245 matches found
[SECURITY] Fedora 42 Update: python-starlette-0.47.3-2.fc42
Starlette is a lightweight ASGI framework/toolkit, which is ideal for building async web services in Python. It is production-ready, and gives you the following: =E2=80=A2 A lightweight, low-complexity HTTP web framework. =E2=80=A2 WebSocket support. =E2=80=A2 In-process background tasks. =E2=80=...
[SECURITY] Fedora 43 Update: python-socketio-5.14.2-1.fc43
Socket.IO is a transport protocol that enables real-time bidirectional event-based communication between clients typically, though not always, web browsers and a server. The official implementations of the client and server components are written in JavaScript. This package provides Python...
[SECURITY] Fedora 42 Update: python-socketio-5.14.1-1.fc42
Socket.IO is a transport protocol that enables real-time bidirectional event-based communication between clients typically, though not always, web browsers and a server. The official implementations of the client and server components are written in JavaScript. This package provides Python...
EUVD-2025-29506
Malicious code in bioql PyPI...
EUVD-2024-1830
Malicious code in bioql PyPI...
EUVD-2023-0007
Malicious code in bioql PyPI...
EUVD-2024-50718
Malicious code in bioql PyPI...
EUVD-2023-0223
Malicious code in bioql PyPI...
GHSA-Q77W-MWJJ-7MQX Picklescan is missing detection when calling built-in python library asyncio.unix_events._UnixSubprocessTransport._start
Summary Using asyncio.unixevents.UnixSubprocessTransport.start function, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to...
Picklescan is missing detection when calling built-in python library asyncio.unix_events._UnixSubprocessTransport._start
Summary Using asyncio.unixevents.UnixSubprocessTransport.start function, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to...
Linux Distros Unpatched Vulnerability : CVE-2024-12254
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Starting in Python 3.12.0, the asyncio.SelectorSocketTransport.writelines method would not pause writing and signal to the Protocol to drain the buffer to the...
BIT-LIBPYTHON-2024-12254 Unbounded memory buffering in SelectorSocketTransport.writelines()
Starting in Python 3.12.0, the asyncio.SelectorSocketTransport.writelines method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the "high-water mark". Because of this, Protocols would not periodically drain the write buffer...
BELL-CVE-2025-38098
Bulletin has no description...
K000149683: Python asyncio vulnerability CVE-2024-12254
Security Advisory Description Starting in Python 3.12.0, the asyncio.SelectorSocketTransport.writelines method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the "high-water mark". Because of this, Protocols would not periodicall...
BIT-PYTHON-2024-12254 Unbounded memory buffering in SelectorSocketTransport.writelines()
Starting in Python 3.12.0, the asyncio.SelectorSocketTransport.writelines method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the "high-water mark". Because of this, Protocols would not periodically drain the write buffer...
BIT-PYTHON-MIN-2024-12254 Unbounded memory buffering in SelectorSocketTransport.writelines()
Starting in Python 3.12.0, the asyncio.SelectorSocketTransport.writelines method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the "high-water mark". Because of this, Protocols would not periodically drain the write buffer...
Important: python3.12
Issue Overview: Starting in Python 3.12.0, the asyncio.SelectorSocketTransport.writelines method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the "high-water mark". Because of this, Protocols would not periodically drain the...
Important: python3.12
Issue Overview: Starting in Python 3.12.0, the asyncio.SelectorSocketTransport.writelines method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the "high-water mark". Because of this, Protocols would not periodically drain the...
Ubuntu 24.04 LTS / 24.10 : Python vulnerability (USN-7219-1)
The remote Ubuntu 24.04 LTS / 24.10 host has packages installed that are affected by a vulnerability as referenced in the USN-7219-1 advisory. It was discovered that Python incorrectly handled asyncio write buffers. A remote attacker could possibly use this issue to cause Python to consume memory...
USN-7219-1 python3.12 vulnerability
It was discovered that Python incorrectly handled asyncio write buffers. A remote attacker could possibly use this issue to cause Python to consume memory, leading to a denial of service...