Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS : Python marshmallow vulnerabilities (USN-8225-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8225-1 advisory. Jared Deckard discovered that Python marshmallow did not correctly handle hiding certain fields. An...

USN-8225-1 python-marshmallow vulnerabilities

Jared Deckard discovered that Python marshmallow did not correctly handle hiding certain fields. An attacker could possibly use this issue to leak sensitive information. This issue only affected Ubuntu 18.04 LTS. CVE-2018-17175 It was discovered that Python marshmallow did not efficiently handle...

USN-8225-1: Python marshmallow vulnerabilities

Jared Deckard discovered that Python marshmallow did not correctly handle hiding certain fields. An attacker could possibly use this issue to leak sensitive information. This issue only affected Ubuntu 18.04 LTS. CVE-2018-17175 It was discovered that Python marshmallow did not efficiently handle...

Malicious code in marshmellow (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 dbf6f50353e6489a831a2575831b93fd5f99a9cbd60cc30260fd13838beda73f Package is a typosquatting or dependency confusion attempt with a low-harm local-only action, like leaving a flag file. --- Category: PROBABLYPENTEST - Package...

SUSE: Security Advisory (SUSE-SU-2026:20130-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 16 Security Update : python-marshmallow (openSUSE-SU-2026:20087-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20087-1 advisory. - CVE-2025-68480: Fixed possible DoS when using Schema.loaddata, many=True bsc1255473. Tenable has extracted the preceding description block directly fr...

openSUSE Security Advisory (SUSE-SU-2026:0226-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 / openSUSE 15 Security Update : python-marshmallow (SUSE-SU-2026:0226-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:0226-1 advisory. - CVE-2025-68480: Fixed possible DoS when using Schema.loaddata, many=True bsc1255473. Tenable has extracted the preceding...

OPENSUSE-SU-2026:20087-1 Security update for python-marshmallow

This update for python-marshmallow fixes the following issues: - CVE-2025-68480: Fixed possible DoS when using Schema.loaddata, many=True bsc1255473...

SUSE-SU-2026:20130-1 Security update for python-marshmallow

This update for python-marshmallow fixes the following issues: - CVE-2025-68480: Fixed possible DoS when using Schema.loaddata, many=True bsc1255473...

Security update for python-marshmallow

This update for python-marshmallow fixes the following issues: CVE-2025-68480: Fixed possible DoS when using Schema.loaddata, many=True bsc1255473. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...

SUSE-SU-2026:0226-1 Security update for python-marshmallow

This update for python-marshmallow fixes the following issues: - CVE-2025-68480: Fixed possible DoS when using Schema.loaddata, many=True bsc1255473...

CVE-2017-18654

An issue was discovered on Samsung mobile devices with M6.0 and N7.0, 7.1 software. An unauthenticated attacker can register a new security certificate. The Samsung ID is SVE-2017-9659 September 2017...

python311-marshmallow-3.26.2-1.1 on GA media (moderate)

python311-marshmallow-3.26.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10003-1 Rating: moderate Cross-References: CVE-2025-68480 CVSS scores: CVE-2025-68480 SUSE : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2025-68480 SUSE : 6.3...

OPENSUSE-SU-2026:10003-1 python311-marshmallow-3.26.2-1.1 on GA media

These are all security issues fixed in the python311-marshmallow-3.26.2-1.1 package on the GA media of openSUSE Tumbleweed...

SUSE CVE-2025-68480

Marshmallow is a lightweight library for converting complex objects to and from simple Python datatypes. In versions from 3.0.0rc1 to before 3.26.2 and from 4.0.0 to before 4.1.2, Schema.loaddata, many=True is vulnerable to denial of service attacks. A moderately sized request can consume a...

MAL-2025-192767 Malicious code in elf-stats-festive-marshmallow-962 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3cb48626e43f888d82ef44f9858aa769226eee250a74781f42ab2e6e9b3714d7 The package elf-stats-festive-marshmallow-962 was found to contain malicious code...

Malicious code in elf-stats-festive-marshmallow-962 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3cb48626e43f888d82ef44f9858aa769226eee250a74781f42ab2e6e9b3714d7 The package elf-stats-festive-marshmallow-962 was found to contain malicious code...

EUVD-2025-204908

Malicious code in elf-stats-festive-marshmallow-962 npm...

Linux Distros Unpatched Vulnerability : CVE-2025-68480

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Marshmallow is a lightweight library for converting complex objects to and from simple Python datatypes. In versions from 3.0.0rc1 to before 3.26.2 and from 4.0...