Lucene search
K

5 matches found

OSV
OSV
added 2026/01/07 3:34 p.m.7 views

CLSA-2026-1767800092 python2: Fix of CVE-2025-0938

CVE-2025-0938: disallow square brackets in domain names for parsed URLs to prevent differential URL parsing...

6.3CVSS6.7AI score0.01499EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.7 views

RockyLinux 9 : python3.12 (RLSA-2025:7107)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:7107 advisory. python: cpython: URL parser allowed square brackets in domain names CVE-2025-0938 Tenable has extracted the preceding description block directly from the RockyLin...

6.3CVSS6.8AI score0.01499EPSS
Exploits0References3
OSV
OSV
added 2025/08/11 1:53 p.m.4 views

BIT-LIBPYTHON-2025-0938 URL parser allowed square brackets in domain names

The Python standard library functions urllib.parse.urlsplit and urlparse accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could result in...

6.3CVSS7AI score0.01499EPSS
Exploits0References12
OSV
OSV
added 2025/03/10 7:45 p.m.6 views

CLSA-2025-1741635940 python3: Fix of 2 CVEs

CVE-2024-11168: fix improper validation of bracketed hosts in urllib.parse.urlsplit and urlparse functions - CVE-2025-0938: fix incomplete algorithm of validating hosts by disallowing square brackets in domain names...

6.3CVSS6.8AI score0.01499EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2025/02/11 4:47 p.m.1 views

Security update for python36

This update for python36 fixes the following issues: CVE-2025-0938: domain names containing square brackets are not identified as incorrect by urlparse. bsc1236705 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch...

6.3CVSS7.3AI score0.01499EPSS
Exploits0References4
Rows per page
Query Builder