OPENSUSE-SU-2019:2389-1
Advisory lineage Upstream: 3 Downstream: 0
Published: 27 Oct 2019, 15:25
Last modified:04 Feb 2026, 03:13
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
27 Oct 2019, 15:25
Published
Vulnerability first disclosed
04 Feb 2026, 03:13
Last Modified
Vulnerability information updated
Description
Security update for python This update for python fixes the following issues: Security issues fixed: - CVE-2019-9947: Fixed an insufficient validation of URL paths with embedded whitespace or control characters that could allow HTTP header injections. (bsc#1130840) - CVE-2019-16056: Fixed a parser issue in the email module. (bsc#1149955) - CVE-2019-16935: Fixed a reflected XSS in python/Lib/DocXMLRPCServer.py (bsc#1153238). This update was imported from the SUSE:SLE-15:Update update project.
Affected Systems
- opensuse•python&distro=openSUSE Leap 15.0
< 2.7.14-lp150.6.21.1
References (7)
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2RIZHQXVDEAO3HIKQR7NL3UVMHX36FKF/#2RIZHQXVDEAO3HIKQR7NL3UVMHX36FKF
- https://bugzilla.suse.com/1130840
- https://bugzilla.suse.com/1149955
- https://bugzilla.suse.com/1153238
- https://www.suse.com/security/cve/CVE-2019-16056
- https://www.suse.com/security/cve/CVE-2019-16935
- https://www.suse.com/security/cve/CVE-2019-9947