Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 - React2shell A Python 2.7 exploit for CVE-2...

Astra Linux - уязвимость в python2.7, python3.7

A flaw was discovered in Python, specifically in the FTP File Transfer Protocol client library when operating in PASV passive mode. The issue arises from how the FTP client defaults to trusting the host based on the PASV response. This flaw allows an attacker to create a malicious FTP server that...

Astra Linux - уязвимость в python2.7

The Python standard library functions urllib.parse.urlsplit and urlparse accept domain names that include square brackets, which is not valid according to RFC 3986. Square brackets are only intended to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could lead to...

Astra Linux - уязвимость в python3.7, python2.7

There is a flaw in the urllib’s AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server to which an HTTP client such as a web browser connects can trigger a Regular Expression Denial of Service ReDOS during an authentication request. This occurs when the server sends a...

Astra Linux - уязвимость в python2.7, python3.7

A use-after-free exists in Python through version 3.9 via the heappushpop function in the heapq module...

Ubuntu: Security Advisory (USN-8018-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-8018-3 python2.7 vulnerabilities

USN-8018-1 fixed CVE-2025-12084, CVE-2025-15282, CVE-2026-0672, CVE-2026-0865 for python3. This update provides the corresponding updates for python2.7. Original advisory details: Denis Ledoux discovered that Python incorrectly parsed email message headers. An attacker could possibly use this iss...

USN-8018-3: Python 2.7 vulnerabilities

USN-8018-1 fixed CVE-2025-12084, CVE-2025-15282, CVE-2026-0672, CVE-2026-0865 for python3. This update provides the corresponding updates for python2.7. Original advisory details: Denis Ledoux discovered that Python incorrectly parsed email message headers. An attacker could possibly use this iss...

python27:2.7 security and bug fix update

An update is available for python-mock, module.python-sqlalchemy, python-backports-sslmatchhostname, python-attrs, python-chardet, python2-rpm-macros, module.numpy, module.python-mock, python-pymongo, python-markupsafe, python-psycopg2, python2-six, module.python-funcsigs, module.python-pygments,...

RLSA-2023:5994 Important: python27:2.7 security update

Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for...

python27:2.7 security update

An update is available for python-mock, module.python-sqlalchemy, python-backports-sslmatchhostname, python-attrs, python-chardet, python2-rpm-macros, module.numpy, module.python-mock, python-pymongo, python-markupsafe, python2-six, module.python-funcsigs, module.python-pygments,...

RockyLinux 8 : python27:2.7 (RLSA-2023:5994)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:5994 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the RockyLinux security advisory. Note that Nessus...

Security update 5.1.2 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-QubitProducts-exporterexporter: Non-customer-facing optimization around source building golang-github-lusitaniae-apacheexporter: Build without apparmor for openSUSE Leap 16, SLES 16 or newer Require Go 1.23 for building Update to version 1.0.1...

SUSE-SU-2026:0337-1 Security update for python

This update for python fixes the following issues: - Modified CVE-2025-6075 fix to not use re.ASCII flag not available in Python 2.7 bsc1257064...

MiracleLinux 8 : python27:2.7 (AXSA:2021-1555:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1555:01 advisory. python: infinite loop in the tarfile module via crafted TAR archive CVE-2019-20907 python-pip: directory traversal in downloadhttpurl function in...

MiracleLinux 8 : python27:2.7 (AXSA:2022-4445:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4445:01 advisory. python: mailcap: findmatch function does not sanitize the second argument CVE-2015-20107. Tenable has extracted the preceding description block directly from...

MiracleLinux 8 : python27:2.7 (AXSA:2023-6555:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6555:01 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 8 : python27:2.7 (AXSA:2020-969:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-969:01 advisory. python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure CVE-2018-20060 python: Cookie domain check...

MiracleLinux 8 : python27:2.7 (AXSA:2021-2091:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2091:01 advisory. python: CRLF injection via HTTP request method in httplib/http.client CVE-2020-26116 python-urllib3: CRLF injection via HTTP request method...

MiracleLinux 7 : python-2.7.5-48.0.1.el7.AXS7 (AXSA:2016-1185:04)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-1185:04 advisory. IPy is a Python module for handling IPv4 and IPv6 Addresses and Networks in a fashion similar to perl's Net::IP and friends. The IP class allows a comfortabl...