Количество 887
Количество 887
BDU:2022-05830
Уязвимость компонента urllib интерпретатора языка программирования Python, позволяющая нарушителю вызвать отказ в обслуживании
SUSE-SU-2023:2639-1
Security update for python
SUSE-SU-2023:0868-1
Security update for python3
SUSE-SU-2023:0736-1
Security update for python3
SUSE-SU-2023:0662-1
Security update for python36
SUSE-SU-2021:14198-1
Security update for python
SUSE-RU-2020:1342-1
Recommended update for python3
RLSA-2023:3595
Important: python3.9 security update
RLSA-2023:3594
Important: python3.11 security update
RLSA-2023:3591
Important: python3 security update
RLSA-2023:3585
Important: python3.11 security update
GHSA-r32r-rqw2-wv5m
An issue in the urllib.parse component of Python before v3.11 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.
GHSA-8mcc-mjj5-h77m
An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340; however, this CVE applies to Python more generally.
GHSA-6w45-gwrj-v625
Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716.
CVE-2023-24329
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.
CVE-2023-24329
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.
CVE-2023-24329
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.
CVE-2023-24329
An issue in the urllib.parse component of Python before 3.11.4 allows ...
CVE-2019-16056
An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340; however, this CVE applies to Python more generally.
CVE-2019-16056
An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340; however, this CVE applies to Python more generally.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2022-05830 Уязвимость компонента urllib интерпретатора языка программирования Python, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 7.5 | 0% Низкий | больше 4 лет назад |
 | SUSE-SU-2023:2639-1 Security update for python | 1% Низкий | больше 2 лет назад | |
| SUSE-SU-2023:0868-1 Security update for python3 | 1% Низкий | больше 2 лет назад | |
| SUSE-SU-2023:0736-1 Security update for python3 | 1% Низкий | больше 2 лет назад | |
| SUSE-SU-2023:0662-1 Security update for python36 | 1% Низкий | больше 2 лет назад | |
| SUSE-SU-2021:14198-1 Security update for python | 1% Низкий | почти 5 лет назад | |
| SUSE-RU-2020:1342-1 Recommended update for python3 | 1% Низкий | больше 5 лет назад | |
 | RLSA-2023:3595 Important: python3.9 security update | 1% Низкий | около 2 лет назад | |
| RLSA-2023:3594 Important: python3.11 security update | 1% Низкий | около 2 лет назад | |
| RLSA-2023:3591 Important: python3 security update | 1% Низкий | больше 2 лет назад | |
| RLSA-2023:3585 Important: python3.11 security update | 1% Низкий | около 2 лет назад | |
| GHSA-r32r-rqw2-wv5m An issue in the urllib.parse component of Python before v3.11 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. | CVSS3: 7.5 | 1% Низкий | больше 2 лет назад |
| GHSA-8mcc-mjj5-h77m An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340; however, this CVE applies to Python more generally. | CVSS3: 7.5 | 1% Низкий | больше 3 лет назад |
| GHSA-6w45-gwrj-v625 Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716. | 0% Низкий | больше 3 лет назад | |
 | CVE-2023-24329 An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. | CVSS3: 7.5 | 1% Низкий | больше 2 лет назад |
 | CVE-2023-24329 An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. | CVSS3: 7.5 | 1% Низкий | больше 2 лет назад |
 | CVE-2023-24329 An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. | CVSS3: 7.5 | 1% Низкий | больше 2 лет назад |
| CVE-2023-24329 An issue in the urllib.parse component of Python before 3.11.4 allows ... | CVSS3: 7.5 | 1% Низкий | больше 2 лет назад |
| CVE-2019-16056 An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340; however, this CVE applies to Python more generally. | CVSS3: 7.5 | 1% Низкий | около 6 лет назад |
| CVE-2019-16056 An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340; however, this CVE applies to Python more generally. | CVSS3: 7.3 | 1% Низкий | больше 7 лет назад |
Уязвимостей на страницу