Lucene search
K

159 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/10/07 7:42 a.m.7 views

Security Bulletin: IBM Maximo Application Suite uses multiple third party dependencies which is vulnerable to CVEs.

Summary IBM Maximo Application Suite uses "eventlet-0.39.0-py3-none-any.whl, commons-lang3-3.17.0.jar, spring-core-6.2.10.jar" which is vulnerable to "CVE-2025-58068, CVE-2025-48924, CVE-2025-41249". This bulletin contains information regarding the vulnerability and how it is addressed...

9.1CVSS6.3AI score0.02164EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-57918

Malicious code in bioql PyPI...

7.5CVSS6.3AI score0.00802EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-26392

Malicious code in bioql PyPI...

9.1CVSS6.3AI score0.00363EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2025/09/25 12:0 a.m.5 views

Ubuntu: Security Advisory (USN-7772-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS6.8AI score0.00363EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/09/25 12:0 a.m.3 views

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 : Eventlet vulnerability (USN-7772-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 host has a package installed that is affected by a vulnerability as referenced in the USN-7772-1 advisory. It was discovered that Eventlet incorrectly handled certain requests. An attacker could possibly use this issue to bypass front-en...

9.1CVSS5.8AI score0.00363EPSS
Exploits0References2
OSV
OSV
added 2025/09/24 4:42 p.m.6 views

USN-7772-1 python-eventlet vulnerability

It was discovered that Eventlet incorrectly handled certain requests. An attacker could possibly use this issue to bypass front-end security controls, launch targeted attacks against active site users, and poison web caches...

9.1CVSS5.9AI score0.00363EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2025/09/24 4:42 p.m.5 views

USN-7772-1: Eventlet vulnerability

It was discovered that Eventlet incorrectly handled certain requests. An attacker could possibly use this issue to bypass front-end security controls, launch targeted attacks against active site users, and poison web caches...

9.1CVSS5.6AI score0.00363EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2025/09/15 12:0 a.m.2 views

openSUSE Security Advisory (SUSE-SU-2025:03202-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS6.5AI score0.00363EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/09/13 12:0 a.m.4 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-eventlet (SUSE-SU-2025:03202-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:03202-1 advisory. - CVE-2025-58068: improper handling of HTTP trailer sections in WSGI parser leads to HTTP request...

9.1CVSS5.7AI score0.00363EPSS
Exploits0References4
OSV
OSV
added 2025/09/12 2:24 p.m.7 views

OESA-2025-2232 python-eventlet security update

Eventlet is a concurrent networking library for Python that allows you to change how you run your code, not how you write it. Security Fixes: Eventlet is a concurrent networking library for Python. Prior to version 0.40.3, the Eventlet WSGI parser is vulnerable to HTTP Request Smuggling due to...

9.1CVSS6.8AI score0.00363EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2025/09/12 12:27 p.m.2 views

Security update for python-eventlet

This update for python-eventlet fixes the following issues: CVE-2025-58068: improper handling of HTTP trailer sections in WSGI parser leads to HTTP request smuggling bsc1248994. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

6.5CVSS6.7AI score0.00363EPSS
Exploits0References4
OSV
OSV
added 2025/09/12 12:27 p.m.4 views

SUSE-SU-2025:03202-1 Security update for python-eventlet

This update for python-eventlet fixes the following issues: - CVE-2025-58068: improper handling of HTTP trailer sections in WSGI parser leads to HTTP request smuggling bsc1248994...

9.1CVSS5.8AI score0.00363EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/09/03 12:0 a.m.6 views

Debian dla-4289 : python-eventlet-doc - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4289 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4289-1 [email protected] https://www.debian.org/lts/security/...

9.1CVSS5.8AI score0.00363EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2025/09/03 12:0 a.m.3 views

Debian: Security Advisory (DLA-4289-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS6.5AI score0.00363EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/03 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-58068

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Eventlet is a concurrent networking library for Python. Prior to version 0.40.3, the Eventlet WSGI parser is vulnerable to HTTP Request Smuggling due to imprope...

9.1CVSS5.5AI score0.00363EPSS
Exploits0References3
OSV
OSV
added 2025/09/02 3:38 p.m.4 views

SUSE-SU-2025:03051-1 Security update for python-eventlet

This update for python-eventlet fixes the following issues: - CVE-2025-58068: improper handling of HTTP trailer sections in WSGI parser leads to HTTP request smuggling bsc1248994...

9.1CVSS5.8AI score0.00363EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2025/09/02 12:0 a.m.3 views

python311-eventlet-0.40.3-1.1 on GA media (moderate)

python311-eventlet-0.40.3-1.1 on GA media Announcement ID: openSUSE-SU-2025:15507-1 Rating: moderate Cross-References: CVE-2025-58068 CVSS scores: CVE-2025-58068 SUSE : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N CVE-2025-58068 SUSE : 6.3...

6.5CVSS7.3AI score0.00363EPSS
Exploits0
OSV
OSV
added 2025/09/02 12:0 a.m.1 views

DLA-4289-1 python-eventlet - security update

Bulletin has no description...

9.1CVSS7AI score0.00363EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/09/01 11:22 p.m.4 views

SUSE CVE-2025-58068

Eventlet is a concurrent networking library for Python. Prior to version 0.40.3, the Eventlet WSGI parser is vulnerable to HTTP Request Smuggling due to improper handling of HTTP trailer sections. This vulnerability could enable attackers to, bypass front-end security controls, launch targeted...

6.5CVSS6.8AI score0.00363EPSS
Exploits0References5
OSV
OSV
added 2025/09/01 12:0 a.m.7 views

OPENSUSE-SU-2025:15507-1 python311-eventlet-0.40.3-1.1 on GA media

These are all security issues fixed in the python311-eventlet-0.40.3-1.1 package on the GA media of openSUSE Tumbleweed...

9.1CVSS5.8AI score0.00363EPSS
Exploits0References1
Rows per page
Query Builder