ROS-20250812-01

A vulnerability in the Guzzle HTTP client library of the PHP programming language interpreter is related to an incorrectly implemented security checks for standard elements. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information Vulnerability i...

Azure Linux 3.0 Security Update: python-urllib3 / python3 (CVE-2025-50181)

The version of python-urllib3 / python3 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-50181 advisory. - urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, it is possible ...

Amazon Linux 2023 : python3.12-pip, python3.12-pip-wheel (ALAS2023-2025-1096)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1096 advisory. urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, it is possible to disable redirects for all requests by instantiating a PoolManager and specifying retries in a way that disab...

Security Bulletin: IBM QRadar Investigation Assistant app for IBM QRadar SIEM includes components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM QRadar Investigation Assistant app for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-50181 DESCRIPTION: urllib3 is ...

NewStart CGSL MAIN 7.02 : python-urllib3 Multiple Vulnerabilities (NS-SA-2025-0157)

The remote NewStart CGSL host, running version MAIN 7.02, has python-urllib3 packages installed that are affected by multiple vulnerabilities: - urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the Cookie HTTP header special or provide any helpers for managing...

Amazon Linux 2 : python3-urllib3 (ALAS-2025-2916)

The version of python3-urllib3 installed on the remote host is prior to 1.25.6-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2916 advisory. urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, it is possible to disable redirects for all...

Amazon Linux 2 : python-urllib3 (ALAS-2025-2915)

The version of python-urllib3 installed on the remote host is prior to 1.25.9-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2915 advisory. urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, it is possible to disable redirects for all...

Malicious code in realtime-client-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 949f22e5098ca5aee7073d984f9abc9e0e2fa8624224f842af24e4548844dfd7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OESA-2025-1700 postgresql security update

PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine a...

OESA-2025-1697 postgresql security update

PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine a...

CVE-2025-50182

urllib3 is a user-friendly HTTP client library for Python. Starting in version 2.2.0 and prior to 2.5.0, urllib3 does not control redirects in browsers and Node.js. urllib3 supports being used in a Pyodide runtime utilizing the JavaScript Fetch API or falling back on XMLHttpRequest. This means...

UBUNTU-CVE-2025-50182

urllib3 is a user-friendly HTTP client library for Python. Starting in version 2.2.0 and prior to 2.5.0, urllib3 does not control redirects in browsers and Node.js. urllib3 supports being used in a Pyodide runtime utilizing the JavaScript Fetch API or falling back on XMLHttpRequest. This means...

CVE-2025-50182 urllib3 does not control redirects in browsers and Node.js

urllib3 is a user-friendly HTTP client library for Python. Starting in version 2.2.0 and prior to 2.5.0, urllib3 does not control redirects in browsers and Node.js. urllib3 supports being used in a Pyodide runtime utilizing the JavaScript Fetch API or falling back on XMLHttpRequest. This means...

CVE-2025-50181

urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, it is possible to disable redirects for all requests by instantiating a PoolManager and specifying retries in a way that disable redirects. By default, requests and botocore users are not affected. An application attemptin...

OESA-2025-1568 libpq security update

PostgreSQL is a powerful, open source object-relational database system that uses and extends the SQL language combined with many features that safely store and scale the most complicated data workloads. This package provides the essential shared library for any PostgreSQL client program or...

OESA-2025-1565 libpq security update

PostgreSQL is a powerful, open source object-relational database system that uses and extends the SQL language combined with many features that safely store and scale the most complicated data workloads. This package provides the essential shared library for any PostgreSQL client program or...

Important: Red Hat Security Advisory: libsoup security update

An update for libsoup is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: libsoup security update

An update for libsoup is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

ALSA-2025:8126 Important: libsoup security update

The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: Heap buffer over-read in skipinsignificantspace when sniffing content CVE-2025-2784 libsoup: Denial of Service attack to websocket server CVE-2025-32049 libsoup: OOB Read on libsoup through function...

CVE-2013-3927

Unspecified vulnerability in the client library in Siemens COMOS 9.2 before 9.2.0.6.10 and 10.0 before 10.0.3.0.4 allows local users to obtain unintended write access to the database by leveraging read access...