Moderate: Red Hat Security Advisory: python3.12 security update

An update for python3.12 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service

A flaw was found in cpython. This vulnerability allows impacted availability via a quadratic algorithm in xml.dom.minidom methods, such as appendChild, when building excessively nested documents due to a dependency on clearidcache...

Security update for python-python-multipart

This update for python-python-multipart fixes the following issues: CVE-2026-24486: Fixed non-default configuration options can lead to path traversal bsc1257301. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

SUSE-SU-2026:0307-1 Security update for python-python-multipart

This update for python-python-multipart fixes the following issues: - CVE-2026-24486: Fixed non-default configuration options can lead to path traversal bsc1257301...

cpython: Excessive read buffering DoS in http.client

A flaw was found in the http.client module in the Python standard library. When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This issue allows a malicious server to cause the client to read large amounts of data into...

cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service

A flaw was found in cpython. This vulnerability allows impacted availability via a quadratic algorithm in xml.dom.minidom methods, such as appendChild, when building excessively nested documents due to a dependency on clearidcache...

Moderate: Red Hat Security Advisory: python3.11 security update

An update for python3.11 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

CVE-2026-24486

A flaw was found in Python-Multipart, a tool for parsing multipart form data in Python applications. This vulnerability, known as path traversal, allows a remote attacker to write uploaded files to any location on the server's file system. This exploitation occurs when specific non-default...

CLSA-2026-1769510460 python3: Fix of CVE-2025-12084

CVE-2025-12084: optimize clearidcache function for faster performance when building nested elements with xml.dom.minidom methods like appendChild...

CLSA-2026-1769510148 python3: Fix of CVE-2025-12084

CVE-2025-12084: prevent quadratic algorithm when building nested elements by optimizing clearidcache dependency...

CLSA-2026-1769509482 python3.9: Fix of CVE-2025-12084

CVE-2025-12084: fix denial-of-service by removing quadratic behavior in xml.dom.minidom node ID cache clearing when building deeply nested documents...

Exploit for CVE-2025-36911

WhisperPair Python CLI Fast Pair CVE-2025-36911 Exploit To...

CLSA-2026-1769508535 python2: Fix of CVE-2025-12084

CVE-2025-12084: fix quadratic algorithm in clearidcache method when building nested elements using xml.dom.minidom appendChild method...

urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion

A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain...

urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion

A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain...

Important: Red Hat Security Advisory: python-s3transfer security update

An update for python-s3transfer is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Malicious code in solhint-plugin-hyperlane (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5f1d66ba0771661e6786da7d4953af3fc1ff1e280d1c666abd1e69e481274747 Generic campaign for all likely research / pentests, where the amount or art of collected data raises questions about the privacy, security and ethical side. -...

urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion

A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain...

CVE-2015-5153 vulnerabilities

Vulnerabilities for packages: py3-pulp...

GHSA-9M5J-4XX9-44J9 vulnerabilities

Vulnerabilities for packages: py3-pulp...