Medium: python3.11

🗓️ 06 Mar 2025 00:00:00Reported by AmazonType

amazon

amazon🔗 alas.aws.amazon.com👁 1 Views

Vulnerabilities in Python 3.11 affect virtual environments and URL parsing; updates available.

Reporter	Title	Published	Views	Family All 800
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Rapid Infrastructure Automation	28 May 202514:39	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM API Connect	15 Mar 202500:18	–	ibm
IBM Security Bulletins	Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to regular expression DoS and command injection due to the python package (CVE-2024-6232, CVE-2024-9287)	23 Jul 202516:09	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Maximo Application Suite - Iot Component uses axios 1.7.9 and Python-3.8.17 which is vulnerable to CVE-2023-40217, CVE-2024-6232, CVE-2022-40897, CVE-2024-6345, CVE-2023-5752 and CVE-2025-27152	25 Jun 202508:00	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps	25 Jun 202513:52	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to multiple Base OS issues	28 Aug 202521:17	–	ibm
IBM Security Bulletins	Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to several issues due to the Python package (CVE-2024-6232, CVE-2024-7592, CVE-2024-7592)	23 Jul 202513:31	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates	6 Jun 202510:29	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to multiple Operator package issues	28 Aug 202521:18	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Maximo Application Suite - Iot Component uses axios 1.7.9 and Python-3.8.17 which is vulnerable to CVE-2023-40217, CVE-2024-6232, CVE-2022-40897, CVE-2024-6345, CVE-2023-5752 and CVE-2025-27152	25 Jun 202507:57	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
Amazon Linux	2	aarch64	python3.11-tkinter	3.11.11-5.amzn2023.0.1	python3.11-tkinter-3.11.11-5.amzn2023.0.1.aarch64.rpm
Amazon Linux	2	aarch64	python3.11-devel	3.11.11-5.amzn2023.0.1	python3.11-devel-3.11.11-5.amzn2023.0.1.aarch64.rpm
Amazon Linux	2	aarch64	python3.11	3.11.11-5.amzn2023.0.1	python3.11-3.11.11-5.amzn2023.0.1.aarch64.rpm
Amazon Linux	2	aarch64	python3.11-idle	3.11.11-5.amzn2023.0.1	python3.11-idle-3.11.11-5.amzn2023.0.1.aarch64.rpm
Amazon Linux	2	aarch64	python3.11-debugsource	3.11.11-5.amzn2023.0.1	python3.11-debugsource-3.11.11-5.amzn2023.0.1.aarch64.rpm
Amazon Linux	2	aarch64	python3.11-debug	3.11.11-5.amzn2023.0.1	python3.11-debug-3.11.11-5.amzn2023.0.1.aarch64.rpm
Amazon Linux	2	aarch64	python3.11-debuginfo	3.11.11-5.amzn2023.0.1	python3.11-debuginfo-3.11.11-5.amzn2023.0.1.aarch64.rpm
Amazon Linux	2	aarch64	python3.11-libs	3.11.11-5.amzn2023.0.1	python3.11-libs-3.11.11-5.amzn2023.0.1.aarch64.rpm
Amazon Linux	2	aarch64	python3.11-test	3.11.11-5.amzn2023.0.1	python3.11-test-3.11.11-5.amzn2023.0.1.aarch64.rpm
Amazon Linux	2	x86_64	python3.11	3.11.11-5.amzn2023.0.1	python3.11-3.11.11-5.amzn2023.0.1.x86_64.rpm

21 Mar 2025 00:00Current

7.8High risk

Vulners AI Score7.8

CVSS 3.17.8

CVSS 46.3

EPSS0.01639

SSVC

python vulnerabilities virtual environment injection url parsing issues update instructions