python-pyasn1 security update

0.4.8-7 - Resolves: RHEL-148154...

RHEL 9 : python-pyasn1 (RHSA-2026:3359)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3359 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

python311-Django4-4.2.28-1.1 on GA media (moderate)

python311-Django4-4.2.28-1.1 on GA media Announcement ID: openSUSE-SU-2026:10247-1 Rating: moderate Cross-References: CVE-2025-13473 CVE-2025-14550 CVE-2026-1207 CVE-2026-1285 CVE-2026-1287 CVE-2026-1312 CVSS scores: CVE-2025-13473 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N...

ALSA-2026:3359 Important: python-pyasn1 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

RLSA-2026:3094 Important: protobuf security update

The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can encode structured data in an efficient yet extensible format, and provide a flexible, efficient, and automated mechanism for serializing structured data. Security Fixes: python: protobuf:...

RLSA-2026:3095 Important: protobuf security update

The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can encode structured data in an efficient yet extensible format, and provide a flexible, efficient, and automated mechanism for serializing structured data. Security Fixes: python: protobuf:...

Exploit for CVE-2026-26198

versions 0.9.9 through 0.22.0, when performing Vulnerability...

python: protobuf: Protobuf: Denial of Service due to recursion depth bypass

A flaw was found in protobuf. A remote attacker can exploit this denial-of-service DoS vulnerability by supplying deeply nested google.protobuf.Any messages to the google.protobuf.jsonformat.ParseDict function. This bypasses the intended recursion depth limit, leading to the exhaustion of Python’...

Important: Red Hat Security Advisory: protobuf security update

An update for protobuf is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

Exploit for CVE-2025-30401

👻 GhostPort: WhatsApp Web Stager PoC 📌 Project Overview GhostP...

python: protobuf: Protobuf: Denial of Service due to recursion depth bypass

A flaw was found in protobuf. A remote attacker can exploit this denial-of-service DoS vulnerability by supplying deeply nested google.protobuf.Any messages to the google.protobuf.jsonformat.ParseDict function. This bypasses the intended recursion depth limit, leading to the exhaustion of Python’...

python: protobuf: Protobuf: Denial of Service due to recursion depth bypass

A flaw was found in protobuf. A remote attacker can exploit this denial-of-service DoS vulnerability by supplying deeply nested google.protobuf.Any messages to the google.protobuf.jsonformat.ParseDict function. This bypasses the intended recursion depth limit, leading to the exhaustion of Python’...

Important: Red Hat Security Advisory: protobuf security update

An update for protobuf is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

MAL-2026-1018 Malicious code in do-not-install-this-package-003 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3b7a8f2037bd4c28a5474af17179da0c12e37019623f5efa4d081d60758d4ac9 During installation, the package exfiltrates env variables and data from different process memory to a remote location --- Category: MALICIOUS - The campaign h...

SUSE-SU-2026:0613-1 Security update for python310

This update for python310 fixes the following issues: - CVE-2025-11468: header injection when folding a long comment in an email header containing exclusively unfoldable characters bsc1257029. - CVE-2026-0672: HTTP header injection via user-controlled cookie values and parameters when using...

SUSE-SU-2026:0612-1 Security update for python36

This update for python36 fixes the following issues: - CVE-2025-11468: header injection when folding a long comment in an email header containing exclusively unfoldable characters bsc1257029. - CVE-2026-0672: HTTP header injection via user-controlled cookie values and parameters when using...

acceldata-o2a (=1.0.0), aglow (>=0.1.0rc3 <=0.1.0rc4) +30 more potentially affected by CVE-2024-56373 via apache-airflow (>=2.0.0 <=2.11.0)

apache-airflow PYPI version =2.0.0, =0.1.0rc3, =0.1.0, =0.6.0, =0.0.1, =0.6.4, =1.0.0, =0.2.0, =2.10.3, =0.3.12, =1.8.0rc2, =4.3.0, =6.0.1 and more Source cves: CVE-2024-56373 Source advisory: SNYK:PYTHON-APACHEAIRFLOW-15339025...

CLSA-2026-1771931183 python2: Fix of CVE-2025-15367

CVE-2025-15367: reject control characters in POP3 commands to prevent command injection via embedded newlines...

CLSA-2026-1771930823 python2: Fix of CVE-2025-15367

CVE-2025-15367: reject control characters in POP3 commands to prevent command injection via embedded newlines...

MAL-2026-1004 Malicious code in request-httpx-9 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d8547656202b4eac0d914d466c2fe1d3bf17210c63af75ac2d8e020f5d0ef28c The package contains a Telegram bot running allowing for remote access. This functionality is disclosed in the readme, but the package name clearly indicates...