12 matches found
CLSA-2026-1776330599 python3.9: Fix of 11 CVEs
CVE-2025-8291: fix zipfile ZIP64 EOCD Locator offset validation - CVE-2025-6069: fix quadratic complexity in HTMLParser - CVE-2025-4516: fix use-after-free in unicode-escape decoder with error handler - CVE-2026-2297: ensure SourcelessFileLoader uses io.opencode - CVE-2026-3479: reject invalid...
SUSE SLES15 Security Update : python311 (SUSE-SU-2026:0693-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0693-1 advisory. - CVE-2025-11468: header injection when folding a long comment in an email header containing exclusively unfoldable characters...
SUSE SLED15: libpython3_13-1_0 / python313 / python313-base / python313-curses / etc (SUSE-SU-2026:0642-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0642-1 advisory. Update to Python 3.13.12 - CVE-2026-0672: Fixed a HTTP header injection via user-controlled cookie values and...
OESA-2026-1458 python3 security update
Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...
Security update for python310
This update for python310 fixes the following issues: CVE-2025-11468: header injection when folding a long comment in an email header containing exclusively unfoldable characters bsc1257029. CVE-2026-0672: HTTP header injection via user-controlled cookie values and parameters when using...
BIT-PYTHON-MIN-2025-11468 Folding email comments of unfoldable characters doesn't preserve parenthesis
When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized...
EUVD-2025-206306
When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized...
CVE-2025-11468 Folding email comments of unfoldable characters doesn't preserve parenthesis
When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized...
CVE-2025-11468
CVE-2025-11468 refers to a Python vulnerability where folding a long comment in an email header that contains exclusively unfoldable characters can cause the parenthesis to be lost, enabling header injection when the addresses are user-controlled. The issue is tied to Python’s email/header handli...
PSF-2026-1
When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized...
SUSE-SU-2025:20374-1 Security update for python311
This update for python311 fixes the following issues: - CVE-2025-4516: Fixed blocking DecodeError handling vulnerability, which could lead to DoS. bsc1243273 Update to 3.11.12: - gh-105704: When using urllib.parse.urlsplit and urllib.parse.urlparse host parsing would not reject domain names...
Security update for python311
This update for python311 fixes the following issues: CVE-2025-1795: Fixed mishandling of comma during folding and unicode-encoding of email headers bsc1238450. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...