43 matches found
CVE-2024-56524
Radware Cloud Web Application Firewall WAF before 2025-05-07 allows remote attackers to bypass firewall filters by adding a special character to the request...
BIT-PYTHON-MIN-2023-27043
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is...
Amazon Linux 2 : python3 (ALAS-2024-2687)
The version of python3 installed on the remote host is prior to 3.7.16-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2687 advisory. The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion ...
BIT-PYTHON-2023-27043
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is...
CVE-2024-45833 Mobile password gets saved in dictionary under conditions
Mattermost Mobile Apps versions =2.18.0 fail to disable autocomplete during login while typing the password and visible password is selected, which allows the password to get saved in the dictionary when the user has Swiftkey as the default keyboard, the masking is off and the password contains a...
CVE-2024-45833
Mattermost Mobile Apps <= 2.18.0 exposes passwords: the login autocomplete is not disabled when the password is typed and the visible password is selected, allowing the password to be saved in SwiftKey’s dictionary when a special character is used and masking is off. Affected: Mattermost Mobil...
CVE-2024-29737
CVE-2024-29737 concerns a command-injection flaw in Apache StreamPark (Project module). The vulnerability arises from lax validation of build parameters in the Maven integration, allowing an authenticated user with system-level permissions to inject commands via the Build Argument (demonstrated b...
Fedora 40 : python3.11 (2023-3c8c06b6bb)
The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-3c8c06b6bb advisory. Automatic update for python3.11-3.11.7-2.fc40. Changelog Mon Dec 18 2023 Lumr Balhar - 3.11.7-2 - Security fix for CVE-2023-27043 rhbz2196188 Tenable has...
Fedora 40 : python3.8 (2023-c69d73674a)
The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-c69d73674a advisory. Automatic update for python3.8-3.8.18-3.fc40. Changelog Mon Dec 18 2023 Lumr Balhar - 3.8.18-3 - Security fix for CVE-2023-27043 rhbz2196193 Tenable has...
Fedora 40 : python3.10 (2023-254c1f3b69)
The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-254c1f3b69 advisory. Automatic update for python3.10-3.10.13-2.fc40. Changelog Mon Dec 18 2023 Lumr Balhar - 3.10.13-2 - Security fix for CVE-2023-27043 rhbz2196187 Tenable has...
Fedora 38 : mingw-python3 (2024-94e0390e4e)
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-94e0390e4e advisory. Update to python3.11.8, backport fix for CVE-2023-27043. Tenable has extracted the preceding description block directly from the Fedora security advisory. No...
SUSE SLES15 / openSUSE 15 Security Update : python310 (SUSE-SU-2024:0595-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0595-1 advisory. - The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python3 (SUSE-SU-2024:0581-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0581-1 advisory. - The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special...
Oracle Linux 9 : python3.9 (ELSA-2024-0466)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0466 advisory. 3.9.18-1.1 - Security fix for CVE-2023-27043 Resolves: RHEL-20613 Tenable has extracted the preceding description block directly from the Oracle Linux security...
AlmaLinux 8 : python3 (ALSA-2024:0256)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:0256 advisory. - The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is...
CentOS 8 : python3 (CESA-2024:0256)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2024:0256 advisory. - The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is...
RHEL 8 : python3 (RHSA-2024:0256)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0256 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...
Fedora 38 : python2.7 (2024-3ab90a5b01)
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-3ab90a5b01 advisory. Security fix for CVE-2023-27043 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
Fedora 38 : python3.7 (2023-7d223ee343)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-7d223ee343 advisory. Security fix for CVE-2023-27043 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...
Fedora 39 : python3.10 (2023-c61a7d5227)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-c61a7d5227 advisory. Security fix for CVE-2023-27043. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...