Lucene search
+L

32 matches found

redos
redos
added 2026/05/05 12:0 a.m.20 views

ROS-20260505-73-0036

A vulnerability in the plistlib module of the Python programming language interpreter is associated with uncontrolled resource consumption. Exploitation of the vulnerability allows an attacker to cause a denial of service...

5.5CVSS7.1AI score0.00193EPSS
Exploits0
redos
redos
added 2026/05/05 12:0 a.m.12 views

ROS-20260505-73-0039

A vulnerability in the plistlib module of the Python programming language interpreter is associated with uncontrolled resource consumption. Exploitation of the vulnerability allows an attacker to cause a denial of service...

5.5CVSS7.1AI score0.00193EPSS
Exploits0
redhat
redhat
added 2026/04/10 7:25 p.m.3 views

cpython: Out-of-memory when loading Plist

A flaw was found in the plistlib module in the Python standard library. The amount of data to read from a Plist file is specified in the file itself. This issue allows a specially crafted Plist file to cause an application to allocate a large amount of memory, potentially resulting in allocations...

5.5CVSS6.4AI score0.00193EPSS
Exploits0References6
nessus
nessus
added 2026/03/28 12:0 a.m.4 views

SUSE SLES15 / openSUSE 15 Security Update : python312 (SUSE-SU-2026:1107-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1107-1 advisory. Update to Python 3.12.13: - CVE-2025-6075: quadratic complexity in os.path.expandvars bsc1252974. - CVE-2025-11468:...

7.5CVSS7AI score0.01525EPSS
Exploits0References31
suse
suse
added 2026/03/27 11:34 a.m.4 views

Security update for python311

This update for python311 fixes the following issues: Update to python 3.11.15: CVE-2025-6075: quadratic complexity in os.path.expandvars bsc1252974. CVE-2025-11468: header injection with carefully crafted inputs bsc1257029. CVE-2025-12084: quadratic complexity in xml.minidom node ID cache cleari...

8.7CVSS7AI score0.01525EPSS
Exploits0References40
suse
suse
added 2026/03/27 9:4 a.m.13 views

Security update for python312

This update for python312 fixes the following issues: Update to Python 3.12.13: CVE-2025-6075: quadratic complexity in os.path.expandvars bsc1252974. CVE-2025-11468: header injection with carefully crafted inputs bsc1257029. CVE-2025-12084: quadratic complexity in xml.minidom node ID cache cleari...

8.7CVSS7AI score0.01525EPSS
Exploits0References40
osv
osv
added 2026/03/27 9:4 a.m.6 views

SUSE-SU-2026:1107-1 Security update for python312

This update for python312 fixes the following issues: Update to Python 3.12.13: - CVE-2025-6075: quadratic complexity in os.path.expandvars bsc1252974. - CVE-2025-11468: header injection with carefully crafted inputs bsc1257029. - CVE-2025-12084: quadratic complexity in xml.minidom node ID cache...

7.5CVSS7AI score0.01525EPSS
Exploits0References21
suse
suse
added 2026/03/26 10:36 a.m.18 views

Security update for python310

This update for python310 fixes the following issues: Update to Python 3.10.20: CVE-2025-6075: quadratic complexity in os.path.expandvars bsc1252974. CVE-2025-11468: header injection with carefully crafted inputs bsc1257029. CVE-2025-12084: quadratic complexity in xml.minidom node ID cache cleari...

8.7CVSS5.9AI score0.01525EPSS
Exploits0References36
osv
osv
added 2026/03/26 10:36 a.m.7 views

SUSE-SU-2026:1062-1 Security update for python310

This update for python310 fixes the following issues: Update to Python 3.10.20: - CVE-2025-6075: quadratic complexity in os.path.expandvars bsc1252974. - CVE-2025-11468: header injection with carefully crafted inputs bsc1257029. - CVE-2025-12084: quadratic complexity in xml.minidom node ID cache...

7.5CVSS7AI score0.01525EPSS
Exploits0References19
osv
osv
added 2026/03/19 12:47 p.m.1 views

SUSE-SU-2026:20796-1 Security update for python311

This update for python311 fixes the following issues: Updated to Python 3.11.15: - CVE-2025-6075: quadratic complexity in os.path.expandvars bsc1252974. - CVE-2025-11468: header injection with carefully crafted inputs bsc1257029. - CVE-2025-12084: quadratic complexity in xml.minidom node ID cache...

7.5CVSS7AI score0.01525EPSS
Exploits0References17
nessus
nessus
added 2026/03/16 12:0 a.m.6 views

EulerOS 2.0 SP12 : python3 (EulerOS-SA-2026-1376)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic...

7.5CVSS6.9AI score0.01525EPSS
Exploits0References6
osv
osv
added 2026/01/22 1:47 p.m.1 views

OPENSUSE-SU-2026:20081-1 Security update for python313

This update for python313 fixes the following issues: - Update to 3.13.11: - Security - CVE-2025-12084: cpython: Fixed quadratic algorithm in xml.dom.minidom leading to denial of service bsc1254997 - CVE-2025-13836: Fixed default Content-Lenght read amount from HTTP response bsc1254400 -...

7.5CVSS6.3AI score0.01525EPSS
Exploits0References15
suse
suse
added 2026/01/15 1:11 p.m.3 views

Security update for python310

This update for python310 fixes the following issues: CVE-2025-12084: quadratic complexity when building nested elements using xml.dom.minidom methods that depend on clearidcache can lead to availability issues when building excessively nested documents bsc1254997. CVE-2025-13836: use of...

6.5CVSS6.9AI score0.01525EPSS
Exploits0References12
nessus
nessus
added 2026/01/01 12:0 a.m.8 views

SUSE SLES12: libpython3_4m1_0 / libpython3_4m1_0-32bit / python3 / python3-base / etc (SUSE-SU-2025:4538-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4538-1 advisory. - CVE-2025-12084: cpython: Fixed quadratic algorithm in xml.dom.minidom leading to denial of service bsc1254997 - CVE-2025-13836: Fixed default...

7.5CVSS7AI score0.01525EPSS
Exploits0References10
nessus
nessus
added 2025/12/27 12:0 a.m.2 views

openSUSE 15: libpython3_9-1_0 / libpython3_9-1_0-32bit / python39 / etc (SUSE-SU-2025:4522-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4522-1 advisory. - CVE-2025-12084: quadratic complexity when building nested elements using xml.dom.minidom methods that depend on clearidcache can lead to availabili...

7.5CVSS7AI score0.01525EPSS
Exploits0References10
suse
suse
added 2025/12/26 10:35 a.m.4 views

Security update for python39

This update for python39 fixes the following issues: CVE-2025-12084: quadratic complexity when building nested elements using xml.dom.minidom methods that depend on clearidcache can lead to availability issues when building excessively nested documents bsc1254997. CVE-2025-13836: use of...

6.3CVSS6.9AI score0.01525EPSS
Exploits0References12
osv
osv
added 2025/12/05 11:13 a.m.10 views

BIT-PYTHON-2025-13837 Out-of-memory when loading Plist

When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues...

5.5CVSS6.9AI score0.00193EPSS
Exploits0References10
osv
osv
added 2025/12/01 6:16 p.m.7 views

AZL-71275 CVE-2025-13837 affecting package python3 3.9.19-19

When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues...

5.5CVSS5.7AI score0.00193EPSS
Exploits0References1
debiancve
debiancve
added 2025/12/01 6:13 p.m.6 views

CVE-2025-13837

When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues...

5.5CVSS7.2AI score0.00193EPSS
Exploits0
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-51261

Malicious code in bioql PyPI...

9.8CVSS7.7AI score0.04268EPSS
Exploits3References10
Rows per page
Query Builder