[SECURITY] Fedora 40 Update: python-openapi-core-0.19.4-3.fc40

Openapi-core is a Python library that adds client-side and server-side support for the OpenAPI v3.0 and OpenAPI v3.1 specification...

Malicious code in pycolorlib (PyPI)

--- -= Per source details. Do not edit below this line.=-...

urllib3: proxy-authorization request header is not stripped during cross-origin redirects

A flaw was found in urllib3, an HTTP client library for Python. In certain configurations, urllib3 does not treat the Proxy-Authorization HTTP header as one carrying authentication material. This issue results in not stripping the header on cross-origin redirects...

[SECURITY] [DSA 5791-1] python-reportlab security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5791-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 13, 2024 https://www.debian.org/security/faq -...

PYSEC-2024-168

Taipy is an open-source Python library for easy, end-to-end application development for data scientists and machine learning engineers. In affected versions session cookies are served without Secure and HTTPOnly flags. This issue has been addressed in release version 4.0.0 and all users are advis...

CVE-2024-47833

Taipy is an open-source Python library for easy, end-to-end application development for data scientists and machine learning engineers. In affected versions session cookies are served without Secure and HTTPOnly flags. This issue has been addressed in release version 4.0.0 and all users are advis...

CVE-2024-47833 Session Cookie without Secure and HTTPOnly flags in taipy

Taipy is an open-source Python library for easy, end-to-end application development for data scientists and machine learning engineers. In affected versions session cookies are served without Secure and HTTPOnly flags. This issue has been addressed in release version 4.0.0 and all users are advis...

PYSEC-2024-109

DeepSpeed Remote Code Execution Vulnerability...

CLSA-2024-1728071619 python: Fix of 2 CVEs

CVE-2024-7592: fix algorithm with quadratic complexity to avoid using excess CPU resources while parsing the cookie value - CVE-2024-6232: fix regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing and was vulnerable to ReDoS via specifically-crafted tar...

Tensorflow-hub Detection

A Tensorflow-hub Python library is installed on the remote host. Note that Nessus has relied upon on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid208141; scriptversion"1.6";...

Google AI Platform (VertexAI SDK) Detection

A Google AI Platform Python library is installed on the remote host. Note that Nessus has relied upon on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid208126; scriptversion"1.5";...

AIM Detection

An AIM Python library is installed on the remote host. Note that Nessus has relied upon on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. include'xcompat.inc'; if description scriptid208127; scriptversion"1.5";...

Weights & Biases Detection

A Weights & Biases Python library is installed on the remote host. Note that Nessus has relied upon on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid208133; scriptversion"1.6";...

H2O Module Detection

A H2O Python Module is installed on the remote host. H2O is an open source, in-memory, distributed, fast, and scalable machine learning and predictive analytics platform that allows you to build machine learning models on big data and provides easy productionalization of those models in an...

NVIDIA TensorRT Detection

The Open Source Software OSS components of the NVIDIA TensorRT Python library is installed on the remote host. Note that Nessus has relied upon on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid208130;...

Strawberry GraphQL 跨站请求伪造漏洞

Strawberry GraphQL is a Python GraphQL library utilizing type annotations in the Strawberry GraphQL open source. A cross-site request forgery vulnerability exists in Strawberry GraphQL versions prior to 0.243.0, which stems from vulnerability to cross-site request forgery CSRF attacks...

The vulnerability of the Py_FindObjects() function in the Python programming language library, which is open-source and part of scipy, allows a attacker to compromise the confidentiality, integrity, and accessibility of the system.

The vulnerability of the PyFindObjects function in the Python programming language library, which is open-source and part of scipy, relates to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to influence the confidentiality, integrity, and accessibility ...

The vulnerability of the Py_FindObjects() function in the Python programming language library, which is open-source and part of the scipy library, allows a hacker to trigger a denial-of-service attack.

The vulnerability of the PyFindObjects function in the Python programming language library, which is open-source and part of scipy, stems from the lack of memory release after its effective lifespan. Exploiting this vulnerability could allow an attacker to cause a service failure...

CVE-2022-42969

The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS Regular expression Denial of Service attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled. Note: This has been disputed by multiple third parties as not bein...

CLSA-2024-1726058763 python3: Fix of CVE-2024-6923

CVE-2024-6923: encode newlines in headers, verify headers are well-formed...