cpython: CPython: Logging Bypass in Legacy .pyc File Handling

A flaw was found in CPython. This vulnerability allows a local user with low privileges to bypass security auditing mechanisms. The issue occurs because the SourcelessFileLoader component, responsible for handling older Python compiled files .pyc, does not properly trigger system audit events. Th...

SUSE CVE-2026-2297

The import hook in CPython that handles legacy .pyc files SourcelessFileLoader is incorrectly handled in FileLoader a base class and so does not use io.opencode to read the .pyc files. sys.audit handlers for this audit event therefore do not fire...

Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages

Cybersecurity researchers have discovered vulnerable code in legacy Python packages that could potentially pave the way for a supply chain compromise on the Python Package Index PyPI via a domain takeover attack. Software supply chain security company ReversingLabs said it found the "vulnerabilit...

Linux Distros Unpatched Vulnerability : CVE-2025-64182

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2...

CVE-2025-64182

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, a memory safety bug in the legacy OpenEXR Python adapter the deprecated...

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow via the channels and channel functions in the legacy Python adapter. An attacker can cause application crashes or achieve code execution by opening specially crafted EXR files or passing malicious Python objects...

CVE-2025-64182 OpenEXR has buffer overflow in PyOpenEXR_old's channels() and channel()

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, a memory safety bug in the legacy OpenEXR Python adapter the deprecated...

PT-2025-46202

Name of the Vulnerable Software and Affected Versions OpenEXR versions 3.2.0 through 3.2.4 OpenEXR versions 3.3.0 through 3.3.5 OpenEXR versions 3.4.0 through 3.4.2 Description OpenEXR is an image storage format used in the motion picture industry. A memory safety issue exists in the legacy OpenE...

Fedora 28 : python-markdown2 (2019-a16e1127d3)

python-markdown2 2.3.7 - pull 306 Drop support for legacy Python versions - pull 307 Fix syntax highlighting test cases that depend on Pygments output - pull 308 Add support for Python 3.7 - pull 304 Add Wheel package support - pull 312 Fix tocdepth initialization regression - pull 315 XSS fix No...

UBUNTU-CVE-2013-2099

Algorithmic complexity vulnerability in the ssl.matchhostname function in Python 3.2.x, 3.3.x, and earlier, and unspecified versions of python-backports-sslmatchhostname as used for older Python versions, allows remote attackers to cause a denial of service CPU consumption via multiple wildcard...