Количество 51
Количество 51
ELSA-2023-3550
ELSA-2023-3550: python security update (IMPORTANT)
CVE-2022-0391
A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14.
CVE-2022-0391
A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14.
CVE-2022-0391
A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14.
CVE-2022-0391
CVE-2022-0391
A flaw was found in Python, specifically within the urllib.parse modul ...
CVE-2023-24329
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.
CVE-2023-24329
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.
CVE-2023-24329
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.
CVE-2023-24329
CVE-2023-24329
An issue in the urllib.parse component of Python before 3.11.4 allows ...
GHSA-75jm-2xrg-5wpf
A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14.
BDU:2022-02302
Уязвимость модуля urllib.parse интерпретатора языка программирования Python, позволяющая нарушителю внедрить произвольные данные в ответ сервера
SUSE-SU-2023:2639-1
Security update for python
SUSE-SU-2023:0868-1
Security update for python3
SUSE-SU-2023:0736-1
Security update for python3
SUSE-SU-2023:0662-1
Security update for python36
RLSA-2023:3595
Important: python3.9 security update
RLSA-2023:3594
Important: python3.11 security update
RLSA-2023:3591
Important: python3 security update
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| ELSA-2023-3550 ELSA-2023-3550: python security update (IMPORTANT) | почти 2 года назад | ||
 | CVE-2022-0391 A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14. | CVSS3: 7.5 | 1% Низкий | больше 3 лет назад |
 | CVE-2022-0391 A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14. | CVSS3: 5.3 | 1% Низкий | около 4 лет назад |
 | CVE-2022-0391 A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14. | CVSS3: 7.5 | 1% Низкий | больше 3 лет назад |
 | CVSS3: 7.5 | 1% Низкий | больше 3 лет назад | |
| CVE-2022-0391 A flaw was found in Python, specifically within the urllib.parse modul ... | CVSS3: 7.5 | 1% Низкий | больше 3 лет назад |
| CVE-2023-24329 An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. | CVSS3: 7.5 | 1% Низкий | больше 2 лет назад |
| CVE-2023-24329 An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. | CVSS3: 7.5 | 1% Низкий | больше 2 лет назад |
| CVE-2023-24329 An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. | CVSS3: 7.5 | 1% Низкий | больше 2 лет назад |
| CVSS3: 7.5 | 1% Низкий | больше 2 лет назад | |
| CVE-2023-24329 An issue in the urllib.parse component of Python before 3.11.4 allows ... | CVSS3: 7.5 | 1% Низкий | больше 2 лет назад |
| GHSA-75jm-2xrg-5wpf A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14. | 1% Низкий | больше 3 лет назад | |
 | BDU:2022-02302 Уязвимость модуля urllib.parse интерпретатора языка программирования Python, позволяющая нарушителю внедрить произвольные данные в ответ сервера | CVSS3: 7.5 | 1% Низкий | больше 3 лет назад |
 | SUSE-SU-2023:2639-1 Security update for python | 1% Низкий | почти 2 года назад | |
| SUSE-SU-2023:0868-1 Security update for python3 | 1% Низкий | около 2 лет назад | |
| SUSE-SU-2023:0736-1 Security update for python3 | 1% Низкий | больше 2 лет назад | |
| SUSE-SU-2023:0662-1 Security update for python36 | 1% Низкий | больше 2 лет назад | |
 | RLSA-2023:3595 Important: python3.9 security update | 1% Низкий | почти 2 года назад | |
| RLSA-2023:3594 Important: python3.11 security update | 1% Низкий | почти 2 года назад | |
| RLSA-2023:3591 Important: python3 security update | 1% Низкий | почти 2 года назад |
Уязвимостей на страницу