CVE-2026-0864

When using the "configparser" module to write configuration files containing multi-line text values with carriage return characters \r the resulting file could be injected with unexpected keys and values if the attacker controls the written value...

EUVD-2026-38554

When using the "configparser" module to write configuration files containing multi-line text values with carriage return characters \r the resulting file could be injected with unexpected keys and values if the attacker controls the written value...

CVE-2026-0864

The CVE-2026-0864 entry concerns Python’s configparser.write() and how it handles multi-line text values containing carriage return characters. The vulnerability arises when attacker-controlled values are written, potentially allowing injection of unexpected keys and values into the resulting con...

CVE-2026-0864 Configuration Injection via Carriage Return (\r) in write() method

When using the "configparser" module to write configuration files containing multi-line text values with carriage return characters \r the resulting file could be injected with unexpected keys and values if the attacker controls the written value...

CVE-2026-44244

GitPython is a python library used to interact with Git repositories. Prior to version 3.1.49, GitConfigParser.setvalue passes values to Python's configparser without validating for newlines. GitPython's own write converts embedded newlines into indented continuation lines e.g. \n becomes \n\t, b...

DEBIAN-CVE-2026-44244

GitPython is a python library used to interact with Git repositories. Prior to version 3.1.49, GitConfigParser.setvalue passes values to Python's configparser without validating for newlines. GitPython's own write converts embedded newlines into indented continuation lines e.g. \n becomes \n\t, b...

GitPython 代码注入漏洞

GitPython is a Python library developed by gitpython-developers, designed for interacting with Git repositories. Versions of GitPython prior to 3.1.49 contained a code injection vulnerability. This vulnerability stemmed from the use of GitConfigParser.setvalue, which did not validate line endings...

CVE-2026-44244

GitPython is a python library used to interact with Git repositories. Prior to version 3.1.49, GitConfigParser.setvalue passes values to Python's configparser without validating for newlines. GitPython's own write converts embedded newlines into indented continuation lines e.g. \n becomes \n\t, b...

FreeBSD : Python -- configparser vulnerable to excessive CPU use (5ec4dcf6-3588-11f1-b51c-6dd25bec137b)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 5ec4dcf6-3588-11f1-b51c-6dd25bec137b advisory. Stan Ulbrych reports: configparser.RawConfigParser.OPTCRE,OPTCRENV regexes are vulnerable to quadratic...

Python -- configparser vulnerable to excessive CPU use

Stan Ulbrych reports: configparser.RawConfigParser.OPTCRE,OPTCRENV regexes are vulnerable to quadratic backtracking...

builder-addon-pca (>=0.0.1 <=0.0.3), configparser-crypt (>=0.6.2 <=1.1.0) +5 more potentially affected by CVE-2025-63675 via cryptidy (=1.2.4)

cryptidy PYPI version =1.2.4 is affected by a known vulnerability. The following packages have a transitive dependency on cryptidy and may be impacted: - builder-addon-pca =0.0.1, =0.6.2, =1.4.0, =0.2.0, =2.2.0rc6, =0.9.0, =0.0.4, =1.0.6 Source cves: CVE-2025-63675 Source advisory:...

Security update for crmsh (moderate)

openSUSE Security Update: Security update for crmsh Announcement ID: openSUSE-SU-2020:1688-1 Rating: moderate References: 1163581 1176569 Affected Products: openSUSE Leap 15.1 An update that contains security fixes can now be installed. Description: This update for crmsh fixes the following issue...

Security update for crmsh (moderate)

openSUSE Security Update: Security update for crmsh Announcement ID: openSUSE-SU-2020:1678-1 Rating: moderate References: 1163581 1176569 Affected Products: openSUSE Leap 15.2 An update that contains security fixes can now be installed. Description: This update for crmsh fixes the following issue...

REST API Penetration Testing: Astra

REST API penetration testing is complex due to continuous changes in existing APIs and newly added APIs. Astra can be used by security engineers or developers as an integral part of their process, so they can detect and patch vulnerabilities early during development cycle. Astra can automatically...

CVE-2024-33427

CVE-2024-33427 is rejected/not used; this CVE entry does not represent an active vulnerability.

CVE-2024-33427

Removed by vendor...