795 matches found
USN-5812-1 python-urllib3 vulnerability
It was discovered that urllib3 incorrectly handled certain characters in URLs. A remote attacker could possibly use this issue to cause urllib3 to consume resources, leading to a denial of service...
Fedora: Security Advisory for GitPython (FEDORA-2022-ce7369b9ec)
The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 36 Update: GitPython-3.1.30-1.fc36
GitPython is a python library used to interact with git repositories, high-level like git-porcelain, or low-level like git-plumbing. It provides abstractions of git objects for easy access of repository data, a nd additionally allows you to access the git repository more directly using eith er a...
[SECURITY] Fedora 37 Update: GitPython-3.1.30-1.fc37
GitPython is a python library used to interact with git repositories, high-level like git-porcelain, or low-level like git-plumbing. It provides abstractions of git objects for easy access of repository data, a nd additionally allows you to access the git repository more directly using eith er a...
CVE-2022-23485
Sentry is an error tracking and performance monitoring platform. In versions of the sentry python library prior to 22.11.0 an attacker with a known valid invite link could manipulate a cookie to allow the same invite link to be reused on multiple accounts when joining an organization. As a result...
Design/Logic Flaw
Sentry is an error tracking and performance monitoring platform. In versions of the sentry python library prior to 22.11.0 an attacker with a known valid invite link could manipulate a cookie to allow the same invite link to be reused on multiple accounts when joining an organization. As a result...
PYSEC-2022-43011
Sentry is an error tracking and performance monitoring platform. In versions of the sentry python library prior to 22.11.0 an attacker with a known valid invite link could manipulate a cookie to allow the same invite link to be reused on multiple accounts when joining an organization. As a result...
CVE-2022-23485
CVE-2022-23485 affects the Sentry Python library prior to 22.11.0. An attacker with a known valid invite link could manipulate a cookie to reuse the same invite across multiple accounts when joining an organization, enabling creation of multiple users and unauthorized organization membership. The...
CVE-2022-23485 Invite code reuse via cookie manipulation in sentry
Sentry is an error tracking and performance monitoring platform. In versions of the sentry python library prior to 22.11.0 an attacker with a known valid invite link could manipulate a cookie to allow the same invite link to be reused on multiple accounts when joining an organization. As a result...
CVE-2022-23485 Invite code reuse via cookie manipulation in sentry
Sentry is an error tracking and performance monitoring platform. In versions of the sentry python library prior to 22.11.0 an attacker with a known valid invite link could manipulate a cookie to allow the same invite link to be reused on multiple accounts when joining an organization. As a result...
GHSA-M8XW-9X5X-6VH3 py7zr directory traversal vulnerability
A directory traversal vulnerability in the SevenZipFile.extractall function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files via extracting a crafted 7z file...
CVE-2022-44900
A directory traversal vulnerability in the SevenZipFile.extractall function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files via extracting a crafted 7z file...
CVE-2022-44900
A directory traversal vulnerability in the SevenZipFile.extractall function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files via extracting a crafted 7z file...
Directory traversal
A directory traversal vulnerability in the SevenZipFile.extractall function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files via extracting a crafted 7z file...
CVE-2022-44900
A directory traversal vulnerability in the SevenZipFile.extractall function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files via extracting a crafted 7z file...
CVE-2022-44900
A directory traversal vulnerability in the SevenZipFile.extractall function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files via extracting a crafted 7z file...
CVE-2022-44900
CVE-2022-44900 : A directory traversal vulnerability in the Python py7zr library (v0.20.0 and earlier) affects SevenZipFile.extractall(), allowing an attacker to write arbitrary files when extracting crafted 7z archives. The issue is documented across multiple advisories (Ubuntu, Debian, OpenVAS,...
CVE-2022-44900
A directory traversal vulnerability in the SevenZipFile.extractall function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files via extracting a crafted 7z file...
Unblob - Extract Files From Any Kind Of Container Formats
unblob is an accurate, fast, and easy-to-use extraction suite. It parses unknown binary blobs for more than 30 different archive, compression, and file-system formats , extracts their content recursively , and carves out unknown chunks that have not been accounted for. Unblob is free to use ,...
aicrowd-cli (>=0.1.8 <=0.1.15), aim-cli (>=1.0.0 <=1.2.7rc4) +457 more potentially affected by CVE-2022-24439 via gitpython (>=0.3.4 <=3.1.3)
gitpython PYPI version =0.3.4, =0.1.8, =1.0.0, =1.0.1, =2.0.1, =0.10.0, =0.0.1a0, =0.0.3, =6.1.3, =0.0.3, =0.0.0, =0.1.0, =0.1.0, =0.2.0, =0.3.1 and more Source cves: CVE-2022-24439 Source advisory: SNYK:PYTHON-GITPYTHON-3113858...