Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.ALMA_LINUX_ALSA-2022-1764.NASL
HistoryMay 12, 2022 - 12:00 a.m.

AlmaLinux 8 : python38:3.8 and python38-devel:3.8 (ALSA-2022:1764)

2022-05-1200:00:00
This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
9
JSON

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:1764 advisory.

  • There’s a flaw in urllib’s AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specially crafted payload that is sent by the server to the client. The greatest threat that this flaw poses is to application availability.
    (CVE-2021-3733)

  • A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability. (CVE-2021-3737)

  • lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files embedded using data URIs. Users that employ the HTML cleaner in a security relevant context should upgrade to lxml 4.6.5 to receive a patch. There are no known workarounds available. (CVE-2021-43818)

  • A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like ‘\r’ and ’ ’ in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14. (CVE-2022-0391)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# AlmaLinux Security Advisory ALSA-2022:1764.
##

include('compat.inc');

if (description)
{
  script_id(161112);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/27");

  script_cve_id(
    "CVE-2021-3733",
    "CVE-2021-3737",
    "CVE-2021-43818",
    "CVE-2022-0391"
  );
  script_xref(name:"ALSA", value:"2022:1764");
  script_xref(name:"IAVA", value:"2021-A-0497-S");

  script_name(english:"AlmaLinux 8 : python38:3.8 and python38-devel:3.8 (ALSA-2022:1764)");

  script_set_attribute(attribute:"synopsis", value:
"The remote AlmaLinux host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the
ALSA-2022:1764 advisory.

  - There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP
    server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of
    Service (ReDOS) during an authentication request with a specially crafted payload that is sent by the
    server to the client. The greatest threat that this flaw poses is to application availability.
    (CVE-2021-3733)

  - A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may
    allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop,
    consuming CPU time. The highest threat from this vulnerability is to system availability. (CVE-2021-3737)

  - lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML
    Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG
    files embedded using data URIs. Users that employ the HTML cleaner in a security relevant context should
    upgrade to lxml 4.6.5 to receive a patch. There are no known workarounds available. (CVE-2021-43818)

  - A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform
    Resource Locator (URL) strings into components. The issue involves how the urlparse method does not
    sanitize input and allows characters like '\r' and '
' in the URL path. This flaw allows an attacker to
    input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1,
    3.9.5, 3.8.11, 3.7.11 and 3.6.14. (CVE-2022-0391)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://errata.almalinux.org/8/ALSA-2022-1764.html");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-43818");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2022-0391");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/09/20");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/05/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/05/12");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-Cython");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-PyMySQL");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-asn1crypto");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-babel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-cffi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-chardet");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-cryptography");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-idle");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-idna");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-jinja2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-lxml");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-markupsafe");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-mod_wsgi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-numpy");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-numpy-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-numpy-f2py");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-pip");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-pip-wheel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-ply");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-psutil");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-psycopg2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-psycopg2-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-psycopg2-tests");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-pycparser");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-pysocks");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-pytz");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-pyyaml");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-requests");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-rpm-macros");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-scipy");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-setuptools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-setuptools-wheel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-six");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-test");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-tkinter");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-urllib3");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-wheel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:alma:linux:python38-wheel-wheel");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:alma:linux:8");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Alma Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/AlmaLinux/release", "Host/AlmaLinux/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var release = get_kb_item('Host/AlmaLinux/release');
if (isnull(release) || 'AlmaLinux' >!< release) audit(AUDIT_OS_NOT, 'AlmaLinux');
var os_ver = pregmatch(pattern: "AlmaLinux release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');
var os_ver = os_ver[1];
if (! preg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);

if (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);

var module_ver = get_kb_item('Host/AlmaLinux/appstream/python38');
if (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module python38:3.8');
if ('3.8' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module python38:' + module_ver);

var appstreams = {
    'python38:3.8': [
      {'reference':'python38-3.8.12-1.module_el8.6.0+2778+cd494b30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-asn1crypto-1.2.0-3.module_el8.6.0+2778+cd494b30', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-babel-2.7.0-11.module_el8.6.0+2778+cd494b30', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-cffi-1.13.2-3.module_el8.6.0+2778+cd494b30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-chardet-3.0.4-19.module_el8.6.0+2778+cd494b30', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-cryptography-2.8-3.module_el8.6.0+2778+cd494b30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-Cython-0.29.14-4.module_el8.6.0+2778+cd494b30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-debug-3.8.12-1.module_el8.6.0+2778+cd494b30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-devel-3.8.12-1.module_el8.6.0+2778+cd494b30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-idle-3.8.12-1.module_el8.6.0+2778+cd494b30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-idna-2.8-6.module_el8.6.0+2778+cd494b30', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-jinja2-2.10.3-5.module_el8.6.0+2778+cd494b30', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-libs-3.8.12-1.module_el8.6.0+2778+cd494b30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-lxml-4.4.1-7.module_el8.6.0+2778+cd494b30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-markupsafe-1.1.1-6.module_el8.6.0+2778+cd494b30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-mod_wsgi-4.6.8-3.module_el8.6.0+2778+cd494b30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-numpy-1.17.3-6.module_el8.6.0+2778+cd494b30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-numpy-doc-1.17.3-6.module_el8.6.0+2778+cd494b30', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-numpy-f2py-1.17.3-6.module_el8.6.0+2778+cd494b30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-pip-19.3.1-5.module_el8.6.0+2778+cd494b30', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-pip-wheel-19.3.1-5.module_el8.6.0+2778+cd494b30', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-ply-3.11-10.module_el8.6.0+2778+cd494b30', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-psutil-5.6.4-4.module_el8.6.0+2778+cd494b30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-psycopg2-2.8.4-4.module_el8.6.0+2778+cd494b30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-psycopg2-doc-2.8.4-4.module_el8.6.0+2778+cd494b30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-psycopg2-tests-2.8.4-4.module_el8.6.0+2778+cd494b30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-pycparser-2.19-3.module_el8.6.0+2778+cd494b30', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-PyMySQL-0.10.1-1.module_el8.6.0+2778+cd494b30', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-pysocks-1.7.1-4.module_el8.6.0+2778+cd494b30', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-pytz-2019.3-3.module_el8.6.0+2778+cd494b30', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-pyyaml-5.4.1-1.module_el8.6.0+2778+cd494b30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-requests-2.22.0-9.module_el8.6.0+2778+cd494b30', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-rpm-macros-3.8.12-1.module_el8.6.0+2778+cd494b30', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-scipy-1.3.1-4.module_el8.6.0+2778+cd494b30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-setuptools-41.6.0-5.module_el8.6.0+2778+cd494b30', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-setuptools-wheel-41.6.0-5.module_el8.6.0+2778+cd494b30', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-six-1.12.0-10.module_el8.6.0+2778+cd494b30', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-test-3.8.12-1.module_el8.6.0+2778+cd494b30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-tkinter-3.8.12-1.module_el8.6.0+2778+cd494b30', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-urllib3-1.25.7-5.module_el8.6.0+2778+cd494b30', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-wheel-0.33.6-6.module_el8.6.0+2778+cd494b30', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-wheel-wheel-0.33.6-6.module_el8.6.0+2778+cd494b30', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-3.8.12-1.module_el8.6.0+2778+cd494b30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-cffi-1.13.2-3.module_el8.6.0+2778+cd494b30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-cryptography-2.8-3.module_el8.6.0+2778+cd494b30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-Cython-0.29.14-4.module_el8.6.0+2778+cd494b30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-debug-3.8.12-1.module_el8.6.0+2778+cd494b30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-devel-3.8.12-1.module_el8.6.0+2778+cd494b30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-idle-3.8.12-1.module_el8.6.0+2778+cd494b30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-libs-3.8.12-1.module_el8.6.0+2778+cd494b30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-lxml-4.4.1-7.module_el8.6.0+2778+cd494b30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-markupsafe-1.1.1-6.module_el8.6.0+2778+cd494b30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-mod_wsgi-4.6.8-3.module_el8.6.0+2778+cd494b30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-numpy-1.17.3-6.module_el8.6.0+2778+cd494b30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-numpy-f2py-1.17.3-6.module_el8.6.0+2778+cd494b30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-psutil-5.6.4-4.module_el8.6.0+2778+cd494b30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-psycopg2-2.8.4-4.module_el8.6.0+2778+cd494b30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-psycopg2-doc-2.8.4-4.module_el8.6.0+2778+cd494b30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-psycopg2-tests-2.8.4-4.module_el8.6.0+2778+cd494b30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-pyyaml-5.4.1-1.module_el8.6.0+2778+cd494b30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-scipy-1.3.1-4.module_el8.6.0+2778+cd494b30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-test-3.8.12-1.module_el8.6.0+2778+cd494b30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python38-tkinter-3.8.12-1.module_el8.6.0+2778+cd494b30', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}
    ]
};

var flag = 0;
var appstreams_found = 0;
foreach module (keys(appstreams)) {
  var appstream = NULL;
  var appstream_name = NULL;
  var appstream_version = NULL;
  var appstream_split = split(module, sep:':', keep:FALSE);
  if (!empty_or_null(appstream_split)) {
    appstream_name = appstream_split[0];
    appstream_version = appstream_split[1];
    if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/AlmaLinux/appstream/' + appstream_name);
  }
  if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {
    appstreams_found++;
    foreach package_array ( appstreams[module] ) {
      var reference = NULL;
      var release = NULL;
      var sp = NULL;
      var cpu = NULL;
      var el_string = NULL;
      var rpm_spec_vers_cmp = NULL;
      var epoch = NULL;
      var allowmaj = NULL;
      var exists_check = NULL;
      if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
      if (!empty_or_null(package_array['release'])) release = 'Alma-' + package_array['release'];
      if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
      if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];
      if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
      if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
      if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
      if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
      if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
      if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {
        if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
      }
    }
  }
}

if (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module python38:3.8');

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python38 / python38-Cython / python38-PyMySQL / python38-asn1crypto / etc');
}
VendorProductVersionCPE
almalinuxpython38p-cpe:/a:alma:linux:python38
almalinuxpython38-cythonp-cpe:/a:alma:linux:python38-cython
almalinuxpython38-pymysqlp-cpe:/a:alma:linux:python38-pymysql
almalinuxpython38-asn1cryptop-cpe:/a:alma:linux:python38-asn1crypto
almalinuxpython38-babelp-cpe:/a:alma:linux:python38-babel
almalinuxpython38-cffip-cpe:/a:alma:linux:python38-cffi
almalinuxpython38-chardetp-cpe:/a:alma:linux:python38-chardet
almalinuxpython38-cryptographyp-cpe:/a:alma:linux:python38-cryptography
almalinuxpython38-debugp-cpe:/a:alma:linux:python38-debug
almalinuxpython38-develp-cpe:/a:alma:linux:python38-devel
Rows per page:
1-10 of 431

Related

nessus 75
oraclelinux 4
osv 17
redhat 5
rocky 4
almalinux 4
openvas 51
fedora 7
suse 4
ibm 3
debian 3
ubuntu 4
cloudfoundry 1
mageia 3
amazon 3
prion 1
alpinelinux 1
redos 1
cve 1
cbl_mariner 2
debiancve 1
ubuntucve 1
github 1
veracode 1
redhatcve 1
nessus
nessus
Oracle Linux 8 : python38:3.8 / and / python38-devel:3.8 (ELSA-2022-1764)
2022-05-18 00:00:00
Rocky Linux 8 : python38:3.8 and python38-devel:3.8 (RLSA-2022:1764)
2023-11-07 00:00:00
RHEL 8 : python38:3.8 and python38-devel:3.8 (RHSA-2022:1764)
2022-05-11 00:00:00
oraclelinux
oraclelinux
python38:3.8 and python38-devel:3.8 security update
2022-05-17 00:00:00
python27:2.7 security update
2022-05-17 00:00:00
python-lxml security update
2022-05-17 00:00:00
osv
osv
Moderate: python38:3.8 and python38-devel:3.8 security update
2022-05-10 06:23:23
Moderate: python38:3.8 and python38-devel:3.8 security update
2022-05-10 06:23:23
Moderate: python27:2.7 security update
2022-05-10 08:02:50
redhat
redhat
(RHSA-2022:1764) Moderate: python38:3.8 and python38-devel:3.8 security update
2022-05-10 06:23:23
(RHSA-2022:1821) Moderate: python27:2.7 security update
2022-05-10 08:02:50
(RHSA-2022:1663) Moderate: python27-python and python27-python-pip security update
2022-05-02 07:48:36
rocky
rocky
python38:3.8 and python38-devel:3.8 security update
2022-05-10 06:23:23
python27:2.7 security update
2022-05-10 08:02:50
python-lxml security update
2022-05-10 08:08:19
almalinux
almalinux
Moderate: python38:3.8 and python38-devel:3.8 security update
2022-05-10 06:23:23
Moderate: python27:2.7 security update
2022-05-10 08:02:50
Moderate: python-lxml security update
2022-05-10 08:08:19
openvas
openvas
Huawei EulerOS: Security Advisory for python (EulerOS-SA-2023-1284)
2023-01-31 00:00:00
Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2021-2813)
2021-12-26 00:00:00
Fedora: Security Advisory for mingw-python3 (FEDORA-2021-eef0654c0b)
2021-10-02 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: python2.7-2.7.18-15.fc33
2021-09-29 01:10:06
[SECURITY] Fedora 34 Update: mingw-python3-3.9.4-3.fc34
2021-09-30 01:15:07
[SECURITY] Fedora 35 Update: python2.7-2.7.18-15.fc35
2021-09-24 20:59:13
suse
suse
Security update for python (moderate)
2021-10-20 00:00:00
Security update for python (moderate)
2021-10-31 00:00:00
Security update for python3 (moderate)
2021-12-16 00:00:00
ibm
ibm
Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Python
2022-06-29 02:19:10
Security Bulletin: IBM Security Guardium Insights is affected by multipe vulnerabilities
2022-02-04 21:33:23
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security restrictions bypass in lxml (CVE-2021-43818)
2023-01-12 21:59:00
debian
debian
[SECURITY] [DLA 2808-1] python3.5 security update
2021-11-05 09:21:55
[SECURITY] [DLA 2871-1] lxml security update
2021-12-30 17:05:59
[SECURITY] [DSA 5043-1] lxml security update
2022-01-12 21:59:18
ubuntu
ubuntu
Python vulnerabilities
2021-12-17 00:00:00
Python vulnerabilities
2021-09-16 00:00:00
Python vulnerabilities
2021-12-17 00:00:00
cloudfoundry
cloudfoundry
USN-5199-1: Python vulnerabilities | Cloud Foundry
2022-03-08 00:00:00
mageia
mageia
Updated python packages fix security vulnerability
2021-10-02 21:57:04
Updated python3 packages fix security vulnerability
2021-09-23 07:49:29
Updated python-lxml packages fix security vulnerability
2021-12-30 19:41:51
amazon
amazon
Medium: python27
2022-05-31 23:47:00
Medium: python
2022-05-31 23:50:00
Important: python-lxml
2023-02-17 00:12:00
prion
prion
Hardcoded credentials
2021-12-13 18:15:00
alpinelinux
alpinelinux
CVE-2021-43818
2021-12-13 18:15:00
redos
redos
ROS-20220125-14
2022-01-25 00:00:00
cve
cve
CVE-2021-43818
2021-12-13 18:15:00
cbl_mariner
cbl_mariner
CVE-2021-43818 affecting package python-lxml for versions less than 4.8.0-1
2022-04-26 19:57:36
CVE-2021-43818 affecting package python-lxml 4.6.3-1
2022-01-10 03:59:19
debiancve
debiancve
CVE-2021-43818
2021-12-13 18:15:00
ubuntucve
ubuntucve
CVE-2021-43818
2021-12-13 00:00:00
github
github
lxml's HTML Cleaner allows crafted and SVG embedded scripts to pass through
2021-12-13 18:14:36
veracode
veracode
Cross-site Scripting (XSS)
2021-12-14 02:31:11
redhatcve
redhatcve
CVE-2021-43818
2021-12-14 18:18:50
JSON
Related for ALMA_LINUX_ALSA-2022-1764.NASL
nessus75oraclelinux4osv17redhat5rocky4almalinux4openvas51fedora7suse4ibm3debian3ubuntu4cloudfoundry1mageia3amazon3prion1alpinelinux1redos1cve1cbl_mariner2debiancve1ubuntucve1github1veracode1redhatcve1