Ubuntu Security Notice 5200-1 - It was discovered that the urllib.request.AbstractBasicAuthHandler class in Python contains regex allowing for catastrophic backtracking. Specially crafted traffic from a malicious HTTP server could cause a regular expression denial of service condition for a client. It was discovered that the urllib.request.AbstractBasicAuthHandler class in Python contains regex with a quadratic worst-case time complexity. Specially crafted traffic from a malicious HTTP server could cause a regular expression denial of service condition for a client. Various other issues were also addressed.
729bc78597e4fd0f17e876cb9c891d709d4ad254691f0fa2f4c7241f79beb5f0
Red Hat Security Advisory 2021-2021-01 - Red Hat OpenShift Serverless 1.10.2 is a generally available release of the OpenShift Serverless Operator. This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform version 4.5. Issues addressed include a code execution vulnerability.
cea1cf00dcdae1e8f10b304383784974afe87eafeed9543bfd8952847505e233
Ubuntu Security Notice 4754-3 - USN-4754-1 fixed vulnerabilities in Python. This update provides the corresponding updates for Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. In the case of Python 2.7 for 20.04 ESM, these additional fixes are included: It was discovered that Python allowed remote attackers to cause a denial of service via a ZIP bomb. It was discovered that Python had potentially misleading information about whether sorting occurs. This fix updates the documentation about it. Various other issues were also addressed.
6c0e7ce6beab30b21a9bdb915fb21f53cfb96f785e275b6012bfe9f6b58e015f
Red Hat Security Advisory 2020-4641-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a denial of service vulnerability.
a3b9d3f381fe93a0458a4aaa821edd82cf184a7630b5e018598aeb2ff91c6a48
Red Hat Security Advisory 2020-4433-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include cross site scripting and denial of service vulnerabilities.
1498a4aee277b3c9fde3c1831259e295f4b1e16184d83007dc61a6c62171971f
Red Hat Security Advisory 2020-4285-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include crlf injection, cross site scripting, denial of service, and traversal vulnerabilities.
d7804d0647bbe8e101a6c74b08111f835bcece37011ce1e469a79de6d0b913b3
Red Hat Security Advisory 2020-3888-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include cross site scripting and denial of service vulnerabilities.
4306dcd09dbbdd82343c606706403a7f0e33fdb768d6f24fdb7a8f76ba053785
Gentoo Linux Security Advisory 202005-9 - A vulnerability in Python could lead to a Denial of Service condition. Versions less than 2.7.18:2.7 are affected.
2d7f5b8342ce35b98f6e8586a81331d05e7437a9e67b4693d40ce2f035b09707
Ubuntu Security Notice 4333-2 - USN-4333-1 fixed vulnerabilities in Python. This update provides the corresponding update for Ubuntu 20.04 LTS. It was discovered that Python incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection. Various other issues were also addressed.
43f942bcd646f04ea7e6073a9f666205b0118e80e549e71707f5d3e9c90b46e3
Ubuntu Security Notice 4333-1 - It was discovered that Python incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection. It was discovered that Python incorrectly handled certain HTTP requests. An attacker could possibly use this issue to cause a denial of service.
1967c18bd3169d4327564565e9b7b0b2a4f936862d568280504cb0802ebca14f