53 matches found
SUSE-SU-2025:03028-1 Security update for python-future
This update for python-future fixes the following issues: - CVE-2025-50817: Fixed arbitrary code execution via the automatic import of file test.py bsc1248124...
SUSE CVE-2025-50817
A vulnerability in the Python-Future 1.0.0 module allows for arbitrary code execution via the unintended import of a file named test.py. When the module is loaded, it automatically imports test.py, if present in the same directory or in the sys.path. This behavior can be exploited by an attacker...
Withdrawn Advisory: Python-Future Module Arbitrary Code Execution via Unintended Import of test.py
Withdrawn Advisory This advisory has been withdrawn because it describes a documented feature of Python’s import system in the handling of sys.path. For more information, see https://github.com/PythonCharmers/python-future/issues/650. Original Description A vulnerability in the Python-Future 1.0....
GHSA-XQRQ-4MGF-FF32 Withdrawn Advisory: Python-Future Module Arbitrary Code Execution via Unintended Import of test.py
Withdrawn Advisory This advisory has been withdrawn because it describes a documented feature of Python’s import system in the handling of sys.path. For more information, see https://github.com/PythonCharmers/python-future/issues/650. Original Description A vulnerability in the Python-Future 1.0....
CVE-2025-50817
A vulnerability in the Python-Future 1.0.0 module allows for arbitrary code execution via the unintended import of a file named test.py. When the module is loaded, it automatically imports test.py, if present in the same directory or in the sys.path. This behavior can be exploited by an attacker...
CVE-2025-50817
A vulnerability in the Python-Future 1.0.0 module allows for arbitrary code execution via the unintended import of a file named test.py. When the module is loaded, it automatically imports test.py, if present in the same directory or in the sys.path. This behavior can be exploited by an attacker...
UBUNTU-CVE-2025-50817
A vulnerability in the Python-Future 1.0.0 module allows for arbitrary code execution via the unintended import of a file named test.py. When the module is loaded, it automatically imports test.py, if present in the same directory or in the sys.path. This behavior can be exploited by an attacker...
PT-2025-33349
Name of the Vulnerable Software and Affected Versions: Python-Future version 1.0.0 Description: A vulnerability in the Python-Future module allows for arbitrary code execution via the unintended import of a file named test.py. When the module is loaded, it automatically imports test.py, if presen...
CVE-2025-50817
Summary of CVE-2025-50817 : IBM security bulletins describe an arbitrary code execution in Python-Future 1.0.0 via unintended import of a local file named test.py when the module is loaded. The risk relies on an attacker who can write files to the server; Python’s import mechanism loads test.py f...
CVE-2025-50817
A vulnerability in the Python-Future 1.0.0 module allows for arbitrary code execution via the unintended import of a file named test.py. When the module is loaded, it automatically imports test.py, if present in the same directory or in the sys.path. This behavior can be exploited by an attacker...
CVE-2025-50817
A vulnerability in the Python-Future 1.0.0 module allows for arbitrary code execution via the unintended import of a file named test.py. When the module is loaded, it automatically imports test.py, if present in the same directory or in the sys.path. This behavior can be exploited by an attacker...
python-future 安全漏洞
python-future is a Python compatible software open source by Python Charmers. A security vulnerability exists in python-future version 1.0.0, which stems from the automatic import of the test.py file and could lead to the execution of arbitrary code...
CVE-2025-50817
Removed by vendor...
RHEL 7 : future (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - python-future: remote attackers can cause denial of service via crafted Set-Cookie header from malicious web server...
RHEL 8 : RHUI 4.4.0 - Security Fixes, Bug Fixes, and Enhancements Update (Moderate) (RHSA-2023:2101)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2101 advisory. Red Hat Update Infrastructure RHUI offers a highly scalable, highly redundant framework that enables you to manage repositories and content...
RHEL 8 : Satellite 6.13.3 Async Security Update (Important) (RHSA-2023:4466)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4466 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to...
Medium: future
Issue Overview: An issue discovered in Python Charmers Future 0.18.2 and earlier allows remote attackers to cause a denial of service via crafted Set-Cookie header from malicious web server. CVE-2022-40899 Affected Packages: future Issue Correction: Run dnf update future --releasever...
Mageia: Security Advisory (MGASA-2023-0030)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated python-future packages fix security vulnerability
Excessive CPU usage via a crafted Set-Cookie header CVE-2022-40899...
MGASA-2023-0030 Updated python-future packages fix security vulnerability
Excessive CPU usage via a crafted Set-Cookie header CVE-2022-40899...