ROOT-APP-PYPI-CVE-2025-58068 CVE-2025-58068 in rootio-eventlet - Patched by Root

Root has patched CVE-2025-58068 in the rootio-eventlet package for Root:PyPI. Multiple fixed versions available...

RHCOS 4 : OpenShift Container Platform 4.8.2 (RHSA-2021:2437)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2437 advisory. - golang: crypto/elliptic: incorrect operations on the P-224 curve CVE-2021-3114 - gogo/protobuf: plugin/unmarshal/unmarshal.go lack...

RHCOS 9 : OpenShift Container Platform 4.12.41 (RHSA-2023:6128)

The remote Red Hat Enterprise Linux CoreOS 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:6128 advisory. - python-eventlet: patch regression for CVE-2021-21419 in some Red Hat builds CVE-2023-5625 Note that Nessus has not tested for this issue bu...

Astra Linux - уязвимость в python-eventlet

Eventlet is a concurrent networking library for Python. A WebSocket peer may exhaust memory on the Eventlet side by sending very large WebSocket frames. A malicious peer may also exhaust memory on the Eventlet side by sending highly compressed data frames. A patch in version 0.31.0 restricts...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.57 bug fix and security update

Red Hat OpenShift Container Platform release 4.16.57 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...

RHSA-2026:1959 Red Hat Security Advisory: Red Hat OpenStack Services on OpenShift 18.0 (python-eventlet) security update

Bulletin has no description...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Services on OpenShift 18.0 (python-eventlet) security update

An update for python-eventlet is now available for Red Hat OpenStack Services on OpenShift 18.0 Antelope. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

python-eventlet: Eventlet HTTP request smuggling

A request smuggling flaw was found in the Eventlet PyPI library. The Eventlet WSGI parser is vulnerable to HTTP Request Smuggling due to improper handling of HTTP trailer sections. This vulnerability allows attackers to bypass front-end security controls, launch targeted attacks against active si...

RHEL 9 : Red Hat OpenStack Services on OpenShift 18.0 (python-eventlet) (RHSA-2026:1959)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:1959 advisory. Eventlet is a networking library written in Python. It achieves high scalability by using non-blocking io while at the same time retaining high...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.21.1 bug fix and security update

Red Hat OpenShift Container Platform release 4.21.1 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.21. Red Hat Product Security has rated this update as having a...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.15.61 bug fix and security update

Red Hat OpenShift Container Platform release 4.15.61 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.17.48 bug fix and security update

Red Hat OpenShift Container Platform release 4.17.48 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.18.32 bug fix and security update

Red Hat OpenShift Container Platform release 4.18.32 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.20.11 bug fix and security update

Red Hat OpenShift Container Platform release 4.20.11 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.20. Red Hat Product Security has rated this update as having a...

Unity Linux 20.1070e Security Update: python-eventlet (UTSA-2026-000486)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000486 advisory. A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch application strategy, resulting in a patch for CVE-2021-21419 not...

SUSE SLES15 Security Update : python-eventlet (SUSE-SU-2025:03051-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:03051-1 advisory. - CVE-2025-58068: improper handling of HTTP trailer sections in WSGI parser leads to HTTP request smuggling bsc1248994. Tenable has extracted the...

Security Bulletin: Eventlet Pre-0.40.3 HTTP Trailer Parsing Flaw Enables HTTP Request Smuggling

Summary Eventlet is a concurrent networking library for Python. Prior to version 0.40.3, the Eventlet WSGI parser is vulnerable to HTTP Request Smuggling due to improper handling of HTTP trailer sections. This vulnerability could enable attackers to, bypass front-end security controls, launch...

ROS-20251112-08

A vulnerability in the Python Eventlet network concurrency library is related to an incorrect HTTP request validation in the WSGI parser. Exploitation of the vulnerability could allow an attacker acting remotely to perform HTTP spoofing attacks. remotely to perform HTTP request spoofing attacks...

Security Bulletin: IBM Maximo Application Suite uses eventlet-0.40.1-py3-none-any.whl, commons-lang3-3.17.0.jar, net/http/internal 1.23.4 which is vulnerable to CVE-2025-58068, CVE-2025-48924, CVE-2025-22871

Summary IBM Maximo Application Suite uses eventlet-0.40.1-py3-none-any.whl, commons-lang3-3.17.0.jar, net/http/internal 1.23.4 which is vulnerable to CVE-2025-58068, CVE-2025-48924, CVE-2025-22871. This bulletin contains information regarding the vulnerability and how it is addressed. Vulnerabili...

eventlet before 0.35.2 as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution

eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. In other words, dnspython does not have the preferred behavior in whic...