5 matches found
CLSA-2026-1767800092 python2: Fix of CVE-2025-0938
CVE-2025-0938: disallow square brackets in domain names for parsed URLs to prevent differential URL parsing...
RockyLinux 9 : python3.12 (RLSA-2025:7107)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:7107 advisory. python: cpython: URL parser allowed square brackets in domain names CVE-2025-0938 Tenable has extracted the preceding description block directly from the RockyLin...
BIT-LIBPYTHON-2025-0938 URL parser allowed square brackets in domain names
The Python standard library functions urllib.parse.urlsplit and urlparse accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could result in...
CLSA-2025-1741635940 python3: Fix of 2 CVEs
CVE-2024-11168: fix improper validation of bracketed hosts in urllib.parse.urlsplit and urlparse functions - CVE-2025-0938: fix incomplete algorithm of validating hosts by disallowing square brackets in domain names...
Security update for python36
This update for python36 fixes the following issues: CVE-2025-0938: domain names containing square brackets are not identified as incorrect by urlparse. bsc1236705 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch...