Security update 5.0.8 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow...

python: Fix of CVE-2019-9948

CVE-2019-9948: fix urllib localfile:// URL scheme bypass that allowed file reads when localfile handler was defined...

CVE-2026-25528 LangSmith Client SDK Affected by Server-Side Request Forgery via Tracing Header Injection

LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. The LangSmith SDK's distributed tracing feature is vulnerable to Server-Side Request Forgery via malicious HTTP headers. An attacker can inject arbitrary apiurl values through the baggage header, causing the SDK to...

ThreatExploiter

🔴 ThreatExploiter Automated Network Penetration Testing & E...

CVE-2025-12060 Keras keras.utils.get_file Utility Path Traversal Vulnerability

The keras.utils.getfile API in Keras, when used with the extract=True option for tar archives, is vulnerable to a path traversal attack. The utility uses Python's tarfile.extractall function without the filter="data" feature. A remote attacker can craft a malicious tar archive containing special...

CLSA-2025-1760982776 python3: Fix of CVE-2025-8194

Bump package Release to 21.0.5 - CVE-2025-8194: tarfile: validate archives to ensure member offsets are non-negative...

CLSA-2024-1728403634 python3: Fix of CVE-2024-4032

CVE-2024-4032: update ipaddress module to reflect latest IANA Special-Purpose Address Registries...

CLSA-2024-1720178375 python2: Fix of CVE-2024-0450

CVE-2024-0450: Make zipfile module reject zip archives which overlap entries in the archive. Prevent “quoted-overlap” zip-bombs exploit...

SUSE-SU-2024:0437-1 Security update for python

This update for python fixes the following issues: - CVE-2023-27043: Fixed incorrectly parses e-mail addresses which contain a special character bsc1210638...

CLSA-2022-1669240479 python: Fix of CVE-2022-45061

CVE-2022-45061: Fix quadratic time idna decoding - fix tests to be compatible with expat 2.0.1-tuxcare.els...

SUSE-SU-2021:14198-1 Security update for python

This update for python fixes the following issues: Security issue fixed: - CVE-2019-16056: Fixed a parser issue in the email module. bsc1149955...

OPENSUSE-SU-2020:1859-1 Security update for python

This update for python fixes the following issues: - bsc1177211 CVE-2020-26116 no longer allowing special characters in the method parameter of HTTPConnection.putrequest in httplib, stopping injection of headers. This update was imported from the SUSE:SLE-15:Update update project...

SUSE-SU-2020:3115-1 Security update for python

This update for python fixes the following issues: - bsc1177211 CVE-2020-26116 no longer allowing special characters in the method parameter of HTTPConnection.putrequest in httplib, stopping injection of headers...

OPENSUSE-SU-2019:1988-1 Security update for python

This update for python fixes the following issues: - CVE-2018-20852: Fixed an information leak where cookies could be send to the wrong server because of incorrect domain validation bsc1141853. This update was imported from the SUSE:SLE-15:Update update project...