8 matches found
OPENSUSE-SU-2026:11160-1 python311-pydata-sphinx-theme-0.19.0-2.1 on GA media
These are all security issues fixed in the python311-pydata-sphinx-theme-0.19.0-2.1 package on the GA media of openSUSE Tumbleweed...
ROS-20260505-73-0046
A vulnerability in the urllib.request.DataHandler component of the Python programming language interpreter is related to the failure to take measures to neutralize CRLF sequences. Exploitation of the vulnerability may allow a remote attacker to affect the integrity of protected information...
BIT-LIBPYTHON-2025-15282 Header injection via newlines in data URL mediatype
User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype...
PSF-2026-2
User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype...
Deserialization of Untrusted Data
Overview qiskit-terra is a Software for developing quantum computing programs Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the deserialization of QPY files containing malformed symengine serialization streams. An attacker can terminate the process by...
RHEL 8 / 9 : OpenShift Container Platform 4.14.4 (RHSA-2023:7473)
The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7473 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...
CVE-2023-25577
Werkzeug is a comprehensive WSGI web application library. Prior to version 2.2.3, Werkzeug's multipart form data parser will parse an unlimited number of parts, including file parts. Parts can be a small amount of bytes, but each requires CPU time to parse and may use more memory as Python data. ...
python: missing boundary check in JSON module
A flaw was found in the way the json module handled negative index argument passed to certain functions such as rawdecode. An attacker able to control index value passed to one of the affected functions could possibly use this flaw to disclose portions of the application memory...