12249 matches found
Moderate: python3 security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...
Moderate: python-setuptools security update
The python-setuptools package provides a collection of enhancements to Python distribution utilities allowing convenient building and distribution of Python packages. Security Fixes: pypa-setuptools: Regular Expression Denial of Service ReDoS in packageindex.py CVE-2022-40897 For more details abo...
[SECURITY] [DLA 3329-1] python-django security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3329-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb February 20, 2023 https://wiki.debian.org/LTS -...
Python < 3.7.17, 3.8.x < 3.8.17, 3.9.x < 3.9.17, 3.10.x < 3.10.12, 3.11.x < 3.11.4 RCE Vulnerability - Windows
Python is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...
Python < 3.7.17, 3.8.x < 3.8.17, 3.9.x < 3.9.17, 3.10.x < 3.10.12, 3.11.x < 3.11.4 RCE Vulnerability - Linux
Python is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...
Python < 3.7.17, 3.8.x < 3.8.17, 3.9.x < 3.9.17, 3.10.x < 3.10.12, 3.11.x < 3.11.4 RCE Vulnerability - Mac OS X
Python is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...
CVE-2023-24329
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters...
CVE-2023-24329 vulnerabilities
Vulnerabilities for packages: python...
CVE-2023-24329
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters...
Security feature bypass
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters...
UBUNTU-CVE-2023-24329
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters...
CVE-2023-24329
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters...
CVE-2023-24329
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters...
Python 输入验证错误漏洞
Python is an open source, object-oriented programming language from the Python Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. An input validation error vulnerability exists in Python versions prior to 3.11, which stems from a vulnerability...
PSF-2023-1 urlparse does not correctly handle schemes
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters...
CVE-2023-24329
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters...
CVE-2023-24329
The CVE-2023-24329 issue is in Python's urllib.parse (before 3.11.4) where URLs starting with blank characters bypass blocklists. In practice, this can undermine domain/protocol filtering and potentially enable SSRF or related impacts as described. Affected versions include Python releases prior ...
CVE-2022-26032
Uncontrolled search path element in the IntelR Distribution for Python programming language before version 2022.1 for IntelR oneAPI Toolkits may allow an authenticated user to potentially enable escalation of privilege via local access...
Privilege escalation
Uncontrolled search path element in the IntelR Distribution for Python programming language before version 2022.1 for IntelR oneAPI Toolkits may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2022-26032
CVE-2022-26032 affects the Intel® Distribution for Python within the Intel® oneAPI Toolkits, where an uncontrolled search path element in Python prior to 2022.1 can enable privilege escalation via local access for authenticated users. The issue impacts Intel® Distribution for Python