195 matches found
AZL-57675 CVE-2025-1795 affecting package python3 for versions less than 3.9.19-13
During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted...
CVE-2025-1795
During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted...
CVE-2025-1795
During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted...
DEBIAN-CVE-2025-1795
During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted...
CVE-2025-1795 Mishandling of comma during folding and unicode-encoding of email headers
During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted...
CVE-2025-1795 Mishandling of comma during folding and unicode-encoding of email headers
During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted...
CVE-2025-1795
The CVE-2025-1795 issue is a real vulnerability affecting the Python ecosystem (notably the email module) where, during address list folding, a separating comma on a folded line could be Unicode-encoded along with the line, causing the comma to lose its intended meaning and potentially misinterpr...
PSF-2025-3
During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted...
CPython 安全漏洞
CPython is a Python interpreter implemented in C from the Python Foundation. A security vulnerability exists in CPython that stems from commas being Unicode-encoded when collapsing address lists, which could cause mail servers to misinterpret address headers...
PT-2025-9128
Name of the Vulnerable Software and Affected Versions Python versions prior to 3.13.2 Python versions prior to 3.12.9 Python versions prior to 3.11.12 python3.9 affected versions not specified Description The issue relates to incorrect handling of commas during address list folding and Unicode...
PT-2025-23103 · Git +1 · Espeak-Ng
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: The software suffers from a stack-buffer-overflow read issue. The crash state involves utf8 in2, MatchRule, and TranslateRules. Recommendations: At the moment...
CVE-2022-25987
Improper handling of Unicode encoding in source code to be compiled by the IntelR C++ Compiler Classic before version 2021.6 for IntelR oneAPI Toolkits before version 2022.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access...
Artifex Ghostscript 安全漏洞
Artifex Ghostscript is a free software package from Artifex, Inc. based on Adobe, PostScript, and the Portable Document Format page description language. A security vulnerability exists in Artifex Ghostscript prior to version 10.04.0, which stems from a directory traversal vulnerability due to lo...
PT-2024-40609 · Poco · Poco
Name of the Vulnerable Software and Affected Versions: Poco affected versions not specified Description: The issue is related to a crash caused by an unknown read. Technical details about the crash include the involvement of Poco::UTF16Encoding::queryConvert, Poco::TextConverter::convert, and...
Improper Handling of Unicode Encoding
Overview Affected versions of this package are vulnerable to Improper Handling of Unicode Encoding via the command line argument processing. An attacker can manipulate command line inputs to inject unintended arguments or traverse directories by providing malicious filenames containing Unicode...
PT-2024-40829 · Unknown · Checkstyle
Name of the Vulnerable Software and Affected Versions: Checkstyle affected versions not specified Description: A security exception occurs in the JavaLanguageParser.expr function, potentially related to encoding issues in the UTF 8.updatePositions and UTF 8$Encoder.encodeArrayLoop functions...
USN-6891-1: Python vulnerabilities
It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. CVE-2015-20107 It was discovered that Python incorrectly used regular expressions vulnerable to...
DEBIAN-CVE-2023-52389
UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert and Poco::UTF32::queryConvert may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. This is fixed in...
Improper Unicode Encoding
github.com/ewen-lbh/ffcss is vulnerable to Improper Handling Of Unicode Encoding. The vulnerability arises due to the use of late Unicode normalization of type NFKD in the lookupPreprocess method. It is possible to bypass validation on this method by a specially crafted Unicode input...
PT-2023-35660 · Unknown · Checkstyle
Name of the Vulnerable Software and Affected Versions: Checkstyle affected versions not specified Description: A security exception occurs in the JavaLanguageParser.expr function, potentially related to encoding issues in the UTF 8.updatePositions and UTF 8$Encoder.encodeArrayLoop functions...