Ubuntu Security Notice 5200-1 - It was discovered that the urllib.request.AbstractBasicAuthHandler class in Python contains regex allowing for catastrophic backtracking. Specially crafted traffic from a malicious HTTP server could cause a regular expression denial of service condition for a client. It was discovered that the urllib.request.AbstractBasicAuthHandler class in Python contains regex with a quadratic worst-case time complexity. Specially crafted traffic from a malicious HTTP server could cause a regular expression denial of service condition for a client. Various other issues were also addressed.
729bc78597e4fd0f17e876cb9c891d709d4ad254691f0fa2f4c7241f79beb5f0Red Hat Security Advisory 2021-2021-01 - Red Hat OpenShift Serverless 1.10.2 is a generally available release of the OpenShift Serverless Operator. This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform version 4.5. Issues addressed include a code execution vulnerability.
cea1cf00dcdae1e8f10b304383784974afe87eafeed9543bfd8952847505e233Ubuntu Security Notice 4754-3 - USN-4754-1 fixed vulnerabilities in Python. This update provides the corresponding updates for Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. In the case of Python 2.7 for 20.04 ESM, these additional fixes are included: It was discovered that Python allowed remote attackers to cause a denial of service via a ZIP bomb. It was discovered that Python had potentially misleading information about whether sorting occurs. This fix updates the documentation about it. Various other issues were also addressed.
6c0e7ce6beab30b21a9bdb915fb21f53cfb96f785e275b6012bfe9f6b58e015fRed Hat Security Advisory 2020-4641-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a denial of service vulnerability.
a3b9d3f381fe93a0458a4aaa821edd82cf184a7630b5e018598aeb2ff91c6a48Red Hat Security Advisory 2020-4433-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include cross site scripting and denial of service vulnerabilities.
1498a4aee277b3c9fde3c1831259e295f4b1e16184d83007dc61a6c62171971fRed Hat Security Advisory 2020-4285-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include crlf injection, cross site scripting, denial of service, and traversal vulnerabilities.
d7804d0647bbe8e101a6c74b08111f835bcece37011ce1e469a79de6d0b913b3Red Hat Security Advisory 2020-3888-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include cross site scripting and denial of service vulnerabilities.
4306dcd09dbbdd82343c606706403a7f0e33fdb768d6f24fdb7a8f76ba053785Gentoo Linux Security Advisory 202005-9 - A vulnerability in Python could lead to a Denial of Service condition. Versions less than 2.7.18:2.7 are affected.
2d7f5b8342ce35b98f6e8586a81331d05e7437a9e67b4693d40ce2f035b09707Ubuntu Security Notice 4333-2 - USN-4333-1 fixed vulnerabilities in Python. This update provides the corresponding update for Ubuntu 20.04 LTS. It was discovered that Python incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection. Various other issues were also addressed.
43f942bcd646f04ea7e6073a9f666205b0118e80e549e71707f5d3e9c90b46e3Ubuntu Security Notice 4333-1 - It was discovered that Python incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection. It was discovered that Python incorrectly handled certain HTTP requests. An attacker could possibly use this issue to cause a denial of service.
1967c18bd3169d4327564565e9b7b0b2a4f936862d568280504cb0802ebca14f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed