rpm package
opensuse/python-h11&distro=openSUSE Leap 15.6
pkg:rpm/opensuse/python-h11&distro=openSUSE%20Leap%2015.6
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-21226 | — | < 0.14.0-150400.9.8.1 | 0.14.0-150400.9.8.1 | Jan 13, 2026 | Deserialization of untrusted data in Azure Core shared client library for Python allows an authorized attacker to execute code over a network. | ||
| CVE-2025-43859 | Cri | 9.1 | < 0.14.0-150400.9.6.1 | 0.14.0-150400.9.6.1 | Apr 24, 2025 | h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a leniency in h11's parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions. This issue has been patched in version 0.16.0. Since explo | |
| CVE-2025-24049 | — | < 0.14.0-150400.9.8.1 | 0.14.0-150400.9.8.1 | Mar 11, 2025 | Improper neutralization of special elements used in a command ('command injection') in Azure Command Line Integration (CLI) allows an unauthorized attacker to elevate privileges locally. | ||
| CVE-2024-35255 | — | < 0.14.0-150400.9.8.1 | 0.14.0-150400.9.8.1 | Jun 11, 2024 | Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability |
- CVE-2026-21226Jan 13, 2026affected < 0.14.0-150400.9.8.1fixed 0.14.0-150400.9.8.1
Deserialization of untrusted data in Azure Core shared client library for Python allows an authorized attacker to execute code over a network.
- affected < 0.14.0-150400.9.6.1fixed 0.14.0-150400.9.6.1
h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a leniency in h11's parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions. This issue has been patched in version 0.16.0. Since explo
- CVE-2025-24049Mar 11, 2025affected < 0.14.0-150400.9.8.1fixed 0.14.0-150400.9.8.1
Improper neutralization of special elements used in a command ('command injection') in Azure Command Line Integration (CLI) allows an unauthorized attacker to elevate privileges locally.
- CVE-2024-35255Jun 11, 2024affected < 0.14.0-150400.9.8.1fixed 0.14.0-150400.9.8.1
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability