Medium: python3.11

Issue Overview: There is an issue in CPython when using bytes.decode"unicodeescape", error="ignore|replace". If you are not using the "unicodeescape" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the...

Amazon Linux 2023 : python3.11, python3.11-devel, python3.11-idle (ALAS2023-2025-1032)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1032 advisory. There is an issue in CPython when using bytes.decodeunicodeescape, error=ignore|replace. If you are not using the unicodeescape encoding or an error handler your usage is not affected. To work-around...

Medium: python3.9

Issue Overview: There is an issue in CPython when using bytes.decode"unicodeescape", error="ignore|replace". If you are not using the "unicodeescape" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the...

OESA-2025-1655 qt6-qtbase security update

Qt is a software toolkit for developing applications. Security Fixes: An issue was found in the private API function qDecodeDataUrl in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed data, for example, an URL that...

Security update for python39

This update for python39 fixes the following issues: python39 was updated from version 3.9.21 to version 3.9.23: Security issues fixed: CVE-2025-4516: Fixed blocking DecodeError handling vulnerability, which could lead to DoS bsc1243273 CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4517:...

Security update for python311

This update for python311 fixes the following issues: python311 was updated from version 3.11.10 to 3.11.13: Security issues fixed: CVE-2025-4516: Fixed blocking DecodeError handling vulnerability, which could lead to DoS bsc1243273. CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4517:...

Security update for python310

This update for python310 fixes the following issues: python310 was updated from version 3.10.16 to 3.10.18: Security issues fixed: CVE-2025-4516: Fixed blocking DecodeError handling vulnerability, which could lead to DoS bsc1243273 CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4517: Fix...

Malicious code in bs58-decode-layout (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 365e9781bfa38295c42e9eb63d2506e4d79922f9040b5ca8f39544eaab056c91 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

SUSE-SU-2025:20374-1 Security update for python311

This update for python311 fixes the following issues: - CVE-2025-4516: Fixed blocking DecodeError handling vulnerability, which could lead to DoS. bsc1243273 Update to 3.11.12: - gh-105704: When using urllib.parse.urlsplit and urllib.parse.urlparse host parsing would not reject domain names...

SUSE CVE-2025-5455

An issue was found in the private API function qDecodeDataUrl in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed data, for example, an URL that contained a "charset" parameter that lacked a value such as...

DEBIAN-CVE-2025-5455

An issue was found in the private API function qDecodeDataUrl in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed data, for example, an URL that contained a "charset" parameter that lacked a value such as...

AZL-64361 CVE-2025-5455 affecting package qt5-qtbase for versions less than 5.12.11-18

An issue was found in the private API function qDecodeDataUrl in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed data, for example, an URL that contained a "charset" parameter that lacked a value such as...

Qt 输入验证错误漏洞

Qt is a cross-platform application development framework from the Qt open source. An input validation error vulnerability exists in Qt versions 5.15.18 and earlier, 6.0.0 through 6.5.8, 6.6.0 through 6.8.3, and 6.9.0, which results in a denial of service when malformed data is processed by functi...

CVE-2024-27223

In EUTRANLCSDecodeFacilityInformationElement of LPPLcsManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure after authenticating the cell connection with no additional execution privileges needed. User interaction is n...

CVE-2023-26157

Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service DoS due to an out-of-bounds read involving section-numpages in decoder2007.c...

CVE-2023-51773

BACnet Stack before 1.3.2 has a decode function APDU buffer over-read in bacappdecodeapplicationdata in bacapp.c...

CVE-2023-33595

CPython v3.12.0 alpha 7 was discovered to contain a heap use-after-free via the function asciidecode at /Objects/unicodeobject.c...

CVE-2022-43043

GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function BDCheckSFTimeOffset at /bifs/fielddecode.c...

CVE-2022-33025

LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function decodepreR13section at decoder11.c...

CVE-2022-33034

LibreDWG v0.12.4.4608 was discovered to contain a stack overflow via the function copybytes at decoder2007.c...