Lucene search
K

8 matches found

OSV
OSV
added 2026/06/30 12:0 a.m.2 views

OPENSUSE-SU-2026:11160-1 python311-pydata-sphinx-theme-0.19.0-2.1 on GA media

These are all security issues fixed in the python311-pydata-sphinx-theme-0.19.0-2.1 package on the GA media of openSUSE Tumbleweed...

7.5CVSS5.8AI score0.00274EPSS
Exploits0References1
Redos
Redos
added 2026/05/05 12:0 a.m.9 views

ROS-20260505-73-0046

A vulnerability in the urllib.request.DataHandler component of the Python programming language interpreter is related to the failure to take measures to neutralize CRLF sequences. Exploitation of the vulnerability may allow a remote attacker to affect the integrity of protected information...

6CVSS7.3AI score0.0048EPSS
Exploits0
OSV
OSV
added 2026/01/26 2:43 p.m.4 views

BIT-LIBPYTHON-2025-15282 Header injection via newlines in data URL mediatype

User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype...

6CVSS5.9AI score0.0048EPSS
Exploits0References10
OSV
OSV
added 2026/01/20 9:35 p.m.4 views

PSF-2026-2

User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype...

6CVSS5.4AI score0.0048EPSS
Exploits0References9
Snyk
Snyk
added 2025/02/21 9:42 p.m.2 views

Deserialization of Untrusted Data

Overview qiskit-terra is a Software for developing quantum computing programs Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the deserialization of QPY files containing malformed symengine serialization streams. An attacker can terminate the process by...

8.6CVSS7AI score0.0066EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/04/17 12:0 a.m.25 views

RHEL 8 / 9 : OpenShift Container Platform 4.14.4 (RHSA-2023:7473)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7473 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

8CVSS7.1AI score0.01815EPSS
Exploits1References8
Debian CVE
Debian CVE
added 2023/02/14 7:56 p.m.69 views

CVE-2023-25577

Werkzeug is a comprehensive WSGI web application library. Prior to version 2.2.3, Werkzeug's multipart form data parser will parse an unlimited number of parts, including file parts. Parts can be a small amount of bytes, but each requires CPU time to parse and may use more memory as Python data. ...

7.5CVSS7.1AI score0.0142EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2015/06/04 8:27 a.m.11 views

python: missing boundary check in JSON module

A flaw was found in the way the json module handled negative index argument passed to certain functions such as rawdecode. An attacker able to control index value passed to one of the affected functions could possibly use this flaw to disclose portions of the application memory...

5.9CVSS6.7AI score0.08125EPSS
Exploits1References4
Rows per page
Query Builder