Security Bulletin: Security vulnerability in Python affects IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak

Summary A security vulnerability in Python affects IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak. Python is used by IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak as part of its deployment. This bulletin identifies the fixes...

Security Bulletin: Security vulnerability in Python affects IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak

Summary A security vulnerability in Python affects IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak. Python is used by IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak as part of its deployment. This bulletin identifies the fixes...

Security Bulletin: Security vulnerability in Python affects IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak

Summary A security vulnerability in Python affects IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak. Python is used by IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak as part of its deployment. This bulletin identifies the fixes...

Security Bulletin: Security vulnerability in Python affects IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak

Summary A security vulnerability in Python affects IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak. Python is used by IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak as part of its deployment. This bulletin identifies the fixes...

Amazon Linux 2 : python, --advisory ALAS2-2026-3280 (ALAS-2026-3280)

The version of python installed on the remote host is prior to 2.7.18-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3280 advisory. Mitgation of CVE-2026-4519 was incomplete. If the URL contained %action the mitigation could be bypassed for certain brows...

📄 CairoSVG Denial of Service

CairoSVG versions prior to 2.9.0 suffer from a recursive denial of service vulnerability. CVE-2026-31899: Exponential DoS via Recursive Element Amplification in CairoSVG Keywords: CVE-2026-31899, CairoSVG, exponential DoS, SVG bomb, recursive use element, denial of service, XML amplification,...

TencentOS Server 2: python (TSSA-2026:0281)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0281 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

pic-rucio (>=0.0.1 <=2024.10.3.71620) potentially affected by CVE-2026-29090 via rucio (=1.30.5)

rucio PYPI version =1.30.5 is affected by a known vulnerability. The following packages have a transitive dependency on rucio and may be impacted: - pic-rucio =0.0.1, =2024.10.3.71620 Source cves: CVE-2026-29090 Source advisory: SNYK:PYTHON-RUCIO-16635087...

Important: Red Hat Security Advisory: updated RHEL-8 based Middleware Containers container images

Updated RHEL-8 based Middleware Containers container images are now available The RHEL-8 based Middleware Containers container images have been updated to address the following security advisory: RHSA-2026:11077 RHSA-2026:7667 RHSA-2026:8534 RHSA-2026:9745 see References Security Fixes: rsync:...

ROS-20260505-73-0068

A vulnerability in the base64 module of the Python programming language interpreter is related to incorrect data type conversion. Exploitation of the vulnerability allows an attacker acting remotely to execute arbitrary code...

ROS-20260505-73-0041

Vulnerability in python3.10 related to failure to take measures to neutralize crlf sequences. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

ROS-20260505-73-0043

Vulnerability in python3.12 related to failure to take measures to neutralize crlf sequences. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

ROS-20260505-73-0040

Vulnerability in python3 related to failure to take measures to neutralize crlf sequences. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

ROS-20260505-73-0033

A vulnerability in the Content-Length component of the Python programming language interpreter is associated with uncontrolled resource consumption. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service...

ROS-20260505-73-0053

A vulnerability in the http.cookies.Morsel component of the Python programming language interpreter is related to the failure to take measures to neutralize CRLF sequences. Exploitation of the vulnerability could allow a remote attacker to affect the availability of protected information...

ROS-20260505-73-0048

A vulnerability in the urllib.request.DataHandler component of the Python programming language interpreter is related to the failure to take measures to neutralize CRLF sequences. Exploitation of the vulnerability may allow a remote attacker to affect the integrity of protected information...

ROS-20260505-73-0047

A vulnerability in the urllib.request.DataHandler component of the Python programming language interpreter is related to the failure to take measures to neutralize CRLF sequences. Exploitation of the vulnerability may allow a remote attacker to affect the integrity of protected information...

ROS-20260505-73-0020

A vulnerability in the os.path.expandvars function of the Python programming language interpreter is associated with uncontrolled resource consumption. Exploitation of the vulnerability allows an attacker to cause a denial of service...

ROS-20260505-73-0006

Vulnerability in python3.10 related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260505-73-0026

A vulnerability in the appendChild and clearidcache functions of the Python programming language interpreter CPython is related to algorithmic complexity. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...