GHSA-65PC-FJ4G-8RJX Internationalized Domain Names in Applications (IDNA): Specially crafted inputs to idna.encode() can bypass CVE-2024-3651 fix

This is the same issue as CVE-2024-3651, however the original remediation in 2024 was not a complete fix. Payloads such as "\u0660" N or "\u30fb" N + "\u6f22" utilize the validcontexto function prior to length rejection, and for high values of N will take a long time to process. Impact A speciall...

a-mailx (=0.1.0), aaaai (>=0.1.3 <=0.3.0) +1043 more potentially affected by CVE-2024-3651 +1 more via idna (>=3.10.0 <=3.14.0)

idna PYPI version =3.10.0, =0.1.3, =4.8.2, =0.1.3, =0.1.0, =0.3.4, =0.4.0, =0.0.6, =0.1.0, =0.1.31, =0.1.0, =0.4.0, =0.1.0, =1.0.0, =1.0.3 and more Source cves: CVE-2024-3651, CVE-2026-45409 Source advisory: SNYK:PYTHON-IDNA-16769942...

Splunk Enterprise 9.1.x < 9.1.8 / 9.2.x < 9.2.5 / 9.3.x < 9.3.3 / 9.4.x < 9.4.1 Multiple Vulnerabilities (SVD-2025-0308)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities: - A vulnerability in the kjd/idna library, specifically within the idna.encode function, allows crafted input strings to cause quadratic complexity, leading to a...

Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2026-1143)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MiracleLinux 9 : python-idna-2.10-7.el9_4.1 (AXSA:2024-8453:01)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8453:01 advisory. python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651 CVE-2024-3651 RESERVED Tenable has extracted th...

MiracleLinux 8 : python-idna-2.5-7.el8_10 (AXSA:2024-8515:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8515:02 advisory. python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651 Tenable has extracted the preceding description...

Security Bulletin: IBM B2B Advanced Communications is affected by vulnerabilities in kjd/idna library

Summary IBM B2B Advanced Communications has addressed vulnerabilities in idna library shipped with product CVE-2024-3651. Vulnerability Details CVEID:CVE-2024-3651 DESCRIPTION: A vulnerability was identified in the kjd/idna library, specifically within the idna.encode function, affecting version...

TencentOS Server 3: python39:3.9 and python39-devel:3.9 (TSSA-2024:0768)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0768 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

NewStart CGSL MAIN 7.02 : python-idna Vulnerability (NS-SA-2025-0144)

The remote NewStart CGSL host, running version MAIN 7.02, has python-idna packages installed that are affected by a vulnerability: - A vulnerability was identified in the kjd/idna library, specifically within the idna.encode function, affecting version 3.6. The issue arises from the function's...

Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2025-1788)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2025-1811)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP10 : python-pip (EulerOS-SA-2025-1811)

According to the versions of the python-pip packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was identified in the kjd/idna library, specifically within the idna.encode function, affecting version 3.6. The issue arises...

EulerOS 2.0 SP10 : python-pip (EulerOS-SA-2025-1788)

According to the versions of the python-pip packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was identified in the kjd/idna library, specifically within the idna.encode function, affecting version 3.6. The issue arises...

Security Bulletin: IBM Maximo Application Suite uses multiple Python packages which is vulnerable to "CVE-2024-3651, CVE-2023-32681, CVE-2024-35195, CVE-2024-37891"

Summary IBM Maximo Application Suite uses multiple Python packages which is vulnerable to "CVE-2024-3651, CVE-2023-32681, CVE-2024-35195, CVE-2024-37891". This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-3651 DESCRIPTION: idna...

TencentOS Server 4: python-idna (TSSA-2024:0140)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0140 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 3: python-idna (TSSA-2024:0315)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0315 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

TencentOS Server 2: python-idna (TSSA-2024:0673)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0673 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

Photon OS 4.0: Python3 PHSA-2025-4.0-0745

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0745. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2020-3651

Active command timeout since WM status change cmd is not removed from active queue if peer sends multiple deauth frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...

CVE-2013-3651

LOCKON EC-CUBE 2.11.2 through 2.12.4 allows remote attackers to conduct unspecified PHP code-injection attacks via a crafted string, related to data/class/SCCheckError.php and data/class/SCFormParam.php...