EUVD-2021-19274

Malware in sbrugna...

CVE-2019-19274

creationtimestamp| type| source ---|---|--- 2024-02-28 15:11:44+00:00| seen| https://t.me/ctinow/195539...

Mageia: Security Advisory (MGASA-2020-0249)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-19274

A Cross SIte Scripting XSS vulnerability exists in Dhcms 2017-09-18 in guestbook via the message board, which could let a remote malicious user execute arbitrary code...

CVE-2020-19274

A Cross SIte Scripting XSS vulnerability exists in Dhcms 2017-09-18 in guestbook via the message board, which could let a remote malicious user execute arbitrary code...

Updated python-typed-ast packages fix security vulnerability

Updated python-typed-ast package fixes security vulnerabilities: typedast 1.3.0 and 1.3.1 has a handlekeywordonlyargs out-of-bounds read. An attacker with the ability to cause a Python interpreter to parse Python source but not necessarily execute it may be able to crash the interpreter process...

OPENSUSE-SU-2020:0609-1 Security update for python-typed-ast

This update for python-typed-ast fixes the following issues: python-typed-ast was reverted to version 1.3.1 because it broke another package bsc1163532. Security issues fixed: - CVE-2019-19274: Fixed an out-of-bounds read bsc1161562. - CVE-2019-19275: Fixed an out-of-bounds read bsc1161563. This...

openSUSE Security Update : python-typed-ast (openSUSE-2020-567)

This update for python-typed-ast fixes the following issues : python-typed-ast was reverted to version 1.3.1 because it broke another package bsc1163532. Security issues fixed : - CVE-2019-19274: Fixed an out-of-bounds read bsc1161562. - CVE-2019-19275: Fixed an out-of-bounds read bsc1161563. C...

Security update for python-typed-ast (low)

openSUSE Security Update: Security update for python-typed-ast Announcement ID: openSUSE-SU-2020:0609-1 Rating: low References: 1161562 1161563 1163532 Cross-References: CVE-2019-19274 CVE-2019-19275 Affected Products: openSUSE Backports SLE-15-SP1 An update that solves two vulnerabilities and ha...

OPENSUSE-SU-2020:0567-1 Security update for python-typed-ast

This update for python-typed-ast fixes the following issues: python-typed-ast was reverted to version 1.3.1 because it broke another package bsc1163532. Security issues fixed: - CVE-2019-19274: Fixed an out-of-bounds read bsc1161562. - CVE-2019-19275: Fixed an out-of-bounds read bsc1161563...

Security update for python-typed-ast (low)

openSUSE Security Update: Security update for python-typed-ast Announcement ID: openSUSE-SU-2020:0567-1 Rating: low References: 1161562 1161563 1163532 Cross-References: CVE-2019-19274 CVE-2019-19275 Affected Products: openSUSE Leap 15.1 An update that solves two vulnerabilities and has one errat...

Fedora: Security Advisory for python3-typed_ast (FEDORA-2020-9b3dabc21c)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

filecrawl (>=1.0.0 <=1.0.0b2), hackingtools (>=0.9.94 <=2.0.3) +2 more potentially affected by CVE-2019-19274 via typed-ast (=1.3.1)

typed-ast PYPI version =1.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on typed-ast and may be impacted: - filecrawl =1.0.0, =0.9.94, =0.0.9, =0.0.1, =0.0.3 Source cves: CVE-2019-19274 Source advisory: OSV:GHSA-M3JW-62M7-JJCM...

Internet Bug Bounty: Two out-of-bounds array reads in Python AST builder (Re-opening 520612 with CVEs)

I'm re-submitting 520612 after getting CVEs issued, as instructed in an automated email from November 17th. Getting CVEs issued took a while, but here they are: - https://vulners.com/cve/CVE-2019-19274 - https://vulners.com/cve/CVE-2019-19275 Impact A service that takes Python snippets as payload...

CVE-2019-19274

typedast 1.3.0 and 1.3.1 has a handlekeywordonlyargs out-of-bounds read. An attacker with the ability to cause a Python interpreter to parse Python source but not necessarily execute it may be able to crash the interpreter process. This could be a concern, for example, in a web-based service that...

UBUNTU-CVE-2019-19274

typedast 1.3.0 and 1.3.1 has a handlekeywordonlyargs out-of-bounds read. An attacker with the ability to cause a Python interpreter to parse Python source but not necessarily execute it may be able to crash the interpreter process. This could be a concern, for example, in a web-based service that...

CVE-2019-19274

CVE-2019-19274 concerns typed_ast versions 1.3.0 and 1.3.1 with a handle_keywordonly_args out-of-bounds read. The vulnerability could crash a Python interpreter that parses Python source (without execution), e.g., in web-based parsing services. Several advisories note fixes for CVE-2019-19274 (an...

CVE-2019-19274

typedast 1.3.0 and 1.3.1 has a handlekeywordonlyargs out-of-bounds read. An attacker with the ability to cause a Python interpreter to parse Python source but not necessarily execute it may be able to crash the interpreter process. This could be a concern, for example, in a web-based service that...

CVE-2018-19274

CVE-2018-19274 affects phpBB &lt; 3.2.4: remote code execution via Phar deserialization when an attacker with founder permissions can access the Admin Control Panel. The issue arises from using an absolute path in a file_exists check, enabling Object Injection. NVD data shows CVSSv3.1 base score ...