Количество 63
Количество 63
ROS-20240905-02
Уязвимость python3
RLSA-2024:6146
Moderate: python3.12 security update
GHSA-87qc-q3w7-7m8w
There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized.
ELSA-2024-6179
ELSA-2024-6179: python3.11 security update (MODERATE)
ELSA-2024-6163
ELSA-2024-6163: python3.9 security update (MODERATE)
ELSA-2024-6146
ELSA-2024-6146: python3.12 security update (MODERATE)
BDU:2025-12325
Уязвимость модуля email интерпретатора языка программирования Python, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
SUSE-SU-2024:3302-1
Security update for python3
SUSE-SU-2024:3293-1
Security update for python36
SUSE-SU-2024:3076-1
Security update for python39
CVE-2024-8088
There is a HIGH severity vulnerability affecting the CPython "zipfile" module affecting "zipfile.Path". Note that the more common API "zipfile.ZipFile" class is unaffected. When iterating over names of entries in a zip archive (for example, methods of "zipfile.Path" like "namelist()", "iterdir()", etc) the process can be put into an infinite loop with a maliciously crafted zip archive. This defect applies when reading only metadata or extracting the contents of the zip archive. Programs that are not handling user-controlled zip archives are not affected.
CVE-2024-8088
There is a HIGH severity vulnerability affecting the CPython "zipfile" module affecting "zipfile.Path". Note that the more common API "zipfile.ZipFile" class is unaffected. When iterating over names of entries in a zip archive (for example, methods of "zipfile.Path" like "namelist()", "iterdir()", etc) the process can be put into an infinite loop with a maliciously crafted zip archive. This defect applies when reading only metadata or extracting the contents of the zip archive. Programs that are not handling user-controlled zip archives are not affected.
CVE-2024-8088
There is a HIGH severity vulnerability affecting the CPython "zipfile" module affecting "zipfile.Path". Note that the more common API "zipfile.ZipFile" class is unaffected. When iterating over names of entries in a zip archive (for example, methods of "zipfile.Path" like "namelist()", "iterdir()", etc) the process can be put into an infinite loop with a maliciously crafted zip archive. This defect applies when reading only metadata or extracting the contents of the zip archive. Programs that are not handling user-controlled zip archives are not affected.
CVE-2024-8088
CVE-2024-8088
There is a HIGH severity vulnerability affecting the CPython "zipfile" ...
CVE-2024-4032
The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the is_private and is_global properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and ipaddress.IPv6Network classes, where values wouldn’t be returned in accordance with the latest information from the IANA Special-Purpose Address Registries. CPython 3.12.4 and 3.13.0a6 contain updated information from these registries and thus have the intended behavior.
CVE-2024-4032
The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the is_private and is_global properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and ipaddress.IPv6Network classes, where values wouldn’t be returned in accordance with the latest information from the IANA Special-Purpose Address Registries. CPython 3.12.4 and 3.13.0a6 contain updated information from these registries and thus have the intended behavior.
CVE-2024-4032
The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the is_private and is_global properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and ipaddress.IPv6Network classes, where values wouldn’t be returned in accordance with the latest information from the IANA Special-Purpose Address Registries. CPython 3.12.4 and 3.13.0a6 contain updated information from these registries and thus have the intended behavior.
CVE-2024-4032
CVE-2024-4032
The \u201cipaddress\u201d module contained incorrect information about ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | ROS-20240905-02 Уязвимость python3 | CVSS3: 5.5 | 0% Низкий | около 1 года назад |
 | RLSA-2024:6146 Moderate: python3.12 security update | 0% Низкий | около 1 года назад | |
| GHSA-87qc-q3w7-7m8w There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized. | CVSS3: 5.5 | 0% Низкий | больше 1 года назад |
| ELSA-2024-6179 ELSA-2024-6179: python3.11 security update (MODERATE) | около 1 года назад | ||
| ELSA-2024-6163 ELSA-2024-6163: python3.9 security update (MODERATE) | около 1 года назад | ||
| ELSA-2024-6146 ELSA-2024-6146: python3.12 security update (MODERATE) | около 1 года назад | ||
 | BDU:2025-12325 Уязвимость модуля email интерпретатора языка программирования Python, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании | CVSS3: 5.5 | 0% Низкий | больше 1 года назад |
 | SUSE-SU-2024:3302-1 Security update for python3 | около 1 года назад | ||
| SUSE-SU-2024:3293-1 Security update for python36 | около 1 года назад | ||
| SUSE-SU-2024:3076-1 Security update for python39 | около 1 года назад | ||
 | CVE-2024-8088 There is a HIGH severity vulnerability affecting the CPython "zipfile" module affecting "zipfile.Path". Note that the more common API "zipfile.ZipFile" class is unaffected. When iterating over names of entries in a zip archive (for example, methods of "zipfile.Path" like "namelist()", "iterdir()", etc) the process can be put into an infinite loop with a maliciously crafted zip archive. This defect applies when reading only metadata or extracting the contents of the zip archive. Programs that are not handling user-controlled zip archives are not affected. | 0% Низкий | около 1 года назад | |
 | CVE-2024-8088 There is a HIGH severity vulnerability affecting the CPython "zipfile" module affecting "zipfile.Path". Note that the more common API "zipfile.ZipFile" class is unaffected. When iterating over names of entries in a zip archive (for example, methods of "zipfile.Path" like "namelist()", "iterdir()", etc) the process can be put into an infinite loop with a maliciously crafted zip archive. This defect applies when reading only metadata or extracting the contents of the zip archive. Programs that are not handling user-controlled zip archives are not affected. | CVSS3: 5.3 | 0% Низкий | около 1 года назад |
 | CVE-2024-8088 There is a HIGH severity vulnerability affecting the CPython "zipfile" module affecting "zipfile.Path". Note that the more common API "zipfile.ZipFile" class is unaffected. When iterating over names of entries in a zip archive (for example, methods of "zipfile.Path" like "namelist()", "iterdir()", etc) the process can be put into an infinite loop with a maliciously crafted zip archive. This defect applies when reading only metadata or extracting the contents of the zip archive. Programs that are not handling user-controlled zip archives are not affected. | 0% Низкий | около 1 года назад | |
 | 0% Низкий | около 1 года назад | ||
| CVE-2024-8088 There is a HIGH severity vulnerability affecting the CPython "zipfile" ... | 0% Низкий | около 1 года назад | |
| CVE-2024-4032 The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the is_private and is_global properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and ipaddress.IPv6Network classes, where values wouldn’t be returned in accordance with the latest information from the IANA Special-Purpose Address Registries. CPython 3.12.4 and 3.13.0a6 contain updated information from these registries and thus have the intended behavior. | CVSS3: 7.5 | 1% Низкий | больше 1 года назад |
| CVE-2024-4032 The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the is_private and is_global properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and ipaddress.IPv6Network classes, where values wouldn’t be returned in accordance with the latest information from the IANA Special-Purpose Address Registries. CPython 3.12.4 and 3.13.0a6 contain updated information from these registries and thus have the intended behavior. | CVSS3: 3.7 | 1% Низкий | больше 1 года назад |
| CVE-2024-4032 The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the is_private and is_global properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and ipaddress.IPv6Network classes, where values wouldn’t be returned in accordance with the latest information from the IANA Special-Purpose Address Registries. CPython 3.12.4 and 3.13.0a6 contain updated information from these registries and thus have the intended behavior. | CVSS3: 7.5 | 1% Низкий | больше 1 года назад |
| CVSS3: 7.5 | 1% Низкий | 8 месяцев назад | |
| CVE-2024-4032 The \u201cipaddress\u201d module contained incorrect information about ... | CVSS3: 7.5 | 1% Низкий | больше 1 года назад |
Уязвимостей на страницу