Red Hat Security Advisory 2023-6885-01 - An update for python is now available for Red Hat Enterprise Linux 7. Issues addressed include a bypass vulnerability.
73907e36e7bfd30d9c846ffc48be5d485f187642ae721c967bb4557a04f44a41Red Hat Security Advisory 2023-6793-01 - An update for rh-python38-python is now available for Red Hat Software Collections. Issues addressed include bypass, denial of service, and traversal vulnerabilities.
f0f08cb3f3c4209c1d7481c125ba32ca7c6e8c583f668e920f22fa6acdeb8b3bRed Hat Security Advisory 2023-6712-01 - An update for python-wheel is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
6f09d58e67c37a819156dc4d2138a76a7b961164caa0ae2b6e262dcaa2d2c14dRed Hat Security Advisory 2023-6694-01 - An update for python-pip is now available for Red Hat Enterprise Linux 9. Issues addressed include a traversal vulnerability.
304f36b2ae0d72cd1e434b7f8b3c90b47ff802cad909c070b8dc41b64b7b2b16Red Hat Security Advisory 2023-6615-01 - An update for python-cryptography is now available for Red Hat Enterprise Linux 9.
b838e09d860a9b353ad251a959176b6ab69b1300a1af329169931845236c1d27Red Hat Security Advisory 2023-6523-01 - An update for python-tornado is now available for Red Hat Enterprise Linux 9. Issues addressed include an open redirection vulnerability.
8609d5bfa92c8cd4ec4be435b40ea0824c2c07a35ab341a51cc56163dc8ea88aRed Hat Security Advisory 2023-6290-01 - An update for python is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Issues addressed include a bypass vulnerability.
cd2a326770e59111ee1a401f38207606c73e2d9e7b29ea7eb7e4ff7dcfcbc0b7Red Hat Security Advisory 2023-5969-01 - An update for collectd-libpod-stats, etcd, and python-octavia-tests-tempest is now available for Red Hat OpenStack Platform 17.1.1. Issues addressed include a denial of service vulnerability.
2a6846f7c835b7440e8384fb112271bd4be75879f8d6c3d8c2c64d6e912f0916Red Hat Security Advisory 2023-5790-01 - Python-reportlab is a library used for generation of PDF documents. Issues addressed include a code execution vulnerability.
2aba26472dc75efcb7e9b94efe64b337a5c0342b54d7355cae925209cd0b60d9Red Hat Security Advisory 2023-5789-01 - Python-reportlab is a library used for generation of PDF documents. Issues addressed include a code execution vulnerability.
753246f6be0009ce22f52d57d564e61fc96345dcf8fcb6a7b7cdccb99a41cb25Red Hat Security Advisory 2023-5788-01 - Python-reportlab is a library used for generation of PDF documents. Issues addressed include a code execution vulnerability.
cab516b2d9db442bef3789039f046f415ddabae334ee753525328ba8808f7ea3Red Hat Security Advisory 2023-5787-01 - Python-reportlab is a library used for generation of PDF documents. Issues addressed include a code execution vulnerability.
150cb2d97aa150d7600c698aa16d2861291855ee5cd3481d426131773eac6284Red Hat Security Advisory 2023-5786-01 - Python-reportlab is a library used for generation of PDF documents. Issues addressed include a code execution vulnerability.
0d5f0aa99be04ced55b2baea204c358506a55b7b9428fa5fba74940fa51837c8Ubuntu Security Notice 6394-2 - USN-6394-1 fixed a vulnerability in Python. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that Python incorrectly handled certain scripts. An attacker could possibly use this issue to execute arbitrary code or cause a crash.
d38a75206389008d3e1ad14a50564e60d915ccb7b901100a133baef1458072feApache Superset versions 2.0.0 and below utilize Flask with a known default secret key which is used to sign HTTP cookies. These cookies can therefore be forged. If a user is able to login to the site, they can decode the cookie, set their user_id to that of an administrator, and re-sign the cookie. This valid cookie can then be used to login as the targeted user. From there the Superset database is mounted, and credentials are pulled. A dashboard is then created. Lastly a pickled python payload can be set for that dashboard within Superset's database which will trigger the remote code execution. An attempt to clean up ALL of the dashboard key values and reset them to their previous values happens during the cleanup phase.
0cf3211c0a88b94f22c56bd68535a69b15419a4e9c97ce50b1d180e75e44b6beRed Hat Security Advisory 2023-5616-01 - Python-reportlab is a library used for generation of PDF documents. Issues addressed include a code execution vulnerability.
2dd35d1d563fa4f4686f2465d398d4434e278f814a90ce88a33008b776002409Red Hat Security Advisory 2023-5528-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
a7809e9736bc296be97737d0134acf6fa48d78add499ff1793c34d58165a458aRed Hat Security Advisory 2023-5531-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
a3ac08590b81392419d53e56814ac2bc5993d0b96b4d0fc7fbc90e5d72562f06Red Hat Security Advisory 2023-5472-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
9c1907fc55798106e0bd3a59d0c393769c3b9106a4a9363b9744bc3077648583Red Hat Security Advisory 2023-5456-01 - Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. Issues addressed include a bypass vulnerability.
f09181b9b7be43158cca59a700da7461f491ae25644238faaf8b1279d3ca31f1Red Hat Security Advisory 2023-5462-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
313f06d9ee1fe6f102aed74238c4b3de0da9f76aea3b0cec8d71f5838548559bRed Hat Security Advisory 2023-5463-01 - Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. Issues addressed include a bypass vulnerability.
952e2fc910e9d17614ddee9613f6122dd79884b41702c86e0566f6059e098cc8Ubuntu Security Notice 6400-1 - It was discovered that Python did not properly provide constant-time processing for a crypto operation. An attacker could possibly use this issue to perform a timing attack and recover sensitive information.
78f05f302971fdd61c41b154c5089eddceaa4838a9b6ffba2b409c27fe5f9ad4Ubuntu Security Notice 6394-1 - It was discovered that Python incorrectly handled certain scripts. An attacker could possibly use this issue to execute arbitrary code or cause a crash.
5e2657b51ce71bc1d6b8b0ec757dad995dd0b33e1ab6d102daa7f5cf3f0ac2b4Packers and Movers Management System version 1.0 suffers from a remote blind SQL injection vulnerability. Proof of concept exploit written in python included.
392e218592b7d81bc0c0a1e2e699e9fe38ca587052d6e6393e97b66c59ab44ea
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed