TencentOS Server 2: python3 (TSSA-2026:0264)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0264 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

CLSA-2026-1777308690 python3: Fix of CVE-2026-1299

CVE-2026-1299: reject newline injection in email module's BytesGenerator when serializing headers - Skip test.testxmletree.XMLPullParserTest.testsimplexml during RPM build; unrelated expat-2.1.0-15.0.7.tuxcare.els1 regression breaks XMLPullParser chunked-feed semantics in TuxCare ELS el7 build...

cpython: email header injection due to unquoted newlines

A flaw was found in the email module in the Python standard library. When serializing an email message, the BytesGenerator class fails to properly quote newline characters for email headers. This issue is exploitable when the LiteralHeader class is used as it does not respect email folding rules,...

openSUSE Security Advisory (SUSE-SU-2026:1090-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python3 (SUSE-SU-2026:1090-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1090-1 advisory. - CVE-2026-1299: header injection when an email is serialized due to improper newline quoting in...

CLSA-2026-1774525255 python3.11: Fix of 4 CVEs

CVE-2026-0865: reject control characters in wsgiref.headers.Headers - CVE-2025-15366: reject control characters in IMAP commands - CVE-2025-15367: reject control characters in POP3 commands - CVE-2026-1299: verify headers are sound in email BytesGenerator...

Alibaba Cloud Linux 3 : 0061: python3.11 (ALINUX3-SA-2026:0061)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0061 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-15366: The imaplib module, when...

cpython: email header injection due to unquoted newlines

A flaw was found in the email module in the Python standard library. When serializing an email message, the BytesGenerator class fails to properly quote newline characters for email headers. This issue is exploitable when the LiteralHeader class is used as it does not respect email folding rules,...

cpython: email header injection due to unquoted newlines

A flaw was found in the email module in the Python standard library. When serializing an email message, the BytesGenerator class fails to properly quote newline characters for email headers. This issue is exploitable when the LiteralHeader class is used as it does not respect email folding rules,...

CLSA-2026-1774022191 python3.9: Fix of 4 CVEs

CVE-2026-0865: reject control characters in wsgiref headers - CVE-2025-15366: reject control characters in IMAP commands - CVE-2025-15367: reject control characters in POP3 commands - CVE-2026-1299: verify headers are sound in email BytesGenerator...

cpython: email header injection due to unquoted newlines

A flaw was found in the email module in the Python standard library. When serializing an email message, the BytesGenerator class fails to properly quote newline characters for email headers. This issue is exploitable when the LiteralHeader class is used as it does not respect email folding rules,...

SUSE SLES12 Security Update : python3 (SUSE-SU-2026:0897-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:0897-1 advisory. - CVE-2026-1299: header injection when an email is serialized due to improper newline quoting in BytesGenerator bsc1257181. Tenable has extracted the...

SUSE SLES12 Security Update : python (SUSE-SU-2026:0891-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:0891-1 advisory. This update for python fixes the following issue: - CVE-2026-1299: header injection when an email is serialized due to improper newline quoting in...

Security update for python3

This update for python3 fixes the following issues: CVE-2026-1299: header injection when an email is serialized due to improper newline quoting in BytesGenerator bsc1257181. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

SUSE-SU-2026:0891-1 Security update for python

This update for python fixes the following issue: - CVE-2026-1299: header injection when an email is serialized due to improper newline quoting in BytesGenerator bsc1257181...

SUSE SLES15 / openSUSE 15 Security Update : python (SUSE-SU-2026:0873-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0873-1 advisory. This update for python fixes the following issue: - CVE-2026-1299: header injection when an email is serialized due to improper newline...

Security update for python36

This update for python36 fixes the following issues: CVE-2026-1299: header injection when an email is serialized due to improper newline quoting in BytesGenerator bsc1257181. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

SUSE-SU-2026:0884-1 Security update for python36

This update for python36 fixes the following issues: - CVE-2026-1299: header injection when an email is serialized due to improper newline quoting in BytesGenerator bsc1257181...

CLSA-2026-1773222843 python3: Fix of 2 CVEs

CVE-2025-15366: reject control characters in IMAP commands - CVE-2026-1299: email: verify headers are sound in BytesGenerator...

CLSA-2026-1771499011 python3: Fix of 3 CVEs

CVE-2025-15366: reject control characters in IMAP commands - CVE-2025-15367: reject control characters in POP3 commands - CVE-2026-1299: reject the incorrectly folded headers in "BytesGenerator"...