95 matches found
Astra Linux – Vulnerability in python-urllib3
urllib3 before version 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest. NOTE: this is similar to CVE-2020-26116...
Linux Distros Unpatched Vulnerability : CVE-2020-26116
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP...
Ubuntu: Security Advisory (USN-6891-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Rocky Linux 8 : python38:3.8 (RLSA-2021:1879)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:1879 advisory. - http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker control...
CLSA-2023-1698945913 python3: Fix of CVE-2020-26116
CVE-2020-26116: prevent header injection in http methods...
Debian dla-3610 : python-urllib3 - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3610 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3610-1 [email protected]...
[SECURITY] [DLA 3432-1] python2.7 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3432-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler May 24, 2023 https://wiki.debian.org/LTS -...
RHEL 7 : python27 (RHSA-2020:4273)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4273 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...
Amazon Linux 2 : python3 (ALAS-2021-1670)
The version of python3 installed on the remote host is prior to 3.7.10-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1670 advisory. A flaw was found in Python. The built-in modules httplib and http.client included in Python 2 and Python 3, respectively ...
Amazon Linux 2 : python (ALAS-2021-1669)
The version of python installed on the remote host is prior to 2.7.18-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1669 advisory. A flaw was found in Python. The built-in modules httplib and http.client included in Python 2 and Python 3, respectively do not...
python, tkinter security update
CentOS Errata and Security Advisory CESA-2022:5235 An update for python is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
CentOS 7 : python (RHSA-2022:5235)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5235 advisory. - http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker contro...
Scientific Linux Security Update : python on SL7.x i686/x86_64 (2022:5235)
The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:5235-1 advisory. - python: CRLF injection via HTTP request method in httplib/http.client CVE-2020-26116 - python-urllib3: CRLF injection via HTTP request method...
Moderate: Red Hat Security Advisory: python security update
An update for python is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
NewStart CGSL MAIN 6.02 : python3 Multiple Vulnerabilities (NS-SA-2022-0049)
The remote NewStart CGSL host, running version MAIN 6.02, has python3 packages installed that are affected by multiple vulnerabilities: - http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTT...
AlmaLinux 8 : python3 (ALSA-2021:1633)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:1633 advisory. - http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls...
Oracle Linux 8 : python38:3.8 (ELSA-2021-1879)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-1879 advisory. - Security fix for CVE-2021-3177 Resolves: rhbz1919161 - Security fix for CVE-2020-26116 python-requests Tenable has extracted the preceding descriptio...
CLSA-2021-1634925483 Fixed CVEs in python: CVE-2018-20852, CVE-2020-8492, CVE-2020-26116, CVE-2020-27619
Add Oracle Linux distribution in platform.py - CVE-2018-20852: Prefix dot in domain for proper subdomain validation - CVE-2020-8492: Python allows an HTTP server to conduct Regular Expression Denial of Service ReDoS attacks against a client - CVE-2020-26116: http.client allows CRLF injection if...
Security Bulletin: IBM Cognos Analytics with Watson 11.2.1 has addressed multiple vulnerabilities
Summary Security vulnerabilities have been addressed in IBM Cognos Analytics with Watson 11.2.1 Vulnerability Details CVEID: CVE-2017-12620 DESCRIPTION: Apache OpenNLP could allow a remote attacker to obtain sensitive information, caused by an XXE attack when loading models or dictionaries that...
Python < 3.5.10, 3.6.x < 3.6.12, 3.7.x < 3.7.9, 3.8.x < 3.8.5 Python Issue (bpo-39603) - Mac OS X
http.client in Python is prone to CRLF injection. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescription...