Lucene search
K

208 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Python 3.11

User-controlled header names and values containing newlines can allow for the injection of HTTP headers...

5.9CVSS6.7AI score0.00463EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in Python 3.11

When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially leading to Out-of-Memory errors or other types of...

7.5CVSS7.5AI score0.01525EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Python 3.11

When using TarFile.errorlevel = 0 and extracting with a filter, the documented behavior is that any filtered members would be skipped and not extracted. However, the actual behavior of TarFile.errorlevel = 0 in affected versions is that the member will still be extracted and not skipped...

7.5CVSS6.5AI score0.00474EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2026/06/16 7:53 a.m.8 views

Important: Red Hat Security Advisory: python3.11 security update

An update for python3.11 is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

9.1CVSS6.4AI score0.00579EPSS
Exploits0References3
Snyk
Snyk
added 2026/06/11 3:20 p.m.13 views

Directory Traversal

Overview keras is a Keras is a high-level neural networks API for Python.. Affected versions of this package are vulnerable to Directory Traversal via the filtersafetarinfos and filtersafezipinfos functions in the archive extraction utilities. An attacker can write arbitrary files outside the...

8.6CVSS6.2AI score0.00518EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/11 1:31 p.m.9 views

EUVD-2026-36244

Keras versions prior to 3.14.0 are vulnerable to a path traversal issue in the archive extraction utilities located in keras/src/utils/fileutils.py. The functions filtersafetarinfos and filtersafezipinfos validate archive member paths against the process current working directory CWD instead of t...

8.1CVSS7.6AI score0.00518EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/11 1:31 p.m.9 views

CVE-2026-11816 Path Traversal in keras-team/keras

Keras versions prior to 3.14.0 are vulnerable to a path traversal issue in the archive extraction utilities located in keras/src/utils/fileutils.py. The functions filtersafetarinfos and filtersafezipinfos validate archive member paths against the process current working directory CWD instead of t...

8.1CVSS7.6AI score0.00518EPSS
Exploits1References2
SUSE Linux
SUSE Linux
added 2026/06/03 2:21 p.m.5 views

Security update for salt

This update for salt fixes the following issue: Security issues fixed: CVE-2026-31958: python-tornado: parsing large multipart bodies with many parts can cause a denial of service bsc1259554. Other updates and bugfixes: Use non vendored Tornado with Python 3.11 bsc1257583, bsc1259700 Harden Torna...

8.7CVSS7.2AI score0.00375EPSS
Exploits0References16
OSV
OSV
added 2026/06/03 2:16 p.m.7 views

SUSE-SU-2026:2252-1 Security update for salt

This update for salt fixes the following issue: Security issues fixed: - CVE-2026-31958: python-tornado: parsing large multipart bodies with many parts can cause a denial of service bsc1259554. Other updates and bugfixes: - Use non vendored Tornado with Python 3.11 bsc1257583, bsc1259700 - Harden...

8.7CVSS5.8AI score0.00375EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/05/19 1:45 p.m.13 views

Moderate: Red Hat Security Advisory: python3.11 security update

An update for python3.11 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

5.9CVSS7.1AI score0.00463EPSS
Exploits0References3
OSV
OSV
added 2026/05/19 12:0 a.m.17 views

ALSA-2026:19175 Important: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

9.1CVSS7.3AI score0.00579EPSS
Exploits0References8
AlmaLinux
AlmaLinux
added 2026/05/19 12:0 a.m.23 views

Important: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

9.1CVSS7.3AI score0.00579EPSS
Exploits0References8
OSV
OSV
added 2026/05/15 6:25 p.m.5 views

GHSA-MQ5J-PW29-JCV3 Microsoft APM: Windows absolute-path tar member overwrite during legacy-bundle probing in `apm install`

Summary Microsoft APM contains a Windows-specific archive extraction boundary failure in the legacy-bundle probe used by apm install on supported Python 3.10 and 3.11 runtimes. When apm install is given a local .tar.gz that is not recognized as a plugin-format bundle, APM probes whether it is a...

5.5CVSS6.1AI score0.0061EPSS
Exploits0References5
OSV
OSV
added 2026/05/12 12:0 a.m.5 views

OPENSUSE-SU-2026:10758-1 python311-GitPython-3.1.49-1.1 on GA media

These are all security issues fixed in the python311-GitPython-3.1.49-1.1 package on the GA media of openSUSE Tumbleweed...

8.8CVSS5.8AI score0.00719EPSS
Exploits3References3
OSV
OSV
added 2026/05/06 10:5 a.m.6 views

RHSA-2026:13692 Red Hat Security Advisory: python3.11 security update

Bulletin has no description...

8.1CVSS7.4AI score0.00579EPSS
Exploits0References20
Redos
Redos
added 2026/05/05 12:0 a.m.7 views

ROS-20260505-73-0057

Vulnerability in python3.11 related to insufficient neutralization of special elements in a request. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

5.9CVSS7.5AI score0.00463EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.15 views

Amazon Linux 2023 : python3.11, python3.11-devel, python3.11-idle (ALAS2023-2026-1620)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1620 advisory. The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update, |= operator, and unpickling paths were not patched, allowing control...

9.1CVSS5.9AI score0.00621EPSS
Exploits0References10
Amazon
Amazon
added 2026/04/30 12:0 a.m.11 views

Important: python3.11

Issue Overview: The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update, |= operator, and unpickling paths were not patched, allowing control characters to bypass input validation. Additionally, BaseCookie.jsoutput lacked the output...

9.1CVSS4.7AI score0.00621EPSS
Exploits0
OSV
OSV
added 2026/04/29 6:0 a.m.7 views

RLSA-2026:11062 Important: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

8.1CVSS6.1AI score0.00579EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.6 views

RockyLinux 8 : python3.11 (RLSA-2026:11062)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:11062 advisory. python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules CVE-2026-6100 python: cpython: Python:...

9.1CVSS6.2AI score0.00579EPSS
Exploits0References5
Rows per page
Query Builder