Several security issues were fixed in Python ...
Several security issues were fixed in Python ...
Synopsis
Moderate: python27:27 security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update for the python27:27 module is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Sco ...
Synopsis
Moderate: python security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update for python is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base ...
Synopsis
Moderate: python security update
Type/Severity
Security Advisory: Moderate
Topic
An update for python is now available for Red Hat Enterprise Linux 75 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring Syst ...
Synopsis
Moderate: rh-python36-python security, bug fix, and enhancement update
Type/Severity
Security Advisory: Moderate
Topic
An update for rh-python36-python is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of Moderate A Common ...
Synopsis
Moderate: python security update
Type/Severity
Security Advisory: Moderate
Topic
An update for python is now available for Red Hat Enterprise Linux 76 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring Syst ...
Synopsis
Moderate: python3 security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update for python3 is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) ba ...
Synopsis
Moderate: python security update
Type/Severity
Security Advisory: Moderate
Topic
An update for python is now available for Red Hat Enterprise Linux 74 Advanced Update Support, Red Hat Enterprise Linux 74 Telco Extended Update Support, and Red Hat Enterprise Linux 74 Update Services for SAP Solut ...
Synopsis
Important: python27-python and python27-python-jinja2 security and bug fix update
Type/Severity
Security Advisory: Important
Topic
An update for python27-python and python27-python-jinja2 is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a se ...
An issue was discovered in urllib2 in Python 2x and urllib in Python 3x CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllibrequesturlopen with \r\n (specifically in the path component of a URL that lacks a ? character) followed by an HTTP header or a Redis command This is simila ...
Impact:
Moderate
Public Date:
2019-03-13
CWE:
CWE-113
Bugzilla:
1688169:
CVE-2019-9740 python-urllib3: ...
A security regression of CVE-2019-9636 was discovered in python, since commit d537ab0ff9767ef024f26246899728f0116b1ec3, which still allows an attacker to exploit CVE-2019-9636 by abusing the user and password parts of a URL When an application parses user-supplied URLs to store cookies, authentication credentials, or other kind of information, it ...
An issue was discovered in urllib2 in Python 2x and urllib in Python 3x CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllibrequesturlopen with \r\n (specifically in the query string after a ? character) followed by an HTTP header or a Redis command (CVE-2019-9740, CVE-2019-9947) ...
Python is affected by improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization The impact is: Information disclosure (credentials, cookies, etc that are cached against a given hostname) The components are: urllibparseurlsplit, urllibparseurlparse The attack vector is: A specially crafted URL could be incorr ...
Python 27x through 2716 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization The impact is: Information disclosure (credentials, cookies, etc that are cached against a given hostname) The components are: urllibparseurlsplit, urllibparseurlparse The attack vector is: A specially craf ...
An issue was discovered in urllib2 in Python 2x and urllib in Python 3x CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllibrequesturlopen with \r\n (specifically in the query string after a ? character) followed by an HTTP header or a Redis command (CVE-2019-9740, CVE-2019-9947) ...