SUSE SLED12 / SLES12 Security Update : python3 (SUSE-SU-2019:2053-1)

This update for python3 fixes the following issues : CVE-2019-10160: Fixed a regression in urlparse and urlsplit introduced by the fix for CVE-2019-9636 bsc1138459. CVE-2018-14647: Fixed a denial of service vulnerability caused by a crafted XML document bsc1109847. CVE-2018-1000802: Fixed a comma...

PT-2019-2858 · Python +6 · Python +6

Name of the Vulnerable Software and Affected Versions: Python affected versions not specified Description: The issue is related to errors in handling registration data in the urllib.parse.urlsplit and urllib.parse.urlparse functions of the Python programming language interpreter. Exploitation of...

Updated python packages fix security vulnerability

A vulnerability was found in Python 2.x through 2.7.16. An improper Handling of Unicode Encoding with an incorrect netloc during NFKC normalization could lead to an Information Disclosure credentials, cookies, etc. that are cached against a given hostname in the urllib.parse.urlsplit,...

Django two url jump vulnerability analysis: CVE-2017-7233&7234-vulnerability warning-the black bar safety net

! Django official News&Event in the 4 on 4, released a security update that fixes two URL jump loopholes, one is the urlparse pot, the other by long Dinh tech security researcher phithon report, are very beautiful. Because there are replicate Django vulnerability of habit, the evening pumping up...

Django is_safe_url() the URL to jump to the filter function of the Bypass（CVE-2017-7233）

Source: same thread safety Emergency Response Center Author: Nearg1e@YSRC Foreign security researcher roks0n provided to the Django official of a vulnerability. On issafeurl function Django comes with a function: django. utils. http. issafeurlurl, host=None, allowedhosts=None, requirehttps=False...

Fedora 25 : curl (2016-89769648a0)

fix cookie injection for other servers CVE-2016-8615 - compare user/passwd case-sensitively while reusing connections CVE-2016-8616 - base64: check for integer overflow on large input CVE-2016-8617 - fix double-free in krb5 code CVE-2016-8619 - fix double-free in curlmaprintf CVE-2016-8618 - fix...

python security, bug fix, and enhancement update

2.6.6-51 - Fixed memory leak in ssl.getpeeraltnames Resolves: rhbz1002983 2.6.6-50 - Added fix for CVE-2013-4238 Resolves: rhbz998784 2.6.6-49 - Fix shebangs in several files in python-tools subpackage Resolves: rhbz521898 2.6.6-48 - Fix sqlite3.Cursor.lastrowid under a Turkish locale. Resolves:...

phpBB 2.0.15 - highlight PHP Remote Code Execution

phpBB 2.0.15 - highlight PHP Remote Code Execution tested and working /str0ke !/usr/bin/pyth0n this exploit for phpBB 2.0.15 print "\nphpBB 2.0.15 arbitrary command execution eXploit" emulates a shell, print " 2005 by [email protected]" rather than print " well, just because there is none."...