Lucene search
K

95 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in python-urllib3

urllib3 before version 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest. NOTE: this is similar to CVE-2020-26116...

6.5CVSS7.4AI score0.02269EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2020-26116

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP...

7.2CVSS7.1AI score0.0642EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2024/07/12 12:0 a.m.53 views

Ubuntu: Security Advisory (USN-6891-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.1AI score0.23293EPSS
Exploits27References2
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.30 views

Rocky Linux 8 : python38:3.8 (RLSA-2021:1879)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:1879 advisory. - http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker control...

9.8CVSS8.6AI score0.23293EPSS
Exploits3References10
OSV
OSV
added 2023/11/02 5:25 p.m.6 views

CLSA-2023-1698945913 python3: Fix of CVE-2020-26116

CVE-2020-26116: prevent header injection in http methods...

7.2CVSS6.6AI score0.0642EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2023/10/08 12:0 a.m.33 views

Debian dla-3610 : python-urllib3 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3610 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3610-1 [email protected]...

9.8CVSS7.2AI score0.0642EPSS
Exploits3References16
Debian
Debian
added 2023/05/24 5:31 p.m.53 views

[SECURITY] [DLA 3432-1] python2.7 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3432-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler May 24, 2023 https://wiki.debian.org/LTS -...

9.8CVSS9.4AI score0.23293EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2023/01/23 12:0 a.m.51 views

RHEL 7 : python27 (RHSA-2020:4273)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4273 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

7.5CVSS7.5AI score0.0642EPSS
Exploits2References12
Tenable Nessus
Tenable Nessus
added 2023/01/04 12:0 a.m.35 views

Amazon Linux 2 : python3 (ALAS-2021-1670)

The version of python3 installed on the remote host is prior to 3.7.10-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1670 advisory. A flaw was found in Python. The built-in modules httplib and http.client included in Python 2 and Python 3, respectively ...

9.8CVSS7.2AI score0.08314EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2023/01/04 12:0 a.m.19 views

Amazon Linux 2 : python (ALAS-2021-1669)

The version of python installed on the remote host is prior to 2.7.18-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1669 advisory. A flaw was found in Python. The built-in modules httplib and http.client included in Python 2 and Python 3, respectively do not...

7.2CVSS7.1AI score0.0642EPSS
Exploits1References3
Cent OS
Cent OS
added 2022/08/02 7:15 p.m.624 views

python, tkinter security update

CentOS Errata and Security Advisory CESA-2022:5235 An update for python is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.8CVSS7AI score0.23293EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2022/08/02 12:0 a.m.80 views

CentOS 7 : python (RHSA-2022:5235)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5235 advisory. - http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker contro...

9.8CVSS8.4AI score0.23293EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2022/06/29 12:0 a.m.68 views

Scientific Linux Security Update : python on SL7.x i686/x86_64 (2022:5235)

The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:5235-1 advisory. - python: CRLF injection via HTTP request method in httplib/http.client CVE-2020-26116 - python-urllib3: CRLF injection via HTTP request method...

9.8CVSS7.7AI score0.23293EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2022/06/28 10:5 a.m.97 views

Moderate: Red Hat Security Advisory: python security update

An update for python is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

9.8CVSS7AI score0.23293EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2022/05/09 12:0 a.m.64 views

NewStart CGSL MAIN 6.02 : python3 Multiple Vulnerabilities (NS-SA-2022-0049)

The remote NewStart CGSL host, running version MAIN 6.02, has python3 packages installed that are affected by multiple vulnerabilities: - http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTT...

9.8CVSS8.4AI score0.35963EPSS
Exploits3References9
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.46 views

AlmaLinux 8 : python3 (ALSA-2021:1633)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:1633 advisory. - http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls...

9.8CVSS8.4AI score0.35963EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2021/11/12 12:0 a.m.47 views

Oracle Linux 8 : python38:3.8 (ELSA-2021-1879)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-1879 advisory. - Security fix for CVE-2021-3177 Resolves: rhbz1919161 - Security fix for CVE-2020-26116 python-requests Tenable has extracted the preceding descriptio...

9.8CVSS7.4AI score0.23293EPSS
Exploits3References4
OSV
OSV
added 2021/10/22 5:58 p.m.14 views

CLSA-2021-1634925483 Fixed CVEs in python: CVE-2018-20852, CVE-2020-8492, CVE-2020-26116, CVE-2020-27619

Add Oracle Linux distribution in platform.py - CVE-2018-20852: Prefix dot in domain for proper subdomain validation - CVE-2020-8492: Python allows an HTTP server to conduct Regular Expression Denial of Service ReDoS attacks against a client - CVE-2020-26116: http.client allows CRLF injection if...

9.8CVSS6.9AI score0.08314EPSS
Exploits3References1
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/14 9:21 p.m.56 views

Security Bulletin: IBM Cognos Analytics with Watson 11.2.1 has addressed multiple vulnerabilities

Summary Security vulnerabilities have been addressed in IBM Cognos Analytics with Watson 11.2.1 Vulnerability Details CVEID: CVE-2017-12620 DESCRIPTION: Apache OpenNLP could allow a remote attacker to obtain sensitive information, caused by an XXE attack when loading models or dictionaries that...

9.8CVSS10.6AI score0.48019EPSS
Exploits11Affected Software1
OpenVAS
OpenVAS
added 2021/09/11 12:0 a.m.22 views

Python < 3.5.10, 3.6.x < 3.6.12, 3.7.x < 3.7.9, 3.8.x < 3.8.5 Python Issue (bpo-39603) - Mac OS X

http.client in Python is prone to CRLF injection. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescription...

7.2CVSS7.6AI score0.0642EPSS
Exploits1References2
Rows per page
Query Builder