Lucene search
K

137 matches found

RedHat Linux
RedHat Linux
added 2026/07/01 9:0 a.m.1 views

python-idna: idna: Denial of Service via specially crafted long inputs

A flaw was found in the idna library, which handles Internationalized Domain Names in Python applications. A remote attacker could exploit this vulnerability by sending specially crafted, excessively long inputs to the library's encoding function. This could cause the system to consume significan...

6.9CVSS6.1AI score0.00408EPSS
Exploits0References5
OSV
OSV
added 2026/06/24 9:39 p.m.3 views

SUSE-SU-2026:22356-1 Security update for python-idna

This update for python-idna fixes the following issue - CVE-2026-45409: specially crafted inputs to idna.encode can bypass earlier security fix bsc1265413...

6.9CVSS6.3AI score0.00408EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 9:39 p.m.2 views

SUSE-SU-2026:22271-1 Security update for python-idna

This update for python-idna fixes the following issue - CVE-2026-45409: specially crafted inputs to idna.encode can bypass earlier security fix bsc1265413...

6.9CVSS6.3AI score0.00408EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 9:38 p.m.3 views

OPENSUSE-SU-2026:21048-1 Security update for python-idna

This update for python-idna fixes the following issue - CVE-2026-45409: specially crafted inputs to idna.encode can bypass earlier security fix bsc1265413...

6.9CVSS5.8AI score0.00408EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/12 8:54 a.m.3 views

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: python-idna: python3-idna-3.18-1.hum1 noarch python-idna-3.18-1.hum1.src src...

6.9CVSS6.4AI score0.00408EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/05 10:6 p.m.12 views

CVE-2026-45409

Internationalized Domain Names in Applications IDNA for Python provides support for Internationalized Domain Names in Applications IDNA and Unicode IDNA Compatibility Processing. In versions prior to 3.15, payloads such as "\u0660" N or "\u30fb" N + "\u6f22" utilize the validcontexto function pri...

7.5CVSS6.6AI score0.01386EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/06/05 10:6 p.m.45 views

CVE-2026-45409

CVE-2026-45409 affects Python’s IDNA handling (idna.encode) in Python-idna. A specially crafted input could cause heavy resource consumption and potential DoS. The issue mirrors CVE-2024-3651; fixes were extended in 3.14–3.15 to reject long inputs earlier and more broadly (per-label conversions a...

6.9CVSS6.3AI score0.00408EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/05/28 3:40 p.m.6 views

SUSE-SU-2026:21914-1 Security update for python-idna

This update for python-idna fixes the following issue - CVE-2026-45409: specially crafted inputs to idna.encode can bypass earlier security fix bsc1265413...

6.9CVSS5.8AI score0.00408EPSS
Exploits0References3
OSV
OSV
added 2026/05/28 3:0 p.m.5 views

SUSE-SU-2026:21873-1 Security update for python-idna

This update for python-idna fixes the following issue - CVE-2026-45409: specially crafted inputs to idna.encode can bypass earlier security fix bsc1265413...

6.9CVSS5.8AI score0.00408EPSS
Exploits0References3
OSV
OSV
added 2026/05/20 12:0 a.m.4 views

OPENSUSE-SU-2026:10829-1 python311-idna-3.15-1.1 on GA media

These are all security issues fixed in the python311-idna-3.15-1.1 package on the GA media of openSUSE Tumbleweed...

6.9CVSS5.8AI score0.00408EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 9 : python-idna-2.10-7.el9_4.1 (AXSA:2024-8453:01)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8453:01 advisory. python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651 CVE-2024-3651 RESERVED Tenable has extracted th...

7.5CVSS8AI score0.01386EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 8 : python-idna-2.5-7.el8_10 (AXSA:2024-8515:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8515:02 advisory. python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651 Tenable has extracted the preceding description...

7.5CVSS8AI score0.01386EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.3 views

MiracleLinux 7 : python-idna-2.4-1.0.1.el7.AXS7 (AXSA:2025-11498:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-11498:01 advisory. CVE-2024-3651: more efficient resolution of joiner contexts in idna library to avoid quadratic complexity that leads to a DoS condition CVEs: CVE-2024-3651 ...

7.5CVSS6.6AI score0.01386EPSS
Exploits1References2
OSV
OSV
added 2025/11/19 4:10 p.m.8 views

CLSA-2025-1763568610 python-idna: Fix of CVE-2024-3651

CVE-2024-3651: more efficient resolution of joiner contexts in idna library to avoid quadratic complexity that leads to a DoS condition...

7.5CVSS6.6AI score0.01386EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/10/08 12:0 a.m.2 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: libffi (UTSA-2025-003039)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-003039 advisory. An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA RFC 3490 decoder, such...

7.5CVSS7.2AI score0.02453EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/07/25 12:0 a.m.4 views

NewStart CGSL MAIN 7.02 : python-idna Vulnerability (NS-SA-2025-0144)

The remote NewStart CGSL host, running version MAIN 7.02, has python-idna packages installed that are affected by a vulnerability: - A vulnerability was identified in the kjd/idna library, specifically within the idna.encode function, affecting version 3.6. The issue arises from the function's...

7.5CVSS6.7AI score0.01386EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.6 views

TencentOS Server 4: python-idna (TSSA-2024:0140)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0140 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

7.5CVSS6.8AI score0.01386EPSS
Exploits1References2
Rockylinux
Rockylinux
added 2025/05/07 7:11 p.m.9 views

python-idna security update

An update is available for python-idna. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The hsakmt packages include a thunk library for AMD's Heterogeneous Syste...

7.5CVSS7.5AI score0.01386EPSS
Exploits1
OSV
OSV
added 2025/05/07 7:11 p.m.6 views

RLSA-2024:4260 Moderate: python-idna security update

The hsakmt packages include a thunk library for AMD's Heterogeneous System Architecture HSA Linux kernel driver amdkfd. Security Fixes: python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651 For more details about the security issues, includi...

6.5CVSS8.1AI score0.01386EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/05/07 12:0 a.m.11 views

RockyLinux 8 : python-idna (RLSA-2024:4260)

The remote RockyLinux 8 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2024:4260 advisory. python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651 Tenable has extracted the preceding description bloc...

7.5CVSS6.8AI score0.01386EPSS
Exploits1References3
Rows per page
Query Builder