35 matches found
Oracle Linux 9 : python3.9 (ELSA-2026-18693)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-18693 advisory. - Security fixes for CVE-2026-4786 and CVE-2026-6100 Resolves: RHEL-167919, RHEL-168161 - Security fix for CVE-2026-4519 Resolves: RHEL-158117 Tenable has...
ROOT-OS-DEBIAN-12-CVE-2026-4519 CVE-2026-4519 in rootio-python3.11 - Patched by Root
Root has patched CVE-2026-4519 in the rootio-python3.11 package for Root:Debian:12. Multiple fixed versions available...
python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API
A flaw was found in the Python webbrowser.open API. If a specially crafted URL containing "%action" is processed, an attacker could bypass a previous mitigation for CVE-2026-4519. This bypass allows for command injection into the underlying shell, potentially leading to arbitrary code execution...
python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API
A flaw was found in the Python webbrowser.open API. If a specially crafted URL containing "%action" is processed, an attacker could bypass a previous mitigation for CVE-2026-4519. This bypass allows for command injection into the underlying shell, potentially leading to arbitrary code execution...
python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API
A flaw was found in the Python webbrowser.open API. If a specially crafted URL containing "%action" is processed, an attacker could bypass a previous mitigation for CVE-2026-4519. This bypass allows for command injection into the underlying shell, potentially leading to arbitrary code execution...
python security update
2.6.6-68.0.6 - Fix CVE-2026-4519 Orabug: 39253111...
TencentOS Server 2: python3 (TSSA-2026:0282)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0282 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...
CLSA-2026-1778000974 python3: Fix of CVE-2026-4519
CVE-2026-4519: reject leading dashes in webbrowser URLs to prevent CLI option injection in pydoc/subprocess...
Oracle Linux 7 : python (ELSA-2026-9614)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-9614 advisory. 2.7.5-94.0.7 - Fix for CVE-2026-4519 Orabug: 39243798 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. No...
python security update
2.7.5-94.0.7 - Fix for CVE-2026-4519 Orabug: 39243798...
python3 security update
3.6.8-21.0.11 - Security update CVE-2026-4519 Orabug: 39246828...
CLSA-2026-1777456062 python3: Fix of CVE-2026-4519
CVE-2026-4519: reject leading dashes in webbrowser URLs...
Oracle Linux 9 : python3.12 (ELSA-2026-10745)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-10745 advisory. - Security fixes for CVE-2026-4786, CVE-2026-6100 Resolves: RHEL-168156, RHEL-167914 - Security fix for CVE-2026-4519 Resolves: RHEL-158051 Tenable ha...
Fedora 44 : mingw-python3 (2026-3d13d52f58)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-3d13d52f58 advisory. Update to python-3.11.15, backport fixes for CVE-2026-4519, CVE-2026-3644, CVE-2026-4224, CVE-2026-2297 ---- Update to python-3.11.15. Tenable has...
Oracle Linux 9 : python3.9 (ELSA-2026-10949)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-10949 advisory. - Security fixes for CVE-2026-4786 and CVE-2026-6100 Resolves: RHEL-168157, RHEL-167915 - Security fix for CVE-2026-4519 Resolves: RHEL-158052 Tenable...
Important: Red Hat Security Advisory: python3 security update
An update for python3 is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabili...
PSF-2026-17
Mitgation of CVE-2026-4519 was incomplete. If the URL contained "%action" the mitigation could be bypassed for certain browser types the "webbrowser.open" API could have commands injected into the underlying shell. See CVE-2026-4519 for details...
CPython 安全漏洞
CPython is a Python interpreter implemented in C language by the Python Foundation. CPython has a security vulnerability, which stems from incomplete mitigation measures for CVE-2026-4519, potentially leading to command injection attacks...
PT-2026-32545
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An incomplete mitigation allows for a bypass when a URL contains the string "%action". For certain browser types, this can lead to command injection into the...
python3.9 security update
3.9.25-3.0.1.el97.2 - Remove upstream URL reference 3.9.25-3.2 - Security fix for CVE-2026-4519 Resolves: RHEL-158052 3.9.25-3.1 - Security fixes for CVE-2026-0865, CVE-2025-15366, CVE-2025-15367 and CVE-2026-1299 Resolves: RHEL-143108 RHEL-143169 RHEL-144893...