Lucene search
K

16 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.1 views

Linux Distros Unpatched Vulnerability : CVE-2018-17175

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the marshmallow library before 2.15.1 and 3.x before 3.0.0b9 for Python, the schema only option treats an empty list as implying no only option, which allows...

5.3CVSS5.5AI score0.01858EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:23 a.m.5 views

SUSE CVE-2018-17175

In the marshmallow library before 2.15.1 and 3.x before 3.0.0b9 for Python, the schema "only" option treats an empty list as implying no "only" option, which allows a request that was intended to expose no fields to instead expose all fields if the schema is being filtered dynamically using the...

5.3CVSS6.9AI score0.01858EPSS
Exploits0References3
Mageia
Mageia
added 2019/02/13 11:8 a.m.29 views

Updated python-marshmallow packages fix security vulnerability

In the marshmallow library before 2.15.1 for Python, the schema "only" option treats an empty list as implying no "only" option, which allows a request that was intended to expose no fields to instead expose all fields if the schema is being filtered dynamically using the "only" option, and there...

5.3CVSS3.3AI score0.01858EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.23 views

Fedora 29 : python-marshmallow (2018-9006b64e41)

Security fix for CVE-2018-17175 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 7030...

5.3CVSS5.6AI score0.01858EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.14 views

Fedora 28 : python-marshmallow (2018-cc9adc4808)

Security fix for CVE-2018-17175 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 7030...

5.3CVSS5.6AI score0.01858EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2018/10/11 12:0 a.m.18 views

Fedora Update for python-marshmallow FEDORA-2018-8b109a6de0

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS5.3AI score0.01858EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2018/10/11 12:0 a.m.23 views

Fedora Update for python-marshmallow FEDORA-2018-cc9adc4808

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS5.3AI score0.01858EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/10/11 12:0 a.m.17 views

Fedora 27 : python-marshmallow (2018-8b109a6de0)

Security fix for CVE-2018-17175 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 7030...

5.3CVSS5.6AI score0.01858EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2018/10/10 4:10 p.m.3 views

arango-orm (>=0.4.0 <=0.4.2), bg (>=1.2.0 <=1.9.1) +24 more potentially affected by CVE-2018-17175 via marshmallow (>=0.2.1 <=2.15.0)

marshmallow PYPI version =0.2.1, =0.4.0, =1.2.0, =0.0.65.dev0, =0.10.0, =0.1.0, =0.1.0, =0.3.0, =0.1.0, =6.0.1, =6.1.2 - plume =0.1.0 and more Source cves: CVE-2018-17175 Source advisory: OSV:GHSA-9Q2P-FJ49-VPXJ...

5.3CVSS6AI score0.01858EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2018/10/10 4:10 p.m.4 views

argschema (>=1.16.1 <=1.16.5), aries-cloudagent (>=0.3.3 <=0.5.1) +25 more potentially affected by CVE-2018-17175 via marshmallow (>=3.0.0 <=3.0.0b8)

marshmallow PYPI version =3.0.0, =1.16.1, =0.3.3, =0.0.22, =0.1.1, =0.1.0, =0.0.18, =0.19.0, =0.1.0, =0.3.0, =1.0.0, =0.0.4, =0.1.0, =0.0.1, =0.0.4 and more Source cves: CVE-2018-17175 Source advisory: OSV:GHSA-9Q2P-FJ49-VPXJ...

5.3CVSS6AI score0.01858EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2018/09/20 2:51 p.m.17 views

CVE-2018-17175

In the marshmallow library before 2.15.1 and 3.x before 3.0.0b9 for Python, the schema "only" option treats an empty list as implying no "only" option, which allows a request that was intended to expose no fields to instead expose all fields if the schema is being filtered dynamically using the...

5.9CVSS3AI score0.01858EPSS
Exploits0
OSV
OSV
added 2018/09/18 5:29 p.m.15 views

CVE-2018-17175

In the marshmallow library before 2.15.1 and 3.x before 3.0.0b9 for Python, the schema "only" option treats an empty list as implying no "only" option, which allows a request that was intended to expose no fields to instead expose all fields if the schema is being filtered dynamically using the...

5.3CVSS5.2AI score
Exploits0References3
vulnersOsv
vulnersOsv
added 2018/09/18 5:29 p.m.4 views

arango-orm (>=0.4.0 <=0.4.2), bg (>=1.2.0 <=1.9.1) +24 more potentially affected by CVE-2018-17175 via marshmallow (>=0.2.1 <=2.15.0)

marshmallow PYPI version =0.2.1, =0.4.0, =1.2.0, =0.0.65.dev0, =0.10.0, =0.1.0, =0.1.0, =0.3.0, =0.1.0, =6.0.1, =6.1.2 - plume =0.1.0 and more Source cves: CVE-2018-17175 Source advisory: OSV:PYSEC-2018-67...

5.3CVSS6AI score0.01858EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2018/09/18 5:29 p.m.5 views

argschema (>=1.16.1 <=1.16.5), aries-cloudagent (>=0.3.3 <=0.5.1) +25 more potentially affected by CVE-2018-17175 via marshmallow (>=3.0.0 <=3.0.0b8)

marshmallow PYPI version =3.0.0, =1.16.1, =0.3.3, =0.0.22, =0.1.1, =0.1.0, =0.0.18, =0.19.0, =0.1.0, =0.3.0, =1.0.0, =0.0.4, =0.1.0, =0.0.1, =0.0.4 and more Source cves: CVE-2018-17175 Source advisory: OSV:PYSEC-2018-67...

5.3CVSS6AI score0.01858EPSS
Exploits0
CVE
CVE
added 2018/09/18 5:0 p.m.77 views

CVE-2018-17175

The CVE-2018-17175 issue affects Python marshmallow versions prior to 2.15.1 and 3.x prior to 3.0.0b9, where the schema option "only" mishandles an empty list, effectively treating it as if no restriction existed and allowing exposure of fields that were intended to be hidden when filtering is dy...

5.3CVSS5AI score0.01858EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2018/09/18 5:0 p.m.22 views

CVE-2018-17175

In the marshmallow library before 2.15.1 and 3.x before 3.0.0b9 for Python, the schema "only" option treats an empty list as implying no "only" option, which allows a request that was intended to expose no fields to instead expose all fields if the schema is being filtered dynamically using the...

5.3CVSS5.3AI score0.01858EPSS
Exploits0
Rows per page
Query Builder