6753 matches found
DEBIAN-CVE-2026-0672
When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters...
CVE-2026-0672
When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters...
CVE-2026-0672
When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters...
AZL-75026 CVE-2026-0672 affecting package python3 for versions less than 3.12.9-8
When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters...
CVE-2026-0672
When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters...
UBUNTU-CVE-2026-0672
When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters...
CVE-2026-0672
When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters...
CVE-2026-0672 Header injection in http.cookies.Morsel
When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters...
CVE-2026-0672
When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters...
PSF-2026-5
When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters...
binary-parser library has a code injection vulnerability
A code injection vulnerability in the binary-parser library prior to version 2.3.0 allows arbitrary JavaScript code execution when untrusted values are used in parser field names or encoding parameters. The library directly interpolates these values into dynamically generated code without...
CVE-2026-0865 wsgiref.headers.Headers allows header newline injection
User-controlled header names and values containing newlines can allow injecting HTTP headers...
CVE-2026-0865
CVE-2026-0865: Python’s wsgiref.headers allows header newline injection via user-controlled header names/values. Affects CPython components handling HTTP headers; multiple OS vendors reference this in advisories (e.g., RHSA-2026:2128, USN-8018-1, ALSA-2026:2128, DLA-4455). Mitigation is to upgrad...
CVE-2026-0865
User-controlled header names and values containing newlines can allow injecting HTTP headers...
CVE-2026-1245
A code injection vulnerability in the binary-parser library prior to version 2.3.0 allows arbitrary JavaScript code execution when untrusted values are used in parser field names or encoding parameters. The library directly interpolates these values into dynamically generated code without...
CVE-2026-1245
A code injection vulnerability in the binary-parser library prior to version 2.3.0 allows arbitrary JavaScript code execution when untrusted values are used in parser field names or encoding parameters. The library directly interpolates these values into dynamically generated code without...
CVE-2026-1245
CVE-2026-1245 is a code-injection vulnerability in the binary-parser library, affecting versions prior to 2.3.0. The issue arises from unsanitized values used in parser field names or encoding parameters, which are directly interpolated into dynamically generated code (via the Function constructo...
MiracleLinux 8 : 389-ds:1.4 (AXSA:2024-8413:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8413:01 advisory. 389-ds-base: a heap overflow leading to denail-of-servce while writing a value larger than 256 chars in logentryattr CVE-2024-1062 Tenable has extracted the...
transfig security update
1:3.2.6a-5 - Detect nan in spline control values - Fix for CVE-2025-46397...
An Optimized Decision Tree-Based Framework for Explainable IoT Anomaly Detection
The increase in the number of Internet of Things IoT devices has tremendously increased the attack surface of cyber threats thus making a strong intrusion detection system IDS with a clear explanation of the process essential towards resource-constrained environments. Nevertheless, current IoT ID...