3 matches found
MGASA-2021-0054 Updated python-pip packages fix security vulnerabilities
It was discovered that pip did not properly sanitize the filename during pip install. A remote attacker could possible use this issue to read and write arbitrary files on the host filesystem as root, resulting in a directory traversal attack CVE-2019-20916. urllib3 before 1.25.9 allows CRLF...
SUSE-SU-2019:2370-1 Security update for python-urllib3
This update for python-urllib3 fixes the following issues: Security issues fixed: - CVE-2019-9740: Fixed CRLF injection issue bsc1129071. - CVE-2019-11324: Fixed invalid CA certificat verification bsc1132900. - CVE-2019-11236: Fixed CRLF injection via request parameter bsc1132663. - CVE-2018-2006...
MGASA-2019-0259 Updated python-urllib3 packages fix security vulnerability
It was discovered that urllib3 incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection CVE-2019-11236...