132 matches found
GHSA-65PC-FJ4G-8RJX Internationalized Domain Names in Applications (IDNA): Specially crafted inputs to idna.encode() can bypass CVE-2024-3651 fix
This is the same issue as CVE-2024-3651, however the original remediation in 2024 was not a complete fix. Payloads such as "\u0660" N or "\u30fb" N + "\u6f22" utilize the validcontexto function prior to length rejection, and for high values of N will take a long time to process. Impact A speciall...
a-mailx (=0.1.0), aaaai (>=0.1.3 <=0.3.0) +1028 more potentially affected by CVE-2024-3651 +1 more via idna (>=3.10.0 <=3.14.0)
idna PYPI version =3.10.0, =0.1.3, =4.8.2, =0.1.3, =0.1.0, =0.3.4, =0.4.0, =0.0.6, =0.1.0, =0.1.31, =0.1.0, =0.4.0, =0.1.0, =1.0.0, =1.0.3 and more Source cves: CVE-2024-3651, CVE-2026-45409 Source advisory: SNYK:PYTHON-IDNA-16769942...
Splunk Enterprise 9.1.x < 9.1.8 / 9.2.x < 9.2.5 / 9.3.x < 9.3.3 / 9.4.x < 9.4.1 Multiple Vulnerabilities (SVD-2025-0308)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities: - A vulnerability in the kjd/idna library, specifically within the idna.encode function, allows crafted input strings to cause quadratic complexity, leading to a...
Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2026-1143)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MiracleLinux 8 : python-idna-2.5-7.el8_10 (AXSA:2024-8515:02)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8515:02 advisory. python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651 Tenable has extracted the preceding description...
MiracleLinux 9 : python-idna-2.10-7.el9_4.1 (AXSA:2024-8453:01)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8453:01 advisory. python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651 CVE-2024-3651 RESERVED Tenable has extracted th...
Security Bulletin: IBM B2B Advanced Communications is affected by vulnerabilities in kjd/idna library
Summary IBM B2B Advanced Communications has addressed vulnerabilities in idna library shipped with product CVE-2024-3651. Vulnerability Details CVEID:CVE-2024-3651 DESCRIPTION: A vulnerability was identified in the kjd/idna library, specifically within the idna.encode function, affecting version...
TencentOS Server 3: python39:3.9 and python39-devel:3.9 (TSSA-2024:0768)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0768 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
NewStart CGSL MAIN 7.02 : python-idna Vulnerability (NS-SA-2025-0144)
The remote NewStart CGSL host, running version MAIN 7.02, has python-idna packages installed that are affected by a vulnerability: - A vulnerability was identified in the kjd/idna library, specifically within the idna.encode function, affecting version 3.6. The issue arises from the function's...
Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2025-1788)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2025-1811)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP10 : python-pip (EulerOS-SA-2025-1811)
According to the versions of the python-pip packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was identified in the kjd/idna library, specifically within the idna.encode function, affecting version 3.6. The issue arises...
EulerOS 2.0 SP10 : python-pip (EulerOS-SA-2025-1788)
According to the versions of the python-pip packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was identified in the kjd/idna library, specifically within the idna.encode function, affecting version 3.6. The issue arises...
Security Bulletin: IBM Maximo Application Suite uses multiple Python packages which is vulnerable to "CVE-2024-3651, CVE-2023-32681, CVE-2024-35195, CVE-2024-37891"
Summary IBM Maximo Application Suite uses multiple Python packages which is vulnerable to "CVE-2024-3651, CVE-2023-32681, CVE-2024-35195, CVE-2024-37891". This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-3651 DESCRIPTION: idna...
TencentOS Server 3: python-idna (TSSA-2024:0315)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0315 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
TencentOS Server 4: python-idna (TSSA-2024:0140)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0140 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
TencentOS Server 2: python-idna (TSSA-2024:0673)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0673 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...
Photon OS 4.0: Python3 PHSA-2025-4.0-0745
An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0745. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Alibaba Cloud Linux 3 : 0217: python-idna (ALINUX3-SA-2024:0217)
The remote Alibaba Cloud Linux 3 host has a package installed that is affected by a vulnerability as referenced in the ALINUX3-SA-2024:0217 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-3651: A vulnerability was identified in th...
Security Bulletin: Vulnerability in idna affects IBM Cloud Pak for Data System 1.0(CPDS 1.0)[CVE-2024-3651].
Summary The idna package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2024-3651. Vulnerability Details CVEID:CVE-2024-3651 DESCRIPTION: idna could allow a local user to cause a denial of service using a specially crafted...