ROS-20260505-73-0029

A vulnerability in the appendChild and clearidcache functions of the Python programming language interpreter CPython is related to algorithmic complexity. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260505-73-0061

A vulnerability in the email module of the Python programming language interpreter is related to the failure to take measures to neutralize CRLF sequences. Exploitation of the vulnerability could allow a remote attacker to compromise the integrity of protected information...

RHEL 9 : python3.11 (RHSA-2026:13692)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13692 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

SUSE SLES16 Security Update : python-jwcrypto (SUSE-SU-2026:21425-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:21425-1 advisory. - CVE-2026-39373: weak mitigation for JWT bomb attack in the deserialize function can lead to memory exhaustion via crafted compressed JWE...

ROS-20260505-73-0060

A vulnerability in the email module of the Python programming language interpreter is related to the failure to take measures to neutralize CRLF sequences. Exploitation of the vulnerability could allow a remote attacker to compromise the integrity of protected information...

ROS-20260505-73-0053

A vulnerability in the http.cookies.Morsel component of the Python programming language interpreter is related to the failure to take measures to neutralize CRLF sequences. Exploitation of the vulnerability could allow a remote attacker to affect the availability of protected information...

ROS-20260505-73-0015

A vulnerability in the ElementDeclHandler component of the Python Programming Language Interpreter CPython is related to uncontrolled recursion. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

Oracle Linux 7 : python (ELSA-2026-9614)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-9614 advisory. 2.7.5-94.0.7 - Fix for CVE-2026-4519 Orabug: 39243798 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. No...

PT-2026-37256

Name of the Vulnerable Software and Affected Versions JupyterLab versions prior to 4.5.7 Description The PyPI Extension Manager does not correctly enforce the allowed extensions uris allow-list, allowing the installation of packages not listed on the default PyPI index. This issue affects...

ROS-20260505-73-0062

A vulnerability in the email module of the Python programming language interpreter is related to the failure to take measures to neutralize CRLF sequences. Exploitation of the vulnerability could allow a remote attacker to compromise the integrity of protected information...

ROS-20260505-73-0021

A vulnerability in the os.path.expandvars function of the Python programming language interpreter is associated with uncontrolled resource consumption. Exploitation of the vulnerability allows an attacker to cause a denial of service...

ROS-20260505-73-0014

A vulnerability in the http.cookies library of the Python programming language interpreter CPython is related to improper encoding or escaping of output data. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality and integrity of protected information...

ROS-20260505-73-0039

A vulnerability in the plistlib module of the Python programming language interpreter is associated with uncontrolled resource consumption. Exploitation of the vulnerability allows an attacker to cause a denial of service...

ROS-20260505-73-0010

A vulnerability in the http.cookies library of the Python programming language interpreter CPython is related to improper encoding or escaping of output data. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality and integrity of protected information...

ROS-20260505-73-0036

A vulnerability in the plistlib module of the Python programming language interpreter is associated with uncontrolled resource consumption. Exploitation of the vulnerability allows an attacker to cause a denial of service...

ROS-20260505-73-0050

A vulnerability in the http.cookies.Morsel component of the Python programming language interpreter is related to the failure to take measures to neutralize CRLF sequences. Exploitation of the vulnerability could allow a remote attacker to affect the availability of protected information...

ROS-20260505-73-0048

A vulnerability in the urllib.request.DataHandler component of the Python programming language interpreter is related to the failure to take measures to neutralize CRLF sequences. Exploitation of the vulnerability may allow a remote attacker to affect the integrity of protected information...

ROS-20260505-73-0042

Vulnerability in python3.11 related to failure to take measures to neutralize crlf sequences. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

ROS-20260505-73-0044

Vulnerability in python3.13 related to failure to take measures to neutralize crlf sequences. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

ROS-20260505-73-0041

Vulnerability in python3.10 related to failure to take measures to neutralize crlf sequences. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...