Lucene search
K

48 matches found

EUVD
EUVD
added 2026/06/23 12:13 p.m.10 views

EUVD-2026-38437

picklescan before 1.0.4 fails to block at least seven Python standard library modules including uuid, osxsupport, aixsupport, pyrepl.pager, and imaplib exposing eight functions that provide direct arbitrary command execution. Attackers can craft malicious pickle files importing these unblocked...

9.8CVSS6.7AI score0.00757EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.14 views

PT-2026-51510

Name of the Vulnerable Software and Affected Versions picklescan versions prior to 1.0.4 Description The software fails to block at least seven Python standard library modules, including uuid, osx support, aix support, pyrepl.pager, and imaplib. This oversight exposes eight functions that allow...

9.8CVSS6.2AI score0.00757EPSS
Exploits0References10
Fedora
Fedora
added 2026/05/23 4:1 p.m.12 views

[SECURITY] Fedora 42 Update: python3.15-3.15.0~b1-1.fc42

Python 3.15 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.15 package provides the "python3.15" executable:...

9.1CVSS6.5AI score0.00579EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/04/17 7:24 p.m.2 views

cpython: Out-of-memory when loading Plist

A flaw was found in the plistlib module in the Python standard library. The amount of data to read from a Plist file is specified in the file itself. This issue allows a specially crafted Plist file to cause an application to allocate a large amount of memory, potentially resulting in allocations...

5.5CVSS6.4AI score0.00193EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/17 6:54 p.m.2 views

cpython: Out-of-memory when loading Plist

A flaw was found in the plistlib module in the Python standard library. The amount of data to read from a Plist file is specified in the file itself. This issue allows a specially crafted Plist file to cause an application to allocate a large amount of memory, potentially resulting in allocations...

5.5CVSS6.4AI score0.00193EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/10 7:25 p.m.1 views

cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked

A zip file handling flaw has been discovered in the python standard library zipfile module. The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record wou...

4.3CVSS6.4AI score0.00353EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2026/04/10 7:25 p.m.2 views

cpython: Excessive read buffering DoS in http.client

A flaw was found in the http.client module in the Python standard library. When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This issue allows a malicious server to cause the client to read large amounts of data into...

7.5CVSS7AI score0.01525EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/10 7:25 p.m.1 views

cpython: Out-of-memory when loading Plist

A flaw was found in the plistlib module in the Python standard library. The amount of data to read from a Plist file is specified in the file itself. This issue allows a specially crafted Plist file to cause an application to allocate a large amount of memory, potentially resulting in allocations...

5.5CVSS6.4AI score0.00193EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/02 12:7 p.m.6 views

cpython: POP3 command injection in user-controlled commands

A flaw was found in the poplib module in the Python standard library. The poplib module does not reject control characters, such as newlines, in user-controlled input passed to POP3 commands. This issue allows an attacker to inject additional commands to be executed in the POP3 server...

5.9CVSS7AI score0.00315EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/03/30 11:1 a.m.4 views

cpython: POP3 command injection in user-controlled commands

A flaw was found in the poplib module in the Python standard library. The poplib module does not reject control characters, such as newlines, in user-controlled input passed to POP3 commands. This issue allows an attacker to inject additional commands to be executed in the POP3 server...

5.9CVSS7AI score0.00315EPSS
Exploits0References7
Fedora
Fedora
added 2026/03/29 1:9 a.m.8 views

[SECURITY] Fedora 42 Update: python3.11-3.11.15-2.fc42

Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable:...

7.1CVSS5.9AI score0.00308EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/03/23 4:6 p.m.7 views

cpython: IMAP command injection in user-controlled commands

A flaw was found in the imaplib module in the Python standard library. The imaplib module does not reject control characters, such as newlines, in user-controlled input passed to IMAP commands. This issue allows an attacker to inject additional commands to be executed in the IMAP server...

5.9CVSS7AI score0.0036EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/03/23 3:31 a.m.13 views

cpython: POP3 command injection in user-controlled commands

A flaw was found in the poplib module in the Python standard library. The poplib module does not reject control characters, such as newlines, in user-controlled input passed to POP3 commands. This issue allows an attacker to inject additional commands to be executed in the POP3 server...

5.9CVSS5.7AI score0.00315EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/03/23 2:43 a.m.8 views

cpython: IMAP command injection in user-controlled commands

A flaw was found in the imaplib module in the Python standard library. The imaplib module does not reject control characters, such as newlines, in user-controlled input passed to IMAP commands. This issue allows an attacker to inject additional commands to be executed in the IMAP server...

5.9CVSS7AI score0.0036EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/03/23 2:17 a.m.9 views

cpython: IMAP command injection in user-controlled commands

A flaw was found in the imaplib module in the Python standard library. The imaplib module does not reject control characters, such as newlines, in user-controlled input passed to IMAP commands. This issue allows an attacker to inject additional commands to be executed in the IMAP server...

5.9CVSS7AI score0.0036EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/03/23 1:42 a.m.11 views

cpython: IMAP command injection in user-controlled commands

A flaw was found in the imaplib module in the Python standard library. The imaplib module does not reject control characters, such as newlines, in user-controlled input passed to IMAP commands. This issue allows an attacker to inject additional commands to be executed in the IMAP server...

5.9CVSS7AI score0.0036EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/03/23 1:42 a.m.4 views

cpython: POP3 command injection in user-controlled commands

A flaw was found in the poplib module in the Python standard library. The poplib module does not reject control characters, such as newlines, in user-controlled input passed to POP3 commands. This issue allows an attacker to inject additional commands to be executed in the POP3 server...

5.9CVSS7AI score0.00315EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/03/23 1:32 a.m.7 views

cpython: IMAP command injection in user-controlled commands

A flaw was found in the imaplib module in the Python standard library. The imaplib module does not reject control characters, such as newlines, in user-controlled input passed to IMAP commands. This issue allows an attacker to inject additional commands to be executed in the IMAP server...

5.9CVSS7AI score0.0036EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/03/19 5:57 p.m.9 views

cpython: IMAP command injection in user-controlled commands

A flaw was found in the imaplib module in the Python standard library. The imaplib module does not reject control characters, such as newlines, in user-controlled input passed to IMAP commands. This issue allows an attacker to inject additional commands to be executed in the IMAP server...

5.9CVSS5.7AI score0.0036EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/03/18 6:13 p.m.8 views

CVE-2026-3479 pkgutil.get_data() does not enforce documented restrictions

DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.getdata has the same security model as open. The documentation has been updated to clarify this point. There is no vulnerability in the function if following the intended security model. pkgutil.getdata did...

6AI score0.00238EPSS
Exploits0References7
Rows per page
Query Builder