Lucene search
K

14 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Pypy

In Python 2.x through 2.7.16, urllib supports the localfile scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs. This is demonstrated by triggering a urllib.urlopen'localfile:///etc/passwd' call...

9.1CVSS6.8AI score0.11844EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.5 views

Siemens SIMATIC S7-1500 Improper Limitation of a Pathname to a Restricted Directory (CVE-2019-9948)

urllib in Python 2.x through 2.7.16 supports the localfile: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen'localfile:///etc/passwd' call. This plugin only works with Tenable.ot. Please...

9.1CVSS6.8AI score0.11844EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-19302

Malware in sbrugna...

9.1CVSS7.5AI score0.11844EPSS
Exploits1References33
SUSE CVE
SUSE CVE
added 2023/02/15 4:13 a.m.6 views

SUSE CVE-2019-9948

urllib in Python 2.x through 2.7.16 supports the localfile: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen'localfile:///etc/passwd' call...

3.3CVSS9.3AI score0.11844EPSS
Exploits1References10
IBM Security Bulletins
IBM Security Bulletins
added 2020/01/28 3:11 p.m.37 views

Security Bulletin: Multiple security vulnerabilities were fixed in IBM Security Access Manager Appliance

Summary Multiple vulnerabilities in the python libraries used by the IBM Security Access Manager appliance. Vulnerability Details CVEID: CVE-2019-9948 DESCRIPTION: urllib in Python 2.x through 2.7.16 supports the localfile: scheme, which makes it easier for remote attackers to bypass protection...

9.1CVSS1.4AI score0.20743EPSS
Exploits4Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/10/15 12:0 a.m.260 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : python Multiple Vulnerabilities (NS-SA-2019-0187)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has python packages installed that are affected by multiple vulnerabilities: - Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of servic...

9.1CVSS6.6AI score0.20743EPSS
Exploits4References6
OSV
OSV
added 2019/09/10 1:8 p.m.11 views

USN-4127-2 python2.7, python3.4 vulnerabilities

USN-4127-1 fixed several vulnerabilities in Python. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that Python incorrectly handled certain pickle files. An attacker could possibly use this issue to consume...

9.8CVSS6.8AI score0.20743EPSS
Exploits6References9
Tenable Nessus
Tenable Nessus
added 2019/06/25 12:0 a.m.49 views

Debian DLA-1834-1 : python2.7 security update

Multiple vulnerabilities were discovered in Python, an interactive high-level object-oriented language, including CVE-2018-14647 Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against...

9.8CVSS7.2AI score0.20743EPSS
Exploits4References9
OPENSUSE Linux
OPENSUSE Linux
added 2019/06/19 12:0 a.m.238 views

Security update for python (important)

openSUSE Security Update: Security update for python Announcement ID: openSUSE-SU-2019:1580-1 Rating: important References: 1129346 1130847 Cross-References: CVE-2019-9636 CVE-2019-9948 Affected Products: openSUSE Leap 42.3 An update that fixes two vulnerabilities is now available. Description:...

9.8CVSS8.6AI score0.11844EPSS
Exploits1References2
Mageia
Mageia
added 2019/05/12 9:35 a.m.53 views

Updated python packages fix security vulnerability

Updated python packages fix security vulnerability: A 'file:' blacklist bypass in URIs by using the 'local-file:' scheme instead CVE-2019-9948...

9.1CVSS1.3AI score0.11844EPSS
Exploits1References2
OSV
OSV
added 2019/05/12 9:35 a.m.11 views

MGASA-2019-0165 Updated python packages fix security vulnerability

Updated python packages fix security vulnerability: A 'file:' blacklist bypass in URIs by using the 'local-file:' scheme instead CVE-2019-9948...

9.1CVSS9.6AI score0.11844EPSS
Exploits1References3
OSV
OSV
added 2019/03/23 6:29 p.m.3 views

DEBIAN-CVE-2019-9948

urllib in Python 2.x through 2.7.16 supports the localfile: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen'localfile:///etc/passwd' call...

9.1CVSS7.3AI score0.11844EPSS
Exploits1References1
OSV
OSV
added 2019/03/23 5:7 p.m.27 views

PSF-2019-12 urllib module local_file:// scheme

urllib in Python 2.x through 2.7.16 supports the localfile: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen'localfile:///etc/passwd' call...

9.1CVSS8.7AI score0.11844EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2019/03/23 12:0 a.m.11 views

PT-2019-2028 · Python +8 · Python +8

Name of the Vulnerable Software and Affected Versions: Python versions 2.x through 2.7.16 Description: The issue is related to the urllib module in Python, which supports the local file: scheme. This makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs. A...

10CVSS6.4AI score0.73327EPSS
Exploits72References435
Rows per page
Query Builder