RLSA-2026:19175 Important: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

MiracleLinux 8 : python3.12-3.12.12-3.el8_10 (AXSA:2026-308:09)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-308:09 advisory. cpython: wsgiref.headers.Headers allows header newline injection in Python CVE-2026-0865 cpython: IMAP command injection in user-controlled commands...

EUVD-2023-40427

Malicious code in bioql PyPI...

EUVD-2024-43982

Malicious code in bioql PyPI...

CVE-2024-4343

A Python command injection vulnerability exists in the SagemakerLLM class's complete method within ./privategpt/components/llm/custom/sagemaker.py of the imartinez/privategpt application, versions up to and including 0.3.0. The vulnerability arises due to the use of the eval function to parse a...

CVE-2024-4343 Python Command Injection in imartinez/privategpt

A Python command injection vulnerability exists in the SagemakerLLM class's complete method within ./privategpt/components/llm/custom/sagemaker.py of the imartinez/privategpt application, versions up to and including 0.3.0. The vulnerability arises due to the use of the eval function to parse a...

PT-2024-30579 · Amazon · Aws Sagemaker

Name of the Vulnerable Software and Affected Versions: imartinez/privategpt versions up to and including 0.3.0 versions prior to 0.6.0 Description: A Python command injection vulnerability exists in the complete method of the SagemakerLLM class within ./private...

SUSE: Security Advisory (SUSE-SU-2022:2249-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2015-20107

In Python aka CPython up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input if they lack validation of user-provided...

Python 命令注入漏洞

Python is an open source, object-oriented programming language from the Python Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. A command injection vulnerability exists in Python version 3.10.4 and earlier versions, which stems from the mailc...