99 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-0391
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator URL strings into components. The issue...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python311 (SUSE-SU-2025:0551-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:0551-1 advisory. - CVE-2025-0938: domain names containing square brackets are not identified as incorrect by urlparse...
Security update for python3
This update for python3 fixes the following issues: CVE-2025-0938: domain names containing square brackets are not identified as incorrect by urlparse. bsc1236705 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Security update for python
This update for python fixes the following issues: CVE-2025-0938: functions urllib.parse.urlsplit and urlparse accept domain names including square brackets bsc1236705. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
SUSE-SU-2025:0552-1 Security update for python3
This update for python3 fixes the following issues: - CVE-2025-0938: domain names containing square brackets are not identified as incorrect by urlparse. bsc1236705...
SUSE-SU-2025:0551-1 Security update for python311
This update for python311 fixes the following issues: - CVE-2025-0938: domain names containing square brackets are not identified as incorrect by urlparse. bsc1236705 Other fixes: - Update to version 3.11.11. - Remove -IVendor/ from python-config. bsc1231795...
Security update for python
This update for python fixes the following issues: CVE-2025-0938: functions urllib.parse.urlsplit and urlparse accept domain names including square brackets bsc1236705. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for python3
This update for python3 fixes the following issues: CVE-2025-0938: domain names containing square brackets are not identified as incorrect by urlparse. bsc1236705 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
SUSE SLES15 Security Update : python311 (SUSE-SU-2025:0419-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:0419-1 advisory. - CVE-2025-0938: domain names containing square brackets are not identified as incorrect by urlparse. bsc1236705 Tenable has extracted the...
Security update for python36
This update for python36 fixes the following issues: CVE-2025-0938: domain names containing square brackets are not identified as incorrect by urlparse. bsc1236705 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch...
Security update for python311
This update for python311 fixes the following issues: CVE-2025-0938: domain names containing square brackets are not identified as incorrect by urlparse. bsc1236705 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
SUSE-SU-2025:0419-1 Security update for python311
This update for python311 fixes the following issues: - CVE-2025-0938: domain names containing square brackets are not identified as incorrect by urlparse. bsc1236705...
Security update for python310
This update for python310 fixes the following issues: CVE-2025-0938: domain names containing square brackets are not identified as incorrect by urlparse. bsc1236705 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
Security update for python39
This update for python39 fixes the following issues: CVE-2025-0938: domain names containing square brackets are not identified as incorrect by urlparse. bsc1236705 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch...
SUSE-SU-2025:0386-1 Security update for python39
This update for python39 fixes the following issues: - CVE-2025-0938: domain names containing square brackets are not identified as incorrect by urlparse. bsc1236705...
SUSE CVE-2025-0938
The Python standard library functions urllib.parse.urlsplit and urlparse accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could result in...
OESA-2025-1028 python3 security update
Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...
OESA-2025-1027 python3 security update
Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...
BIT-PYTHON-2024-11168 Improper validation of IPv6 and IPvFuture addresses
The urllib.parse.urlsplit and urlparse functions improperly validated bracketed hosts , allowing hosts that weren't IPv6 or IPvFuture. This behavior was not conformant to RFC 3986 and potentially enabled SSRF if a URL is processed by more than one URL parser...
python: Improper validation of IPv6 and IPvFuture addresses
A flaw was found in Python. The urllib.parse.urlsplit and urlparse functions improperly validated bracketed hosts , allowing hosts that weren't IPv6 or IPvFuture compliant. This behavior was not conformant to RFC 3986 and was potentially vulnerable to server-side request forgery SSRF if a URL is...