6 matches found
EUVD-2018-10453
Malware in sbrugna...
Amazon Linux 2023 : python3.12-pip, python3.12-pip-wheel (ALAS2023-2025-1096)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1096 advisory. urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, it is possible to disable redirects for all requests by instantiating a PoolManager and specifying retries in a way that disab...
EulerOS 2.0 SP13 : python3 (EulerOS-SA-2025-1323)
According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The urllib.parse.urlsplit and urlparse functions improperly validated bracketed hosts , allowing hosts that weren't IPv6 or IPvFuture. This...
CVE-2024-34581
The W3C XML Signature Syntax and Processing XMLDsig specification, starting with 1.0, was originally published with a "RetrievalMethod is a URI ... that may be used to obtain key and/or certificate information" statement and no accompanying information about SSRF risks, and this may have...
CVE-2024-34581
CVE-2024-34581 concerns the XML Signature Syntax and Processing (XMLDsig) RetrievalMethod usage, where SSRF risks may arise in implementations that process KeyInfo/RetrievalMethod data. The initial description notes that mitigations were added in XMLDsig 1.1 and 2.0 via a Best Practices document....
Fedora 32 : moodle (2021-50f63a0161)
The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-50f63a0161 advisory. - The ID number user profile field required additional sanitizing to prevent a stored XSS risk in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17...