cpython: IMAP command injection in user-controlled commands

A flaw was found in the imaplib module in the Python standard library. The imaplib module does not reject control characters, such as newlines, in user-controlled input passed to IMAP commands. This issue allows an attacker to inject additional commands to be executed in the IMAP server...

cpython: POP3 command injection in user-controlled commands

A flaw was found in the poplib module in the Python standard library. The poplib module does not reject control characters, such as newlines, in user-controlled input passed to POP3 commands. This issue allows an attacker to inject additional commands to be executed in the POP3 server...

cpython: email header injection due to unquoted newlines

A flaw was found in the email module in the Python standard library. When serializing an email message, the BytesGenerator class fails to properly quote newline characters for email headers. This issue is exploitable when the LiteralHeader class is used as it does not respect email folding rules,...

Moderate: Red Hat Security Advisory: python3.9 security update

An update for python3.9 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

RHSA-2026:4147 Red Hat Security Advisory: python-pyasn1 security update

Bulletin has no description...

RHSA-2026:4146 Red Hat Security Advisory: python-pyasn1 security update

Bulletin has no description...

RHSA-2026:4144 Red Hat Security Advisory: python-pyasn1 security update

Bulletin has no description...

RHSA-2026:4145 Red Hat Security Advisory: python-pyasn1 security update

Bulletin has no description...

RHSA-2026:4143 Red Hat Security Advisory: python-pyasn1 security update

Bulletin has no description...

RHSA-2026:4142 Red Hat Security Advisory: python-pyasn1 security update

Bulletin has no description...

RHSA-2026:4140 Red Hat Security Advisory: python-pyasn1 security update

Bulletin has no description...

RHSA-2026:4141 Red Hat Security Advisory: python-pyasn1 security update

Bulletin has no description...

RHSA-2026:4139 Red Hat Security Advisory: python-pyasn1 security update

Bulletin has no description...

RHSA-2026:4138 Red Hat Security Advisory: python-pyasn1 security update

Bulletin has no description...

CLSA-2026-1773136115 python3.9: Fix of CVE-2025-13837

CVE-2025-13837: fix a potential denial of service in plistlib GH-119343...

cpython: POP3 command injection in user-controlled commands

A flaw was found in the poplib module in the Python standard library. The poplib module does not reject control characters, such as newlines, in user-controlled input passed to POP3 commands. This issue allows an attacker to inject additional commands to be executed in the POP3 server...

cpython: IMAP command injection in user-controlled commands

A flaw was found in the imaplib module in the Python standard library. The imaplib module does not reject control characters, such as newlines, in user-controlled input passed to IMAP commands. This issue allows an attacker to inject additional commands to be executed in the IMAP server...

Moderate: Red Hat Security Advisory: python3.12 security update

An update for python3.12 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

cpython: email header injection due to unquoted newlines

A flaw was found in the email module in the Python standard library. When serializing an email message, the BytesGenerator class fails to properly quote newline characters for email headers. This issue is exploitable when the LiteralHeader class is used as it does not respect email folding rules,...

pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID

A flaw was found in pyasn1, a generic ASN.1 library for Python. A remote attacker could exploit this vulnerability by sending a specially crafted RELATIVE-OID with excessive continuation octets. This input validation vulnerability leads to memory exhaustion, resulting in a Denial of Service DoS f...