CVE-2025-51471

A domain validation flaw has been discovered in Ollama. In instances where a user attempts to download a model, but where the server responds with an http 401 error code, Ollama follows the WWW-Authenticate header's realm URL without validating if it belongs to the same domain as the original...

PT-2025-29134 · Unknown · Secure-Upload

Name of the Vulnerable Software and Affected Versions: Secure-upload versions prior to 0.815.0 Description: Secure-upload is a data submission service that validates single-use tokens when accepting submissions to channels. The service was installed on a limited number of environments. Privileged...

CVE-2025-43918

CVE-2025-43918 describes a vulnerability in SSL.com prior to 2025-04-19 where the domain validation method 3.2.2.4.14 can cause certificate requests to be processed in a way that allows a trusted TLS certificate to be issued for the requester’s email-domain name, even if the requester lacks admin...

Security update for python3

This update for python3 fixes the following issues: CVE-2025-0938: domain names containing square brackets are not identified as incorrect by urlparse. bsc1236705 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

SUSE-SU-2019:2091-1 Security update for python

This update for python fixes the following issues: - CVE-2019-10160: Fixed a regression in urlparse and urlsplit introduced by the fix for CVE-2019-9636 bsc1138459. - CVE-2018-20852: Fixed an information leak where cookies could be send to the wrong server because of incorrect domain validation...