Fedora 40 : python3.9 (2024-1e6d6f8452)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-1e6d6f8452 advisory. This is a security release of Python 3.11 ----------------------------------------- Note: The release you're looking at is Python 3.11.10, a securit...

K000139698: Python vulnerabilities CVE-2016-5636, CVE-2018-1000802, CVE-2022-48565 and CVE-2023-36632

Security Advisory Description CVE-2016-5636 Integer overflow in the getdata function in zipimport.c in CPython aka Python before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negative data size value, which triggers a heap-based buffer...

Python <= 3.12.1 'RecursionError' Vulnerability - Linux

Python is prone to a SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescription...

Python <= 3.12.1 'RecursionError' Vulnerability - Windows

Python is prone to a SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescription...

Python <= 3.12.1 'RecursionError' Vulnerability - Mac OS X

Python is prone to a SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescription...

CVE-2023-36632

The legacy email.utils.parseaddr function in Python through 3.11.4 allows attackers to trigger "RecursionError: maximum recursion depth exceeded while calling a Python object" via a crafted argument. This argument is plausibly an untrusted value from an application's input data that was supposed ...

CVE-2023-36632

CVE-2023-36632 affects Python CPython’s legacy email.utils.parseaddr (through 3.11.4). A crafted argument can trigger a RecursionError (maximum recursion depth) in parseaddr, due to untrusted input data that was intended to contain a name and an email address. The vendor/docs indicate this is a l...

Scientific Linux Security Update : python3 on SL7.x x86_64 (20200407)

python: Cookie domain check returns incorrect results python: email.utils.parseaddr wrongly parses email addresses C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid135830; scriptversion"1.3";...

CentOS 7 : python (RHSA-2020:1131)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1131 advisory. - http.cookiejar.DefaultPolicy.domainreturnok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked...