Python 2.7.x < 2.7.17, 3.5.x < 3.5.8, 3.6.x < 3.6.9, 3.7.x < 3.7.4 Information Disclosure Vulnerability (bpo-36742) - Windows

Python is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...

Open Redirect in Flask-Security-Too

Impact Flask-Security allows redirects after many successful views e.g. /login by honoring the ?next query param. There is code in FS to validate that the url specified in the next parameter is either relative OR has the same netloc network location as the requesting URL. This check utilizes...

Virtuozzo 6 : python / python-devel / python-libs / python-test / etc (VZLSA-2019-1467)

An update for python is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Moderate: Red Hat Security Advisory: rh-python36-python security, bug fix, and enhancement update

An update for rh-python36-python is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: python security update

An update for python is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impac...

SUSE SLES12 Security Update : python3 (SUSE-SU-2019:2053-2)

This update for python3 fixes the following issues : CVE-2019-10160: Fixed a regression in urlparse and urlsplit introduced by the fix for CVE-2019-9636 bsc1138459. CVE-2018-14647: Fixed a denial of service vulnerability caused by a crafted XML document bsc1109847. CVE-2018-1000802: Fixed a comma...

OPENSUSE-SU-2019:1906-1 Security update for python

This update for python fixes the following issues: Security issue fixed: - CVE-2019-10160: Fixed a regression in urlparse and urlsplit introduced by the fix for CVE-2019-9636 bsc1138459. This update was imported from the SUSE:SLE-15:Update update project...

SUSE SLED12 / SLES12 Security Update : python3 (SUSE-SU-2019:2053-1)

This update for python3 fixes the following issues : CVE-2019-10160: Fixed a regression in urlparse and urlsplit introduced by the fix for CVE-2019-9636 bsc1138459. CVE-2018-14647: Fixed a denial of service vulnerability caused by a crafted XML document bsc1109847. CVE-2018-1000802: Fixed a comma...

ALBA-2019:1954 python27:2.7 bug fix update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Bug Fixes:...

python27:2.7 bug fix update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Bug Fixes:...

python3 bug fix update

An update is available for python3. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Bug Fixes: urlsplit doesn't accept a NFKD hostname with a port number BZ17147...

Important: Red Hat Security Advisory: python security update

An update for python is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

PT-2019-2858 · Python +6 · Python +6

Name of the Vulnerable Software and Affected Versions: Python affected versions not specified Description: The issue is related to errors in handling registration data in the urllib.parse.urlsplit and urllib.parse.urlparse functions of the Python programming language interpreter. Exploitation of...

Important: Red Hat Security Advisory: python27-python and python27-python-jinja2 security and bug fix update

An update for python27-python and python27-python-jinja2 is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Important: Red Hat Security Advisory: rh-python35-python security update

An update for rh-python35-python is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: rh-python36-python security update

An update for rh-python36-python is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

python: Information Disclosure due to urlsplit improper NFKC normalization

It was discovered that python's functions urllib.parse.urlsplit and urllib.parse.urlparse do not properly handle URLs encoded with Punycode/Internationalizing Domain Names in Applications IDNA, which may result in a wrong domain name specifically the netloc component of URL - user@domain:port bei...

Updated python packages fix security vulnerability

A vulnerability was found in Python 2.x through 2.7.16. An improper Handling of Unicode Encoding with an incorrect netloc during NFKC normalization could lead to an Information Disclosure credentials, cookies, etc. that are cached against a given hostname in the urllib.parse.urlsplit,...

Scientific Linux Security Update : python on SL7.x x86_64 (20190408)

Security Fixes : - python: Information Disclosure due to urlsplit improper NFKC normalization CVE-2019-9636 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid123917; scriptversion"1.4";...

RHEL 7 : python (RHSA-2019:0710)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0710 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...