Astra Linux - уязвимость в python-bottle

Fix the issue before 0.12.20: handling errors during early request binding...

LlamaIndex 操作系统命令注入漏洞

LlamaIndex is a data framework for LLM applications in the LlamaIndex open source. An OS command injection vulnerability exists in LlamaIndex version v0.12.20, which stems from improper handling of the files parameter and could lead to OS command injection...

CVE-2022-31799

Bottle before 0.12.20 mishandles errors during early request binding...

CVE-2022-31799

Bottle before 0.12.20 mishandles errors during early request binding...

PYSEC-2022-227

Bottle before 0.12.20 mishandles errors during early request binding...

CVE-2022-31799

Bottle before 0.12.20 mishandles errors during early request binding, exposing a vulnerability that can disclose sensitive information. Public advisories confirm affected software: python-bottle up to 0.12.19/0.12.20. Debian security notes (DSA and DLA) describe the issue and recommend upgrading ...

CVE-2022-31799

Bottle before 0.12.20 mishandles errors during early request binding...

CVE-2022-31799

Bottle before 0.12.20 mishandles errors during early request binding...

CVE-2022-31799

Bottle before 0.12.20 mishandles errors during early request binding...

PT-2022-7348 · Bottle +6 · Bottle +6

Name of the Vulnerable Software and Affected Versions: Bottle versions prior to 0.12.20 Description: The issue is related to uncontrolled resource consumption and mishandling of errors during early request binding. This can allow a remote attacker to cause a denial of service. Recommendations: Fo...

AZL-36960 CVE-2018-10195 affecting package lrzsz 0.12.20-50

lrzsz before version 0.12.21rc can leak information to the receiving side due to an incorrect length check in the function zsdata that causes a sizet to wrap around...