43 matches found
CLSA-2026-1779213441 python3.11: Fix of 11 CVEs
CVE-2026-4224: avoid unbound C recursion in convcontentmodel in pyexpat - CVE-2026-3644: reject control characters in http.cookies.Morsel.update - CVE-2026-0672: reject control characters in http.cookies.Morsel - CVE-2025-8291: check consistency of zip64 end of central directory record -...
CLSA-2026-1778233301 python3.9: Fix of 7 CVEs
CVE-2025-1795: fix incorrect parsing of email addresses with special chars - CVE-2025-4516: fix use-after-free in unicode-escape decoder with non-strict error handler - CVE-2025-6069: fix quadratic complexity in HTMLParser special input - CVE-2025-8291: fix zip64 end-of-central-directory record...
CLSA-2026-1778129970 python3.11: Fix of 7 CVEs
CVE-2026-0672: reject control characters in http.cookies cookie names, values, and parameters to prevent header injection - CVE-2026-3644: reject control characters in Morsel.update, |= operator, and unpickling paths missed by CVE-2026-0672; add output validation to BaseCookie.jsoutput -...
CLSA-2026-1776330599 python3.9: Fix of 11 CVEs
CVE-2025-8291: fix zipfile ZIP64 EOCD Locator offset validation - CVE-2025-6069: fix quadratic complexity in HTMLParser - CVE-2025-4516: fix use-after-free in unicode-escape decoder with error handler - CVE-2026-2297: ensure SourcelessFileLoader uses io.opencode - CVE-2026-3479: reject invalid...
EulerOS Virtualization 2.10.1 : python3 (EulerOS-SA-2026-1141)
According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : There is a defect in the CPython 'tarfile' module affecting the 'TarFile' extraction and entry enumeration APIs. The tar...
EulerOS Virtualization 2.10.0 : python3 (EulerOS-SA-2026-1192)
According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : There is a defect in the CPython 'tarfile' module affecting the 'TarFile' extraction and entry enumeration APIs. The tar...
EulerOS 2.0 SP12 : python3 (EulerOS-SA-2026-1078)
According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to...
EulerOS 2.0 SP10 : python3 (EulerOS-SA-2026-1057)
According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : There is a defect in the CPython 'tarfile' module affecting the 'TarFile' extraction and entry enumeration APIs. The tar implementation would...
CLSA-2026-1767700458 python3: Fix of CVE-2025-4516
CVE-2025-4516: use-after-free in unicode-escape decoder with custom error handlers...
CLSA-2026-1767700070 python3: Fix of CVE-2025-4516
CVE-2025-4516: use-after-free in unicode-escape decoder with custom error handlers...
EulerOS Virtualization 2.13.0 : python3 (EulerOS-SA-2025-2614)
According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the...
cpython: python: CPython DecodeError Handling Vulnerability
A vulnerability has been identified in CPython's bytes.decode function when used with the "unicodeescape" encoding and the "ignore" or "replace" error handling modes. This flaw can result in the incorrect decoding of byte strings. While this may not directly lead to traditional security breaches...
EulerOS 2.0 SP13 : python3 (EulerOS-SA-2025-2508)
According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself ...
EulerOS 2.0 SP11 : python3 (EulerOS-SA-2025-2469)
According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself ...
EulerOS 2.0 SP11 : python3 (EulerOS-SA-2025-2488)
According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself ...
EulerOS 2.0 SP13 : python3 (EulerOS-SA-2025-2529)
According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself ...
EUVD-2025-15156
Malicious code in bioql PyPI...
OESA-2025-2306 python3 security update
Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...
OESA-2025-2290 python3 security update
Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...
OESA-2025-2289 python3 security update
Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...