443 matches found
cklauth (>=0.1.0 <=0.3.0), dj-saml-idp (>=1.1.0 <=1.2.1) +18 more potentially affected by CVE-2019-3498 via django (>=2.0.0 <=2.0.1)
django PYPI version =2.0.0, =0.1.0, =1.1.0, =4.3.1, =1.2.7, =0.1.0, =1.7.0, =0.0.3, =0.0.20, =0.1.0 - djangotheming =0.1.0 - fastaudiovisal =0.0.1 - fastaudiovisual =0.0.1 and more Source cves: CVE-2019-3498 Source advisory: OSV:PYSEC-2019-17...
SUSE-SU-2018:3156-1 Security update for python
This update for python fixes the following issue: - CVE-2018-14647: Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause...
SUSE-SU-2018:3002-1 Security update for python
This update for python fixes the following issue: - CVE-2018-1000802: Prevent command injection in shutil module makearchive function via passage of unfiltered user input bsc1109663...
Debian DLA-1519-1 : python2.7 security update
Multiple vulnerabilities were found in the CPython interpreter which can cause denial of service, information gain, and arbitrary code execution. CVE-2017-1000158 CPython aka Python is vulnerable to an integer overflow in the PyStringDecodeEscape function in stringobject.c, resulting in heap-base...
SUSE-SU-2018:2408-1 Security update for python
This update for python-base fixes the following issues: Security issues fixed: - CVE-2018-1061: Fixed DoS via regular expression backtracking in difflib.ISLINEJUNK method in difflib bsc1088004. - CVE-2018-1060: Fixed DoS via regular expression catastrophic backtracking in apop method in pop3lib...
python security update
2.7.5-69.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-70 - Remove 3DS cipher to mitigate CVE-2016-2183 sweet32. Resolves: rhbz1584545...
SUSE-SU-2018:1372-1 Security update for python
This update for python fixes the following issues: Security issues fixed: - CVE-2017-1000158: Fixed integer overflows in PyStringDecodeEscape that could have resulted in heap-based buffer overflow attacks and possible arbitrary code execution bsc1068664. - CVE-2018-1000030: Fixed crash inside the...
Amazon Linux AMI : python34 / python35,python36,python27 (ALAS-2018-1003)
DOS via regular expression catastrophic backtracking in apop method in pop3lib A flaw was found in the way catastrophic backtracking was implemented in python's pop3lib's apop method. An attacker could use this flaw to cause denial of service. CVE-2018-1060 DOS via regular expression backtracking...
DLA-1283-2 python-crypto - security update
Bulletin has no description...
SUSE-SU-2018:0768-1 Security update for python
This update for python fixes the following issues: - CVE-2017-1000158: Fixed integer overflow in thePyStringDecodeEscape function bsc1068664...
Autorize - Automatic Authorization Enforcement Detection Extension For Burp Suite
Autorize is an automatic authorization enforcement detection extension for Burp Suite. It was written in Python by Barak Tawily, an application security expert, and Federico Dotta, a security expert at Mediaservice.net. Autorize was designed to help security testers by performing automatic...
SUSE-SU-2017:2350-1 Security update for python-pycrypto
This update for python-pycrypto fixes the following issues: - CVE-2013-7459: Fixed a potential heap buffer overflow in ALGnew bsc1017420. python-paramiko was adjusted to work together with this python-pycrypto change. bsc1047666...
kernel, perf, python security update
CentOS Errata and Security Advisory CESA-2017:1308 An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
DLA-885-1 python-django - security update
Bulletin has no description...
kernel, perf, python security update
CentOS Errata and Security Advisory CESA-2017:0036 An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
DSA-3759-1 python-pysaml2 - security update
Bulletin has no description...
SUSE-SU-2016:2859-1 Security update for python3
This update provides Python 3.4.5, which brings many fixes and enhancements. The following security issues have been fixed: - CVE-2016-1000110: CGIHandler could have allowed setting of HTTPPROXY environment variable based on user supplied Proxy request header. bsc989523 - CVE-2016-0772: A...
python security, bug fix, and enhancement update
2.7.5-48.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-48 - Fix for CVE-2016-1000110 HTTPoxy attack Resolves: rhbz1359164 2.7.5-47 - Fix for CVE-2016-5636: possible integer overflow and heap corruption in zipimporter.getdata Resolves: rhbz1356364 2.7.5-46 - Drop patch 2...
SUSE-SU-2016:2653-1 Security update for python3
This update provides Python 3.4.5, which brings many fixes and enhancements. The following security issues have been fixed: - CVE-2016-1000110: CGIHandler could have allowed setting of HTTPPROXY environment variable based on user supplied Proxy request header. bsc989523 - CVE-2016-0772: A...
Internet Bug Bounty: Information disclosure in mmap module - python 2.7.12
First thing first, the report was sent to python's security mailing list on the 27.8.16 and was fixed by benjamin on the 5.10.16 rev 144f10202076, and acknowledged be me today 8.10.16. In a security audit I made to the mmap module in python 2.7.12, I have found a major information leak...