Lucene search
+L

4 matches found

osv
osv
added 2026/07/09 12:0 a.m.4 views

ALSA-2026:37436 Important: golang security, bug fix, and enhancement update

The golang packages provide the Go programming language compiler. Security Fixes: golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing CVE-2026-39821 os: golang: Go os.Root: Symlink following vulnerability allows directory traversal...

9.6CVSS6.3AI score0.00478EPSS
Exploits0References5
redhat
redhat
added 2019/06/13 12:39 p.m.7 views

python: Information Disclosure due to urlsplit improper NFKC normalization

It was discovered that python's functions urllib.parse.urlsplit and urllib.parse.urlparse do not properly handle URLs encoded with Punycode/Internationalizing Domain Names in Applications IDNA, which may result in a wrong domain name specifically the netloc component of URL - user@domain:port bei...

9.8CVSS6.7AI score0.09125EPSS
Exploits0References5
redhat
redhat
added 2019/04/16 1:0 p.m.6 views

python: Information Disclosure due to urlsplit improper NFKC normalization

It was discovered that python's functions urllib.parse.urlsplit and urllib.parse.urlparse do not properly handle URLs encoded with Punycode/Internationalizing Domain Names in Applications IDNA, which may result in a wrong domain name specifically the netloc component of URL - user@domain:port bei...

9.8CVSS6.7AI score0.09125EPSS
Exploits0References5
redhat
redhat
added 2019/04/16 12:59 p.m.7 views

python: Information Disclosure due to urlsplit improper NFKC normalization

It was discovered that python's functions urllib.parse.urlsplit and urllib.parse.urlparse do not properly handle URLs encoded with Punycode/Internationalizing Domain Names in Applications IDNA, which may result in a wrong domain name specifically the netloc component of URL - user@domain:port bei...

9.8CVSS6.7AI score0.09125EPSS
Exploits0References5
Rows per page
Query Builder