: Prevent invalid...
Security update for exiv2 (moderate)
This update for exiv2 to 0.26 fixes the following security issues: - CVE-2017-14864: Prevent invalid memory address dereference in Exiv2::getULong that could have caused a segmentation fault and application crash, which leads to denial of service bsc1060995. - CVE-2017-14862: Prevent invalid memo...
CVE-2018-11340
CVE-2018-11340 concerns an unrestricted file upload in ASUSTOR AS6202T ADM 3.1.0.RFQ3, specifically the importuser.cgi endpoint. The underlying issue is that the program accepts an uploaded file and saves it with a user-supplied filename, enabling an attacker to place attacker-controlled code on ...
CVE-2017-11340
There is a Segmentation fault in the XmpParser::terminate function in Exiv2 0.26, related to an exit call. A Crafted input will lead to a remote denial of service attack...