Security Bulletin: Multiple vulnerabilities addressed in Cloudera Base on premises Cloudera Runtime 7.3.1.700 SP3 CHF 2

Summary Security Bulletin: Multiple vulnerabilities addressed in Cloudera Base on premises Cloudera Runtime 7.3.1.700 SP3 CHF 2 Vulnerability Details CVEID:CVE-2024-22415 DESCRIPTION: jupyter-lsp is a coding assistance tool for JupyterLab code navigation + hover suggestions + linters +...

TencentOS Server 4: python-gevent (TSSA-2025:0214)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0214 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

EUVD-2023-0084

Malicious code in bioql PyPI...

HTTP Request Smuggling

Overview Affected versions of this package are vulnerable to HTTP Request Smuggling due to improper handling of pywsgi Input.send100continue. An attacker could extract data or compromise data integrity by sending a request with an Expect: 100-continue header. Remediation Upgrade gevent to version...

CVE-2023-31147 affecting package python-gevent for versions less than 21.1.2-3

CVE-2023-31147 affecting package python-gevent for versions less than 21.1.2-3. A patched version of the package is available...

Security Bulletin: IBM Maximo Application Suite uses gevent-21.1.2-cp37-cp37m-manylinux2010_x86_64.whl which is vulnerable to CVE-2023-41419

Summary IBM Maximo Application Suite uses gevent-21.1.2-cp37-cp37m-manylinux2010x8664.whl which is vulnerable to CVE-2023-41419. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-41419 DESCRIPTION: Gevent could allow a remote attacker to...

Security Bulletin: Vulnerability in CloudPak for Watson AIOps. [CVE-2023-41419]

Summary Gevent vulnerability was addressed in IBM Cloud Pak for Watson AIOps version 4.2.1. CVE-2023-41419 Vulnerability Details CVEID:CVE-2023-41419 DESCRIPTION: Gevent could allow a remote attacker to gain elevated privileges on the system, caused by a flaw in the WSGIServer component. By using...

acedit (=1.0.0), ait-core (>=2.0.0 <=2.5.2) +410 more potentially affected by CVE-2023-41419 via gevent (>=0.13.6 <=23.7.0)

gevent PYPI version =0.13.6, =2.0.0, =2.0.0, =0.2.0, =1.2.23.5, =0.4.0, =3.1.0, =0.1.2, =1.0.0, =0.1.0, =1.0.1 - bavera =0.14.0 and more Source cves: CVE-2023-41419 Source advisory: OSV:GHSA-X7M3-JPRG-WC5G...

AZL-30058 CVE-2023-41419 affecting package python-gevent for versions less than 1.3.6-9

An issue in Gevent before version 23.9.0 allows a remote attacker to escalate privileges via a crafted script to the WSGIServer component...

acedit (=1.0.0), ait-core (>=2.0.0 <=2.5.2) +410 more potentially affected by CVE-2023-41419 via gevent (>=0.13.6 <=23.7.0)

gevent PYPI version =0.13.6, =2.0.0, =2.0.0, =0.2.0, =1.2.23.5, =0.4.0, =3.1.0, =0.1.2, =1.0.0, =0.1.0, =1.0.1 - bavera =0.14.0 and more Source cves: CVE-2023-41419 Source advisory: OSV:PYSEC-2023-177...