Lucene search
K

73 matches found

Circl
Circl
added 2026/04/02 5:0 p.m.5 views

CVE-2019-9947

creationtimestamp| type| source ---|---|--- 2026-04-02 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0395/...

6.1CVSS6.7AI score0.05406EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.11 views

Siemens SIMATIC S7-1500 Improper Neutralization of CRLF Sequences (CVE-2019-9947)

An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n specifically in the path component of a URL that...

6.1CVSS6.8AI score0.05406EPSS
Exploits1References4
F5 Networks
F5 Networks
added 2025/05/27 4:24 p.m.14 views

K000151516: Python urllib vulnerability CVE-2019-9947

Security Advisory Description An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n specifically in the...

6.1CVSS8.2AI score0.05406EPSS
Exploits1Affected Software12
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2019-9947

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a ur...

6.1CVSS7.2AI score0.05406EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2024/07/12 12:0 a.m.52 views

Ubuntu: Security Advisory (USN-6891-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.1AI score0.23293EPSS
Exploits27References2
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.36 views

RHEL 6 / 7 : rh-python36-python (RHSA-2019:3725)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3725 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high leve...

9.1CVSS6.8AI score0.20743EPSS
Exploits7References24
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.33 views

Oracle Linux 8 : python3 (ELSA-2019-3520)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3520 advisory. - Fix for CVE-2019-10160 Resolves: rhbz1689318 - Security fix for CVE-2019-9948 Resolves: rhbz1714643 - Fixes CVE-2019-9740 and CVE-2019-9947 Resolves:...

9.8CVSS7.2AI score0.20743EPSS
Exploits4References5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.26 views

Mageia: Security Advisory (MGASA-2019-0318)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.11844EPSS
Exploits4References7
OpenVAS
OpenVAS
added 2021/09/12 12:0 a.m.26 views

Python 2.x < 2.7.17, 3.x < 3.5.8, 3.6.x < 3.6.9, 3.7.x < 3.7.4 HTTP Header Injection Vulnerability (bpo-30458) - Linux

Python is prone to a HTTP header injection vulnerability follow-up of CVE-2016-5699. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.1CVSS8.1AI score0.09887EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2021/09/12 12:0 a.m.35 views

Python 2.x < 2.7.17, 3.x < 3.5.8, 3.6.x < 3.6.9, 3.7.x < 3.7.4 HTTP Header Injection Vulnerability (bpo-30458) - Mac OS X

Python is prone to a HTTP header injection vulnerability follow-up of CVE-2016-5699. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.1CVSS8.1AI score0.09887EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2019:1352-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS8.2AI score0.05406EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.16 views

SUSE: Security Advisory (SUSE-SU-2020:2699-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.12826EPSS
Exploits3References13
Tenable Nessus
Tenable Nessus
added 2020/12/09 12:0 a.m.33 views

SUSE SLES12 Security Update : python3 (SUSE-SU-2020:2699-1)

This update for python3 fixes the following issues : CVE-2019-20907: Fixed denial of service by avoiding possible infinite loop in specifically crafted tarball bsc1174091. CVE-2020-14422: Fixed an improper computation of hash values in the IPv4Interface and IPv6Interface could have led to denial ...

7.5CVSS6.7AI score0.12826EPSS
Exploits3References25
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/16 4:2 p.m.58 views

Security Bulletin: [All] Python (Publicly disclosed vulnerability)

Summary Vulnerabilities in Open Source Python affect IBM Tivoli Application Dependency Discovery Manager. Vulnerability Details CVEID: CVE-2019-9948 DESCRIPTION: Python could allow a remote attacker to bypass security restrictions, caused by improper input validation by the urllib. By sending a...

9.1CVSS0.5AI score0.11844EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/08/31 12:0 a.m.31 views

Amazon Linux AMI : python34, python35 (ALAS-2020-1429)

The version of python34 installed on the remote host is prior to 3.4.10-1.51. The version of python35 installed on the remote host is prior to 3.5.9-1.27. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1429 advisory. In Lib/tarfile.py in Python through 3.8.3...

7.5CVSS7.2AI score0.06304EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2020/08/31 12:0 a.m.48 views

Amazon Linux AMI : python36 (ALAS-2020-1428)

The version of python36 installed on the remote host is prior to 3.6.11-1.18. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1428 advisory. In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when...

7.5CVSS7.2AI score0.06304EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2020/08/24 12:0 a.m.34 views

Debian DLA-2337-1 : python2.7 security update

Multiple vulnerabilities were discovered in Python2.7, an interactive high-level object-oriented language. CVE-2018-20852 By using a malicious server an attacker might steal cookies that are meant for other domains. CVE-2019-5010 NULL pointer dereference using a specially crafted X509 certificate...

9.8CVSS7.2AI score0.20743EPSS
Exploits5References12
Debian
Debian
added 2020/08/22 2:48 p.m.130 views

[SECURITY] [DLA 2337-1] python2.7 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2337-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz August 22, 2020 https://wiki.debian.org/LTS -...

9.8CVSS8.7AI score0.20743EPSS
Exploits5
Veracode
Veracode
added 2020/08/06 9:34 p.m.1697 views

CRLF Injection

urllib2 in python2 is vulnerable to CRLF injection. The vulnerability exists if an attacker controls a URL parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n specifically in the host component of a URL followed by an HTTP header. This vulnerability is similar to...

6.1CVSS2.6AI score0.05406EPSS
Exploits2References18Affected Software14
Tenable Nessus
Tenable Nessus
added 2020/07/30 12:0 a.m.60 views

Amazon Linux AMI : python27, python34, python35, python36 (ALAS-2020-1407)

The version of python27 installed on the remote host is prior to 2.7.18-1.138. The version of python34 installed on the remote host is prior to 3.4.10-1.50. The version of python35 installed on the remote host is prior to 3.5.7-1.26. The version of python36 installed on the remote host is prior t...

7.1CVSS7.4AI score0.06617EPSS
Exploits1References6
Rows per page
Query Builder