13 matches found
Important: amazon-ecr-credential-helper
Issue Overview: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...
CVE-2024-48938
Znuny before LTS 6.5.1 through 6.5.10 and 7.0.1 through 7.0.16 allows DoS/ReDos via email. Parsing the content of emails where HTML code is copied from Microsoft Word could lead to high CPU usage and block the parsing process...
Linux Distros Unpatched Vulnerability : CVE-2017-15705
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A denial of service vulnerability was identified that exists in Apache SpamAssassin before 3.4.2. The vulnerability arises with certain unclosed tags in emails...
Azure Linux 3.0 Security Update: python3 (CVE-2023-27043)
The version of python3 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-27043 advisory. - The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special...
Medium: python3.11
Issue Overview: The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which...
Amazon Linux 2 : python3 (ALAS-2024-2687)
The version of python3 installed on the remote host is prior to 3.7.16-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2687 advisory. The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion ...
SUSE-SU-2024:0437-1 Security update for python
This update for python fixes the following issues: - CVE-2023-27043: Fixed incorrectly parses e-mail addresses which contain a special character bsc1210638...
SUSE-SU-2024:0436-1 Security update for python36
This update for python36 fixes the following issues: - CVE-2023-27043: Fixed incorrectly parses e-mail addresses which contain a special character bsc1210638...
SUSE CVE-2019-16056
An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To header...
USN-4918-3 clamav regression
USN-4918-1 fixed vulnerabilities in ClamAV. The updated package could fail to properly scan in some situations. This update fixes the problem. Original advisory details: It was discovered that ClamAV incorrectly handled parsing Excel documents. A remote attacker could possibly use this issue to...
SUSE-SU-2020:0302-1 Security update for python36
This update for python36 to version 3.6.10 fixes the following issues: - CVE-2017-18207: Fixed a denial of service in Waveread.readfmtchunk bsc1083507. - CVE-2019-16056: Fixed an issue where email parsing could fail for multiple @ signs bsc1149955. - CVE-2019-15903: Fixed a heap-based buffer...
OPENSUSE-SU-2020:0086-1 Security update for python3
This update for python3 to version 3.6.10 fixes the following issues: - CVE-2017-18207: Fixed a denial of service in Waveread.readfmtchunk bsc1083507. - CVE-2019-16056: Fixed an issue where email parsing could fail for multiple @ bsc1149955. - CVE-2019-15903: Fixed a heap-based buffer over-read i...
PGP4Pine 1.75.6/1.76 - 'Message Line' Remote Buffer Overflow
// source: https://www.securityfocus.com/bid/7071/info A vulnerability has been discovered in PGP4Pine. The problem occurs when parsing an email message for PGP data. Due to insufficient bounds checking, when processing lines of excessive length, a buffer may be overrun. This would result in...