50 matches found
CVE-2026-56315
CVE-2026-56315 affects the Python tool picklescan until version 1.0.4, which fails to block imports from at least seven standard library modules (e.g., uuid, _osx_support, _aix_support, _pyrepl.pager, imaplib). This allows adversaries to craft pickle files that import these unblocked modules to t...
Security Bulletin: Multiple vulnerabilities found in CICS Transaction Gateway for Multiplatforms.
Summary CICS Transaction Gateway for Multiplatforms has been updated in order to address multiple vulnerabilities CVE-2025-15281, CVE-2026-0915, CVE-2025-15366, CVE-2025-15367, CVE-2026-0865, CVE-2026-1299, CVE-2025-14831, CVE-2025-9820, CVE-2025-69419, WS-2026-0003, GHSA-72hv-8253-57qq...
Astra Linux – Vulnerability in Python 3.11, Python 3.7
The imaplib module, when a user-controlled command is passed to it, can have additional commands injected using newlines. Mitigation rejects commands that contain control characters...
TencentOS Server 2: python3 (TSSA-2026:0264)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0264 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...
cpython: IMAP command injection in user-controlled commands
A flaw was found in the imaplib module in the Python standard library. The imaplib module does not reject control characters, such as newlines, in user-controlled input passed to IMAP commands. This issue allows an attacker to inject additional commands to be executed in the IMAP server...
FreeBSD : Python -- imaplib module, when passed a user-controlled command, can have additional commands injected using newlines (0be929a5-2e0f-11f1-88c7-00a098b42aeb)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 0be929a5-2e0f-11f1-88c7-00a098b42aeb advisory. Python Software Foundation Security Developer reports: The imaplib module, when passed a user-controlle...
cpython: IMAP command injection in user-controlled commands
A flaw was found in the imaplib module in the Python standard library. The imaplib module does not reject control characters, such as newlines, in user-controlled input passed to IMAP commands. This issue allows an attacker to inject additional commands to be executed in the IMAP server...
cpython: IMAP command injection in user-controlled commands
A flaw was found in the imaplib module in the Python standard library. The imaplib module does not reject control characters, such as newlines, in user-controlled input passed to IMAP commands. This issue allows an attacker to inject additional commands to be executed in the IMAP server...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.3.1.6)
The version of AOS installed on the remote host is prior to 7.3.1.6. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.3.1.6 advisory. - The email module, specifically the BytesGenerator class, didn't properly quote newlines for email headers when serializing ...
Alibaba Cloud Linux 3 : 0061: python3.11 (ALINUX3-SA-2026:0061)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0061 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-15366: The imaplib module, when...
cpython: IMAP command injection in user-controlled commands
A flaw was found in the imaplib module in the Python standard library. The imaplib module does not reject control characters, such as newlines, in user-controlled input passed to IMAP commands. This issue allows an attacker to inject additional commands to be executed in the IMAP server...
cpython: IMAP command injection in user-controlled commands
A flaw was found in the imaplib module in the Python standard library. The imaplib module does not reject control characters, such as newlines, in user-controlled input passed to IMAP commands. This issue allows an attacker to inject additional commands to be executed in the IMAP server...
GHSA-83PF-V6QQ-PWMR Fickling has a detection bypass via stdlib network-protocol constructors
Our assessment imtplib, imaplib, ftplib, poplib, telnetlib, and nntplib were added to the list of unsafe imports https://github.com/trailofbits/fickling/commit/6d20564d23acf14b42ec883908aed159be7b9ade. The UnusedVariables heuristic works as expected. Original report Summary Fickling's checksafety...
CLSA-2026-1771597308 Fix CVE(s): CVE-2025-15366
SECURITY UPDATE: defect in imaplib module, when passed a user-controlled command, commands can be injected using newlines - debian/patches/CVE-2025-15366.patch: Fix command injection by rejecting commands containing control characters - CVE-2025-15366...
CLSA-2026-1771432562 Fix CVE(s): CVE-2025-15366
SECURITY UPDATE: defect in imaplib module, when passed a user-controlled command, commands can be injected using newlines - debian/patches/CVE-2025-15366.patch: Fix command injection by rejecting commands containing control characters - CVE-2025-15366...
Alibaba Cloud Linux 3 : 0035: python3 (ALINUX3-SA-2026:0035)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0035 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-12084: When building nested...
Linux Distros Unpatched Vulnerability : CVE-2025-15366
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The imaplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containing control...
BIT-PYTHON-MIN-2025-15366 IMAP command injection in user-controlled commands
The imaplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containing control characters...
BIT-LIBPYTHON-2025-15366 IMAP command injection in user-controlled commands
The imaplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containing control characters...
EUVD-2025-206304
The imaplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containing control characters...