Lucene search
K

12 matches found

OSV
OSV
added 2026/04/16 9:10 a.m.14 views

CLSA-2026-1776330599 python3.9: Fix of 11 CVEs

CVE-2025-8291: fix zipfile ZIP64 EOCD Locator offset validation - CVE-2025-6069: fix quadratic complexity in HTMLParser - CVE-2025-4516: fix use-after-free in unicode-escape decoder with error handler - CVE-2026-2297: ensure SourcelessFileLoader uses io.opencode - CVE-2026-3479: reject invalid...

7.5CVSS6.4AI score0.00621EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/03/05 12:0 a.m.6 views

SUSE SLES15 Security Update : python311 (SUSE-SU-2026:0693-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0693-1 advisory. - CVE-2025-11468: header injection when folding a long comment in an email header containing exclusively unfoldable characters...

6.3CVSS7.2AI score0.0055EPSS
Exploits1References22
Tenable Nessus
Tenable Nessus
added 2026/03/04 12:0 a.m.6 views

SUSE SLED15: libpython3_13-1_0 / python313 / python313-base / python313-curses / etc (SUSE-SU-2026:0642-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0642-1 advisory. Update to Python 3.13.12 - CVE-2026-0672: Fixed a HTTP header injection via user-controlled cookie values and...

6CVSS7.2AI score0.0056EPSS
Exploits0References16
OSV
OSV
added 2026/02/28 12:45 p.m.6 views

OESA-2026-1458 python3 security update

Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...

6CVSS5.9AI score0.0055EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2026/02/24 3:14 p.m.4 views

Security update for python310

This update for python310 fixes the following issues: CVE-2025-11468: header injection when folding a long comment in an email header containing exclusively unfoldable characters bsc1257029. CVE-2026-0672: HTTP header injection via user-controlled cookie values and parameters when using...

8.7CVSS5.5AI score0.0055EPSS
Exploits0References24
OSV
OSV
added 2026/01/26 2:49 p.m.4 views

BIT-PYTHON-MIN-2025-11468 Folding email comments of unfoldable characters doesn't preserve parenthesis

When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized...

5.7CVSS5.9AI score0.0055EPSS
Exploits0References10
EUVD
EUVD
added 2026/01/21 12:31 a.m.5 views

EUVD-2025-206306

When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized...

5.7CVSS5.4AI score0.0055EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/01/20 9:9 p.m.21 views

CVE-2025-11468 Folding email comments of unfoldable characters doesn't preserve parenthesis

When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized...

5.7CVSS0.0055EPSS
Exploits0References9
CVE
CVE
added 2026/01/20 9:9 p.m.25 views

CVE-2025-11468

CVE-2025-11468 refers to a Python vulnerability where folding a long comment in an email header that contains exclusively unfoldable characters can cause the parenthesis to be lost, enabling header injection when the addresses are user-controlled. The issue is tied to Python’s email/header handli...

5.7CVSS5.4AI score0.0055EPSS
Exploits0References9
OSV
OSV
added 2026/01/20 9:9 p.m.6 views

PSF-2026-1

When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized...

5.7CVSS5.4AI score0.0055EPSS
Exploits0References9
OSV
OSV
added 2025/06/03 9:4 a.m.9 views

SUSE-SU-2025:20374-1 Security update for python311

This update for python311 fixes the following issues: - CVE-2025-4516: Fixed blocking DecodeError handling vulnerability, which could lead to DoS. bsc1243273 Update to 3.11.12: - gh-105704: When using urllib.parse.urlsplit and urllib.parse.urlparse host parsing would not reject domain names...

9.8CVSS7.2AI score0.34174EPSS
Exploits5References39
SUSE Linux
SUSE Linux
added 2025/03/21 2:16 p.m.1 views

Security update for python311

This update for python311 fixes the following issues: CVE-2025-1795: Fixed mishandling of comma during folding and unicode-encoding of email headers bsc1238450. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

3.1CVSS4.3AI score0.00575EPSS
Exploits0References6
Rows per page
Query Builder