python-urllib3: ReDoS in the parsing of authority part of URL

A flaw was found in python-urllib3. When provided with a URL containing many @ characters in the authority component, the authority's regular expression exhibits catastrophic backtracking. This flaw causes a denial of service if a URL is passed as a parameter or redirected via an HTTP redirect. T...

python39:3.9 and python39-devel:3.9 security update

modwsgi 4.7.1-4 - Convert from Fedora to the python39 module in RHEL8 - Resolves: rhbz1877430 4.7.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora33MassRebuild 4.7.1-2 - Rebuilt for Python 3.9 4.7.1-1 - update to 4.7.1 1721376 numpy 1.19.4-3 - Adjusted the postun scriptlets to enable...

CentOS 8 : python39:3.9 and python39-devel:3.9 (CESA-2021:4160)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4160 advisory. - python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS CVE-2021-28957 - python-ipaddress: Improper input validation ...

python-urllib3: ReDoS in the parsing of authority part of URL

A flaw was found in python-urllib3. When provided with a URL containing many @ characters in the authority component, the authority's regular expression exhibits catastrophic backtracking. This flaw causes a denial of service if a URL is passed as a parameter or redirected via an HTTP redirect. T...

python-urllib3: ReDoS in the parsing of authority part of URL

A flaw was found in python-urllib3. When provided with a URL containing many @ characters in the authority component, the authority's regular expression exhibits catastrophic backtracking. This flaw causes a denial of service if a URL is passed as a parameter or redirected via an HTTP redirect. T...

RLSA-2021:4160 Moderate: python39:3.9 and python39-devel:3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

NewStart CGSL MAIN 6.02 : python-urllib3 Vulnerability (NS-SA-2021-0130)

The remote NewStart CGSL host, running version MAIN 6.02, has python-urllib3 packages installed that are affected by a vulnerability: - urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the...

Critical Photon OS Security Update - PHSA-2021-0442

Updates of 'python-urllib3' packages of Photon OS have been released...

SUSE SLED12 / SLES12 Security Update : python-urllib3 (SUSE-SU-2021:3251-1)

The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:3251-1 advisory. - urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and...

SUSE: Security Advisory (SUSE-SU-2021:3251-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2021:3251-1 Security update for python-urllib3

This update for python-urllib3 fixes the following security issue: - CVE-2020-26137: A CRLF injection via HTTP request method was fixed bsc1177120 Note that this was fixed in a previous version update to 1.25.9, this update just complements the tracking...

Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2021-2565)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2021-2541)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : python-urllib3 (EulerOS-SA-2021-2565)

According to the versions of the python-urllib3 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF...

EulerOS 2.0 SP9 : python-urllib3 (EulerOS-SA-2021-2541)

According to the versions of the python-urllib3 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF...

EulerOS 2.0 SP8 : python-urllib3 (EulerOS-SA-2021-2485)

According to the versions of the python-urllib3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF...

Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2021-2485)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: Red Hat Automation Platform 1.2.5 security and bugfixes update

An update is now available for Red Hat Automation Platform 1.2.5. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

openSUSE: Security Advisory for aws-cli, (openSUSE-SU-2021:1206-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE 15 Security Update : aws-cli, python-boto3, python-botocore, python-service_identity, python-trustme, python-urllib3 (openSUSE-SU-2021:1206-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1206-1 advisory. - urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control...