Lucene search
K

245 matches found

Fedora
Fedora
added 2025/11/07 1:30 a.m.5 views

[SECURITY] Fedora 42 Update: python-starlette-0.47.3-2.fc42

Starlette is a lightweight ASGI framework/toolkit, which is ideal for building async web services in Python. It is production-ready, and gives you the following: =E2=80=A2 A lightweight, low-complexity HTTP web framework. =E2=80=A2 WebSocket support. =E2=80=A2 In-process background tasks. =E2=80=...

7.5CVSS7AI score0.00638EPSS
Exploits0
Fedora
Fedora
added 2025/10/25 9:20 p.m.9 views

[SECURITY] Fedora 43 Update: python-socketio-5.14.2-1.fc43

Socket.IO is a transport protocol that enables real-time bidirectional event-based communication between clients typically, though not always, web browsers and a server. The official implementations of the client and server components are written in JavaScript. This package provides Python...

6.4CVSS7AI score0.00446EPSS
Exploits0
Fedora
Fedora
added 2025/10/11 12:58 a.m.11 views

[SECURITY] Fedora 42 Update: python-socketio-5.14.1-1.fc42

Socket.IO is a transport protocol that enables real-time bidirectional event-based communication between clients typically, though not always, web browsers and a server. The official implementations of the client and server components are written in JavaScript. This package provides Python...

6.4CVSS7AI score0.00446EPSS
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-29506

Malicious code in bioql PyPI...

6.6AI score
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-1830

Malicious code in bioql PyPI...

5.4CVSS5.4AI score0.00228EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-0007

Malicious code in bioql PyPI...

5.3CVSS5.8AI score0.0094EPSS
Exploits1References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-50718

Malicious code in bioql PyPI...

8.7CVSS7.8AI score0.0188EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-0223

Malicious code in bioql PyPI...

6.5CVSS5.9AI score0.01034EPSS
Exploits0References11
OSV
OSV
added 2025/08/26 9:40 p.m.3 views

GHSA-Q77W-MWJJ-7MQX Picklescan is missing detection when calling built-in python library asyncio.unix_events._UnixSubprocessTransport._start

Summary Using asyncio.unixevents.UnixSubprocessTransport.start function, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to...

8.1CVSS7.9AI score0.00555EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/08/26 9:40 p.m.8 views

Picklescan is missing detection when calling built-in python library asyncio.unix_events._UnixSubprocessTransport._start

Summary Using asyncio.unixevents.UnixSubprocessTransport.start function, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to...

7.9AI score
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-12254

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Starting in Python 3.12.0, the asyncio.SelectorSocketTransport.writelines method would not pause writing and signal to the Protocol to drain the buffer to the...

8.7CVSS8AI score0.0188EPSS
Exploits0References2
OSV
OSV
added 2025/08/11 1:52 p.m.4 views

BIT-LIBPYTHON-2024-12254 Unbounded memory buffering in SelectorSocketTransport.writelines()

Starting in Python 3.12.0, the asyncio.SelectorSocketTransport.writelines method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the "high-water mark". Because of this, Protocols would not periodically drain the write buffer...

8.7CVSS7.2AI score0.0188EPSS
Exploits0References9
OSV
OSV
added 2025/07/03 7:47 p.m.2 views

BELL-CVE-2025-38098

Bulletin has no description...

5.5CVSS6.2AI score0.00155EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2025/02/06 8:2 p.m.10 views

K000149683: Python asyncio vulnerability CVE-2024-12254

Security Advisory Description Starting in Python 3.12.0, the asyncio.SelectorSocketTransport.writelines method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the "high-water mark". Because of this, Protocols would not periodicall...

8.7CVSS7.9AI score0.0188EPSS
Exploits0
OSV
OSV
added 2025/02/06 12:33 p.m.149 views

BIT-PYTHON-2024-12254 Unbounded memory buffering in SelectorSocketTransport.writelines()

Starting in Python 3.12.0, the asyncio.SelectorSocketTransport.writelines method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the "high-water mark". Because of this, Protocols would not periodically drain the write buffer...

8.7CVSS7.6AI score0.0188EPSS
Exploits0References9
OSV
OSV
added 2025/02/06 12:33 p.m.9 views

BIT-PYTHON-MIN-2024-12254 Unbounded memory buffering in SelectorSocketTransport.writelines()

Starting in Python 3.12.0, the asyncio.SelectorSocketTransport.writelines method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the "high-water mark". Because of this, Protocols would not periodically drain the write buffer...

8.7CVSS7.6AI score0.0188EPSS
Exploits0References9
Amazon
Amazon
added 2025/01/24 12:0 a.m.4 views

Important: python3.12

Issue Overview: Starting in Python 3.12.0, the asyncio.SelectorSocketTransport.writelines method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the "high-water mark". Because of this, Protocols would not periodically drain the...

8.7CVSS7.9AI score0.0188EPSS
Exploits0
Amazon
Amazon
added 2025/01/24 12:0 a.m.8 views

Important: python3.12

Issue Overview: Starting in Python 3.12.0, the asyncio.SelectorSocketTransport.writelines method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the "high-water mark". Because of this, Protocols would not periodically drain the...

8.7CVSS7.9AI score0.0188EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/01/21 12:0 a.m.8 views

Ubuntu 24.04 LTS / 24.10 : Python vulnerability (USN-7219-1)

The remote Ubuntu 24.04 LTS / 24.10 host has packages installed that are affected by a vulnerability as referenced in the USN-7219-1 advisory. It was discovered that Python incorrectly handled asyncio write buffers. A remote attacker could possibly use this issue to cause Python to consume memory...

8.7CVSS7.8AI score0.0188EPSS
Exploits0References2
OSV
OSV
added 2025/01/20 3:13 p.m.5 views

USN-7219-1 python3.12 vulnerability

It was discovered that Python incorrectly handled asyncio write buffers. A remote attacker could possibly use this issue to cause Python to consume memory, leading to a denial of service...

8.7CVSS6.9AI score0.0188EPSS
Exploits0References2
Rows per page
Query Builder