PYSEC-2019-20

verification.py in django-rest-registration aka Django REST Registration library before 0.5.0 relies on a static string for signatures i.e., the Django Signing API is misused, which allows remote attackers to spoof the verification process. This occurs because incorrect code refactoring led to...

PYSEC-2019-10

An issue was discovered in Django 1.11 before 1.11.22, 2.1 before 2.1.10, and 2.2 before 2.2.3. An HTTP request is not redirected to HTTPS when the SECUREPROXYSSLHEADER and SECURESSLREDIRECT settings are used, and the proxy connects to Django via HTTPS. In other words,...

PYSEC-2019-257

http.c in Exiv2 through 0.27.1 allows a malicious http server to cause a denial of service crash due to a NULL pointer dereference by returning a crafted response that lacks a space character...

PYSEC-2019-103

KeyIdentity LinOTP before 2.10.5.3 has Incorrect Access Control issue 1 of 2...

PYSEC-2019-129

In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verify certificates when used with TLS, allowing an attacker to MITM connections...

PYSEC-2019-128

In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF...

PYSEC-2019-163

aubio v0.4.0 to v0.4.8 has a NULL pointer dereference in newaubiofilterbank via invalid nfilters...

PYSEC-2019-164

aubio v0.4.0 to v0.4.8 has a newaubioonset NULL pointer dereference...

PYSEC-2019-162

aubio v0.4.0 to v0.4.8 has a Buffer Overflow in newaubiotempo...

PYSEC-2019-109

DISPUTED A deserialization vulnerability exists in the way parso through 0.4.0 handles grammar parsing from the cache. Cache loading relies on pickle and, provided that an evil pickle can be written to a cache grammar file and that its parsing can be triggered, this flaw leads to Arbitrary Code...

PYSEC-2019-199

A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDGCONFIGDIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in...

PYSEC-2019-194

An access-control flaw was found in the Octavia service when the cloud platform was deployed using Red Hat OpenStack Platform Director. An attacker could cause new amphorae to run based on any arbitrary image. This meant that a remote attacker could upload a new amphorae image and, if requested t...

PYSEC-2019-79

An issue was discovered in Django 1.11 before 1.11.21, 2.1 before 2.1.9, and 2.2 before 2.2.2. The clickable Current URL value displayed by the AdminURLFieldWidget displays the provided value without validating it as a safe URL. Thus, an unvalidated value stored in the database, or a value provid...

PYSEC-2019-256

In libwebp 0.5.1, there is a double free bug in libwebpmux...

PYSEC-2019-6

Buildbot before 1.8.2 and 2.x before 2.3.1 accepts a user-submitted authorization token from OAuth and uses it to authenticate a user. If an attacker has a token allowing them to read the user details of a victim, they can login as the victim...

PYSEC-2019-242

Capstone 3.0.4 has an out-of-bounds vulnerability SEGV caused by a read memory access in X86insnregintel in arch/X86/X86Mapping.c...

PYSEC-2019-185

An issue was discovered in Matrix Sydent before 1.0.3 and Synapse before 0.99.3.1. Random number generation is mishandled, which makes it easier for attackers to predict a Sydent authentication token or a Synapse random ID...

PYSEC-2019-223

Google TensorFlow 1.7.x and earlier is affected by a Buffer Overflow vulnerability. The type of exploitation is context-dependent...

PYSEC-2019-205

Google TensorFlow 1.7.x and earlier is affected by a Buffer Overflow vulnerability. The type of exploitation is context-dependent...

PYSEC-2019-230

Google TensorFlow 1.7.x and earlier is affected by a Buffer Overflow vulnerability. The type of exploitation is context-dependent...

PYSEC-2019-232

Memcpy parameter overlap in Google Snappy library 1.1.4, as used in Google TensorFlow before 1.7.1, could result in a crash or read from other parts of process memory...

PYSEC-2019-204

Invalid memory access and/or a heap buffer overflow in the TensorFlow XLA compiler in Google TensorFlow before 1.7.1 could cause a crash or read from other parts of process memory via a crafted configuration file...

PYSEC-2019-229

Invalid memory access and/or a heap buffer overflow in the TensorFlow XLA compiler in Google TensorFlow before 1.7.1 could cause a crash or read from other parts of process memory via a crafted configuration file...

PYSEC-2019-225

Memcpy parameter overlap in Google Snappy library 1.1.4, as used in Google TensorFlow before 1.7.1, could result in a crash or read from other parts of process memory...

PYSEC-2019-207

Memcpy parameter overlap in Google Snappy library 1.1.4, as used in Google TensorFlow before 1.7.1, could result in a crash or read from other parts of process memory...

PYSEC-2019-235

NULL pointer dereference in Google TensorFlow before 1.12.2 could cause a denial of service via an invalid GIF file...

PYSEC-2019-228

NULL pointer dereference in Google TensorFlow before 1.12.2 could cause a denial of service via an invalid GIF file...

PYSEC-2019-210

NULL pointer dereference in Google TensorFlow before 1.12.2 could cause a denial of service via an invalid GIF file...

PYSEC-2019-222

Invalid memory access and/or a heap buffer overflow in the TensorFlow XLA compiler in Google TensorFlow before 1.7.1 could cause a crash or read from other parts of process memory via a crafted configuration file...

PYSEC-2019-206

Google TensorFlow 1.6.x and earlier is affected by: Null Pointer Dereference. The type of exploitation is: context-dependent...

PYSEC-2019-231

Google TensorFlow 1.6.x and earlier is affected by: Null Pointer Dereference. The type of exploitation is: context-dependent...

PYSEC-2019-224

Google TensorFlow 1.6.x and earlier is affected by: Null Pointer Dereference. The type of exploitation is: context-dependent...

PYSEC-2019-208

Google TensorFlow 1.7 and below is affected by: Buffer Overflow. The impact is: execute arbitrary code local...

PYSEC-2019-226

Google TensorFlow 1.7 and below is affected by: Buffer Overflow. The impact is: execute arbitrary code local...

PYSEC-2019-233

Google TensorFlow 1.7 and below is affected by: Buffer Overflow. The impact is: execute arbitrary code local...

PYSEC-2019-188

A flaw was found in Mercurial before 4.9. It was possible to use symlinks and subrepositories to defeat Mercurial's path-checking logic and write files outside a repository...

PYSEC-2019-155

python-dbusmock before version 0.15.1 AddTemplate D-Bus method call or DBusTestCase.spawnservertemplate method could be tricked into executing malicious code if an attacker supplies a .pyc file...

PYSEC-2019-133

The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome. This is related to use o...

PYSEC-2019-198

OneLogin PythonSAML 2.3.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authenticatio...

PYSEC-2019-132

In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter...

PYSEC-2019-215

A number of HTTP endpoints in the Airflow webserver both RBAC and classic did not have adequate protection and were vulnerable to cross-site request forgery attacks...

PYSEC-2019-214

A malicious admin user could edit the state of objects in the Airflow metadata database to execute arbitrary javascript on certain page views...

PYSEC-2019-220

In Pallets Jinja before 2.8.1, str.format allows a sandbox escape...

PYSEC-2019-217

In Pallets Jinja before 2.10.1, str.formatmap allows a sandbox escape...

PYSEC-2019-201

Roundup 1.6 allows XSS via the URI because frontends/roundup.cgi and roundup/cgi/wsgihandler.py mishandle 404 errors...

PYSEC-2019-189

An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By creating two security groups with separate/overlapping port ranges, an authenticated user may prevent Neutron from being able to configure networks on any compute nodes where those...

PYSEC-2019-127

In trytond/model/modelstorage.py in Tryton 4.2 before 4.2.21, 4.4 before 4.4.19, 4.6 before 4.6.14, 4.8 before 4.8.10, and 5.0 before 5.0.6, an authenticated user can order records based on a field for which he has no access right. This may allow the user to guess values...

PYSEC-2019-158

In Jupyter Notebook before 5.7.8, an open redirect can occur via an empty netloc. This issue exists because of an incomplete fix for CVE-2019-10255...

PYSEC-2019-107

nbla/logger.cpp in libnnabla.a in Sony Neural Network Libraries aka nnabla through v1.0.14 relies on the HOME environment variable, which might be untrusted...

PYSEC-2019-165

The Serialize.deserialize method in CoAPthon 3.1, 4.0.0, 4.0.1, and 4.0.2 mishandles certain exceptions, leading to a denial of service in applications that use this library e.g., the standard CoAP server, CoAP client, CoAP reverse proxy, example collect CoAP server and client when they receive...