EulerOS Virtualization 2.13.0 : python3 (EulerOS-SA-2026-2188)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : If the value passed to os.path.expandvars is user-controlled a performance degradation is possible when expanding environment...

SUSE-SU-2026:20374-1 Security update for python311

This update for python311 fixes the following issues: - CVE-2025-12084: prevent quadratic behavior in node ID cache clearing bsc1254997. - CVE-2025-13836: prevent reading an HTTP response from a server, if no read amount is specified, with using Content-Length per default as the length bsc1254400...

EUVD-2022-4851

Malicious code in bioql PyPI...

CVE-2025-53543 Kestra allows Stored XSS before 0.22

Kestra is an event-driven orchestration platform. The error message in execution "Overview" tab is vulnerable to stored XSS due to improper handling of HTTP response received. This vulnerability is fixed in 0.22.0...

CVE-2025-22854

Improper handling of non-200 http responses in the PingFederate Google Adapter leads to thread exhaustion under normal usage conditions...

CVE-2024-53271

A flaw was found in Envoy. In affected versions, Envoy does not properly handle certain HTTP 1.1 responses. Specially-crafted requests may trigger failures or application crashes in networked devices, leading to a denial of service...

Medium: python27

Issue Overview: In Python3's Lib/test/multibytecodecsupport.py CJK codec tests call eval on content retrieved via HTTP. CVE-2020-27619 The package python/cpython is vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. Wh...

Amazon Linux 2 : python (ALAS-2022-1802)

The version of python installed on the remote host is prior to 2.7.18-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1802 advisory. In Python3's Lib/test/multibytecodecsupport.py CJK codec tests call eval on content retrieved via HTTP. CVE-2020-27619 The...

F5 BIG-IP HTTP Response Handling Denial of Service Vulnerability

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, and load balancing. A security vulnerability exists in the F5 BIG-IP HTTP response processing, which can be exploited by remote attackers to submit a special request that can...

CVE-2019-13321

CVE-2019-13321 affects Xiaomi Browser prior to 10.4.0. The flaw is in the Captive Portal handling of HTTP responses; a crafted HTML response can cause the Captive Portal to open a browser to a specified location, enabling code execution in the context of the current process when combined with oth...

CVE-2011-3000

Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not properly handle HTTP responses that contain multiple Location, Content-Length, or Content-Disposition headers, which makes it easier for remote attackers to conduct HTTP response splitting...

CVE-2011-3184

The msnhttpconnparsedata function in httpconn.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.0 does not properly handle HTTP 100 responses, which allows remote attackers to cause a denial of service incorrect memory access and application crash via vectors involving a crafted...

CVE-2009-3000

The sockfs module in the kernel in Sun Solaris 10 and OpenSolaris snv41 through snv122, when Network Cache Accelerator NCA logging is enabled, allows remote attackers to cause a denial of service panic via unspecified web-server traffic that triggers a NULL pointer dereference in the nl7chttplog...

Novell GroupWise Messenger HTTP response handling buffer overflow

Added: 07/07/2008 CVE: CVE-2008-2703 BID: 29602 OSVDB: 46041 Background GroupWise Messenger is an instant messaging client for Novell GroupWise. Problem Novell GroupWise is affected by a buffer overflow vulnerability which could allow command execution when the client program processes specially...