25 matches found
CVE-2026-42545
Granian is a Rust HTTP server for Python applications. From 0.2.0 to 2.7.4, Granian aborts a worker process if a WSGI application returns an invalid HTTP response header name or value. The WSGI response conversion path uses .unwrap on both the header name and header value constructors, so malform...
CVE-2026-42544
CVE-2026-42544 (Granian) affects Granian versions 1.2.0–2.7.4, where an unauthenticated client sending a WebSocket upgrade request with a non-ASCII Sec-WebSocket-Protocol header causes the server to abort the worker in the WebSocket scope construction path, yielding an unauthenticated DoS. The cr...
EUVD-2021-26520
Malware in sbrugna...
EUVD-2023-0241
Malicious code in bioql PyPI...
CVE-2025-24794
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. The OCSP response cache uses pickle as the...
CVE-2020-13258
Contentful through 2020-05-21 for Python allows reflected XSS, as demonstrated by the api parameter to the-example-app.py...
编号撤回
Ray is a unified framework for scaling AI and Python applications open-sourced by ray-project. This CVE number has been withdrawn...
CVE-2025-24793
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. A function from the...
CVE-2025-24795 The Snowflake Connector for Python uses insecure cache files permissions
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. On Linux systems, when temporary credential...
CVE-2025-24795 The Snowflake Connector for Python uses insecure cache files permissions
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. On Linux systems, when temporary credential...
CVE-2025-24794
Technical details such as affected products, versions, root cause, impact and fixes for CVE-2025-24794 are not provided in the connected documents. Please monitor for updates from relevant advisories to obtain concrete vulnerability data and remediation guidance.
CVE-2025-24794 The Snowflake Connector for Python uses insecure deserialization of the OCSP response cache
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. The OCSP response cache uses pickle as the...
CVE-2025-24794 The Snowflake Connector for Python uses insecure deserialization of the OCSP response cache
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. The OCSP response cache uses pickle as the...
CVE-2025-24793 Snowflake Connector for Python has an SQL Injection in write_pandas
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. A function from the...
CVE-2025-24793 Snowflake Connector for Python has an SQL Injection in write_pandas
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. A function from the...
CVE-2025-24793
Technical details about CVE-2025-24793 are not provided in the connected documents. The initial entry notes a SQL injection in Snowflake Connector for Python versions 2.2.5–3.13.0, fixed in 3.13.1, but no further technical specifics are available here. Monitor for updates.
CVE-2025-24793 Snowflake Connector for Python has an SQL Injection in write_pandas
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. A function from the...
Fedora 33 : python2.7 (2021-66547ff92d)
The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-66547ff92d advisory. - Python 3.x through 3.9.1 has a buffer overflow in PyCArgrepr in ctypes/callproc.c, which may lead to remote code execution in certain Python...
[SECURITY] [DLA 1357-1] gunicorn security update
Package : gunicorn Version : 0.14.5-3+deb7u2 CVE ID : CVE-2018-1000164 Debian Bug : 896548 It was discovered that there was an issue in the gunicorn HTTP server for Python applicatons where CRLF sequences could result in an attacker tricking the server into returning arbitrary headers. For more...
Debian: Security Advisory (DLA-1357-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...