cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service

A flaw was found in cpython. This vulnerability allows impacted availability via a quadratic algorithm in xml.dom.minidom methods, such as appendChild, when building excessively nested documents due to a dependency on clearidcache...

cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service

A flaw was found in cpython. This vulnerability allows impacted availability via a quadratic algorithm in xml.dom.minidom methods, such as appendChild, when building excessively nested documents due to a dependency on clearidcache...

[SECURITY] Fedora 43 Update: maturin-1.9.6-4.fc43

Build and publish crates with pyo3, rust-cpython and cffi bindings as well as rust binaries as python packages...

Siemens SCALANCE and RUGGEDCOM Use After Free (CVE-2025-4516)

There is an issue in CPython when using bytes.decodeunicodeescape, error=ignore|replace. If you are not using the unicodeescape encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode call in a try-...

cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service

A flaw was found in cpython. This vulnerability allows impacted availability via a quadratic algorithm in xml.dom.minidom methods, such as appendChild, when building excessively nested documents due to a dependency on clearidcache...

cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service

A flaw was found in cpython. This vulnerability allows impacted availability via a quadratic algorithm in xml.dom.minidom methods, such as appendChild, when building excessively nested documents due to a dependency on clearidcache...

RHEL 8 : python3 (RHSA-2026:2330)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:2330 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service

A flaw was found in cpython. This vulnerability allows impacted availability via a quadratic algorithm in xml.dom.minidom methods, such as appendChild, when building excessively nested documents due to a dependency on clearidcache...

cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service

A flaw was found in cpython. This vulnerability allows impacted availability via a quadratic algorithm in xml.dom.minidom methods, such as appendChild, when building excessively nested documents due to a dependency on clearidcache...

cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service

A flaw was found in cpython. This vulnerability allows impacted availability via a quadratic algorithm in xml.dom.minidom methods, such as appendChild, when building excessively nested documents due to a dependency on clearidcache...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2026-1192)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service

A flaw was found in cpython. This vulnerability allows impacted availability via a quadratic algorithm in xml.dom.minidom methods, such as appendChild, when building excessively nested documents due to a dependency on clearidcache...

Azure Linux 3.0 Security Update: python3 (CVE-2023-6507)

The version of python3 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-6507 advisory. - An issue was found in CPython 3.12.0 subprocess module on POSIX platforms. The issue was fixed in CPython...

CPython security vulnerabilities

CPython is a Python interpreter implemented in C language by the Python Foundation. CPython has security vulnerabilities, which stem from user-controlled cookie values and parameters that may lead to HTTP header injection...

CPython security vulnerabilities

CPython is a Python interpreter implemented in C language by the Python Foundation. CPython has security vulnerabilities, which stem from allowing header injection via line breaks when parsing data URLs that are controlled by users...

CPython security vulnerabilities

CPython is a Python interpreter implemented in C language by the Python Foundation. CPython has security vulnerabilities, which stem from the possibility of injecting additional commands through line breaks when user-controlled commands are passed...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2026-1057)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MiracleLinux 9 : python3.11-3.11.11-2.el9_6.1 (AXSA:2025-10624:06)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10624:06 advisory. cpython: Tarfile extracts filtered members when errorlevel=0 CVE-2025-4435 cpython: Bypass extraction filter to modify file metadata outside...

MiracleLinux 9 : python3.9-3.9.25-2.el9_7 (AXSA:2025-11589:05)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11589:05 advisory. python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used CVE-2024-5642 cpython: Python HTMLParser quadratic complexity...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python3 (UTSA-2025-992145)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992145 advisory. There is a defect in the CPython tarfile module affecting the TarFile extraction and entry enumeration APIs. The tar implementation would process tar archives with...