341 matches found
Cross site scripting
XSS exists in Webmin 1.941 and earlier affecting the Save function of the Read User Email Module / mailboxes Endpoint when attempting to save HTML emails. This module parses any output without sanitizing SCRIPT elements, as opposed to the View function, which sanitizes the input correctly. A...
CVE-2020-12670
XSS exists in Webmin 1.941 and earlier affecting the Save function of the Read User Email Module / mailboxes Endpoint when attempting to save HTML emails. This module parses any output without sanitizing SCRIPT elements, as opposed to the View function, which sanitizes the input correctly. A...
Information Disclosure
python is vulnerable to information disclosure. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address tha...
The vulnerability of the email module in the Python programming language allows a hacker to receive emails from addresses that should be blocked.
The vulnerability of the email module in the Python programming language interpreter exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to receive emails from addresses that should be blocked...
EulerOS Virtualization 3.0.2.2 : python (EulerOS-SA-2020-1275)
According to the versions of the python packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email modu...
Huawei EulerOS: Security Advisory for python2 (EulerOS-SA-2020-1044)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for python (EulerOS-SA-2019-2442)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2019-2115)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2020-1048)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.5.0 : python3 (EulerOS-SA-2020-1048)
According to the versions of the python3 packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. Th...
EulerOS Virtualization for ARM 64 3.0.5.0 : python2 (EulerOS-SA-2020-1044)
According to the versions of the python2 packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. Th...
EulerOS 2.0 SP3 : python (EulerOS-SA-2019-2653)
According to the versions of the python packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly pars...
Amazon Linux 2 : python / python3 (ALAS-2019-1368)
An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To header...
SUSE SLES12 Security Update : python (SUSE-SU-2019:2748-2)
This update for python fixes the following issues : Security issue fixed : CVE-2019-16056: Fixed a parser issue in the email module bsc1149955. CVE-2019-16935: Fixed a reflected XSS in python/Lib/DocXMLRPCServer.py bsc1153238. Note that Tenable Network Security has extracted the preceding...
Security update for python3 (moderate)
openSUSE Security Update: Security update for python3 Announcement ID: openSUSE-SU-2019:2453-1 Rating: moderate References: 1149121 1149792 1149955 1151490 1153238 Cross-References: CVE-2019-16056 CVE-2019-16935 Affected Products: openSUSE Leap 15.0 An update that solves two vulnerabilities and h...
EulerOS 2.0 SP5 : python (EulerOS-SA-2019-2225)
According to the versions of the python packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the servertitle field. This...
openSUSE Security Update : python3 (openSUSE-2019-2438)
This update for python3 to 3.6.9 fixes the following issues : Security issues fixed : - CVE-2019-16056: Fixed a parser issue in the email module. bsc1149955 - CVE-2019-16935: Fixed a reflected XSS in python/Lib/DocXMLRPCServer.py bsc1153238. Non-security issues fixed : - Fixed regression of OpenS...
Amazon Linux AMI : python27 / python34,python35,python36 (ALAS-2019-1314)
An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To header...
SUSE SLED12 / SLES12 Security Update : python3 (SUSE-SU-2019:2798-1)
This update for python3 fixes the following issues : CVE-2019-16056: Fixed a parser issue in the email module. bsc1149955 CVE-2018-20852: Fixed an incorrect domain validation that could lead to cookies being sent to the wrong server. bsc1141853 Note that Tenable Network Security has extracted the...
Medium: python27, python34, python35, python36
Issue Overview: An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on th...