Lucene search
K

424 matches found

RedHat Linux
RedHat Linux
added 2026/04/02 12:7 p.m.7 views

cpython: email header injection due to unquoted newlines

A flaw was found in the email module in the Python standard library. When serializing an email message, the BytesGenerator class fails to properly quote newline characters for email headers. This issue is exploitable when the LiteralHeader class is used as it does not respect email folding rules,...

6CVSS6.8AI score0.0056EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2026/04/02 12:7 p.m.10 views

Moderate: Red Hat Security Advisory: python3 security update

An update for python3 is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

6CVSS7AI score0.0056EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/02 12:0 a.m.7 views

RHEL 7 : python3 (RHSA-2026:6464)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6464 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

6CVSS7.2AI score0.0056EPSS
Exploits0References9
OSV
OSV
added 2026/03/31 9:13 a.m.4 views

SUSE-SU-2026:20951-1 Security update for python311

This update for python311 fixes the following issues: - CVE-2026-1299: header injection when an email is serialized due to improper newline quoting bsc1257181. - CVE-2026-2297: validation bypass via incorrectly handled hook in FileLoader bsc1259240...

6CVSS7.1AI score0.0056EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/03/31 9:11 a.m.10 views

cpython: email header injection due to unquoted newlines

A flaw was found in the email module in the Python standard library. When serializing an email message, the BytesGenerator class fails to properly quote newline characters for email headers. This issue is exploitable when the LiteralHeader class is used as it does not respect email folding rules,...

6CVSS5.8AI score0.0056EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2026/03/31 9:11 a.m.5 views

Moderate: Red Hat Security Advisory: python3.11 security update

An update for python3.11 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

6CVSS5.9AI score0.0056EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/03/31 12:0 a.m.6 views

RHEL 9 : python3.11 (RHSA-2026:6253)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6253 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

6CVSS7.1AI score0.0056EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2026/03/30 11:1 a.m.9 views

Moderate: Red Hat Security Advisory: python3 security update

An update for python3 is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring Syst...

6CVSS7AI score0.0056EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/30 12:0 a.m.6 views

RHEL 8 : python3 (RHSA-2026:6008)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6008 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

6CVSS6AI score0.0056EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/03/28 9:27 a.m.46 views

CVE-2026-2442 Pagelayer <= 2.0.7 - Improper Neutralization of CRLF Sequences to Unauthenticated Email Header Injection via 'email'

The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Improper Neutralization of CRLF Sequences 'CRLF Injection' in all versions up to, and including, 2.0.7. This is due to the contact form handler performing placeholder substitution on...

5.3CVSS0.00297EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/28 9:27 a.m.4 views

CVE-2026-2442 Pagelayer <= 2.0.7 - Improper Neutralization of CRLF Sequences to Unauthenticated Email Header Injection via 'email'

The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Improper Neutralization of CRLF Sequences 'CRLF Injection' in all versions up to, and including, 2.0.7. This is due to the contact form handler performing placeholder substitution on...

5.3CVSS6AI score0.00297EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/03/28 1:44 a.m.7 views

WordPress Pagelayer plugin <= 2.0.7 - Improper Neutralization of CRLF Sequences to Unauthenticated Email Header Injection via 'email' vulnerability

Improper Neutralization of CRLF Sequences to Unauthenticated Email Header Injection via 'email' vulnerability discovered by Drew Webber mcdruid in WordPress Plugin PageLayer versions = 2.0.7...

5.3CVSS5.9AI score0.00297EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/28 12:0 a.m.5 views

PT-2026-28338

Name of the Vulnerable Software and Affected Versions Page Builder: Pagelayer versions up to and including 2.0.7 Description The Page Builder: Pagelayer WordPress plugin is susceptible to CRLF Injection due to improper handling of Carriage Return and Line Feed characters in the contact form...

5.3CVSS6AI score0.00297EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/03/28 12:0 a.m.17 views

SUSE SLES15: libpython3_11-1_0 / python311 / python311-base / python311-curses / etc (SUSE-SU-2026:1117-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1117-1 advisory. Update to python 3.11.15: - CVE-2025-6075: quadratic complexity in os.path.expandvars bsc1252974. - CVE-2025-11468: header injectio...

7.5CVSS6.8AI score0.01525EPSS
Exploits0References31
Rockylinux
Rockylinux
added 2026/03/27 12:7 p.m.10 views

python3.12 security update

An update is available for python3.12. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming...

6CVSS5.9AI score0.0056EPSS
Exploits0
OSV
OSV
added 2026/03/27 12:7 p.m.7 views

RLSA-2026:4713 Moderate: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.1CVSS7.1AI score0.0056EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/03/27 12:0 a.m.6 views

RockyLinux 10 : python3.12 (RLSA-2026:4713)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:4713 advisory. cpython: wsgiref.headers.Headers allows header newline injection in Python CVE-2026-0865 cpython: IMAP command injection in user-controlled commands...

6CVSS7.2AI score0.0056EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/03/26 3:6 p.m.6 views

CVE-2026-22204

wpDiscuz before 7.6.47 contains an email header injection vulnerability that allows attackers to manipulate mail recipients by injecting malicious data into the commentauthoremail cookie. Attackers can craft a malicious cookie value that, when processed through urldecode and passed to wpmail...

6.3CVSS5.8AI score0.00221EPSS
Exploits0References1
OSV
OSV
added 2026/03/26 10:36 a.m.6 views

SUSE-SU-2026:1062-1 Security update for python310

This update for python310 fixes the following issues: Update to Python 3.10.20: - CVE-2025-6075: quadratic complexity in os.path.expandvars bsc1252974. - CVE-2025-11468: header injection with carefully crafted inputs bsc1257029. - CVE-2025-12084: quadratic complexity in xml.minidom node ID cache...

7.5CVSS7AI score0.01525EPSS
Exploits0References19
RedHat Linux
RedHat Linux
added 2026/03/23 4:6 p.m.6 views

Moderate: Red Hat Security Advisory: python3.12 security update

An update for python3.12 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

6CVSS7.1AI score0.0056EPSS
Exploits0References4
Rows per page
Query Builder