Linux Distros Unpatched Vulnerability : CVE-2022-0391

🗓️ 05 Mar 2025 00:00:00Reported by TenableType
Linux/Unix host vulnerable due to unpatched flaw in Python's urllib.parse module affecting URLs.
Reporter	Title	Published	Views	Family All 255
IBM Security Bulletins	Security Bulletin: IBM Security SOAR is using a component with known vulnerabilities (CVE-2022-0391)	1 Jun 202210:29	–	ibm
IBM Security Bulletins	Security Bulletin: Python (Publicly disclosed vulnerability) in IBM Tivoli Application Dependency Discovery Manager (CVE-2022-0391)	18 Nov 202212:26	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Netezza for Cloud Pak for Data is vulnerable to injection attack due to urllib package in Python3 (CVE-2022-0391)	9 Aug 202205:52	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cognos Analytics has addressed multiple vulnerabilities (CVE-2022-34339, CVE-2021-3712, CVE-2021-3711, CVE-2021-4160, CVE-2021-29425, CVE-2021-3733, CVE-2021-3737, CVE-2022-0391, CVE-2021-43138, CVE-2022-24758)	26 Mar 202502:27	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM includes components with known vulnerabilities	6 Jul 202318:48	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities	16 Jun 202315:20	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Celery, Golang Go, and Python affect IBM Spectrum Protect Plus Container Backup and Restore for Kubernetes and Red Hat OpenShift	12 Mar 202203:21	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security Verify Access Appliance includes components with known vulnerabilities (CVE-2022-29154, CVE-2022-0391)	3 Apr 202321:42	–	ibm
IBM Security Bulletins	Security Bulletin: A vulnerability in Python affects IBM Elastic Storage System (CVE-2022-0391)	15 Dec 202209:21	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Linux kernel and Python can affect IBM Spectrum Protect Plus	19 Sep 202313:44	–	ibm
Source	Link
access	www.access.redhat.com/security/cve/cve-2022-0391
ubuntu	www.ubuntu.com/security/CVE-2022-0391
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(230020);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/10/28");

  script_cve_id("CVE-2022-0391");

  script_name(english:"Linux Distros Unpatched Vulnerability : CVE-2022-0391");

  script_set_attribute(attribute:"synopsis", value:
"The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be
patched.");
  script_set_attribute(attribute:"description", value:
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied
patch available.

  - A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform
    Resource Locator (URL) strings into components. The issue involves how the urlparse method does not
    sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an attacker to
    input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1,
    3.9.5, 3.8.11, 3.7.11 and 3.6.14. (CVE-2022-0391)

Note that Nessus relies on the presence of the package as reported by the vendor.");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2022-0391");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/CVE-2022-0391");
  script_set_attribute(attribute:"solution", value:
"There is no known solution at this time.");
  script_set_attribute(attribute:"agent", value:"unix");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:U/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:U/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-0391");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"vendor_unpatched", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/02/09");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/03/05");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:20.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:8");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:8");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python3.9");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:PyYAML");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:mod_wsgi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:numpy");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python-PyMySQL");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python-cffi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python-chardet");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python-cryptography");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python-idna");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python-lxml");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python-ply");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python-psutil");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python-psycopg2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python-pycparser");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python-pysocks");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python-requests");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python-toml");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python-urllib3");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python-wheel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python2-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python2-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python2-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python2-test");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python2-tkinter");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python2-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-PyMySQL");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-cffi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-chardet");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-cryptography");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-idle");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-idna");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-lxml");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-mod_wsgi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-numpy");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-numpy-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-numpy-f2py");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-pip");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-pip-wheel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-ply");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-psutil");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-psycopg2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-psycopg2-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-psycopg2-tests");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-pycparser");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-pysocks");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-pyyaml");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-requests");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-rpm-macros");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-scipy");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-setuptools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-setuptools-wheel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-six");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-test");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-tkinter");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-toml");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-urllib3");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-wheel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python39-wheel-wheel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python3x-pip");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python3x-setuptools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python3x-six");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:scipy");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:PyYAML");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mod_wsgi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:numpy");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-PyMySQL");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-cffi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-chardet");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-cryptography");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-idna");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-lxml");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-ply");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-psutil");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-psycopg2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-pycparser");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-pysocks");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-requests");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-toml");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-urllib3");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-wheel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python2-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python2-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python2-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python2-test");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python2-tkinter");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python2-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-PyMySQL");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-cffi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-chardet");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-cryptography");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-idle");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-idna");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-lxml");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-mod_wsgi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-numpy");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-numpy-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-numpy-f2py");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-pip");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-pip-wheel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-ply");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-psutil");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-psycopg2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-psycopg2-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-psycopg2-tests");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-pycparser");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-pysocks");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-pyyaml");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-requests");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-rpm-macros");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-scipy");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-setuptools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-setuptools-wheel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-six");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-test");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-tkinter");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-toml");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-urllib3");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-wheel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python39-wheel-wheel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3x-pip");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3x-setuptools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3x-six");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:scipy");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("set_linux_os_id.nasl", "ssh_get_info2.nasl");
  script_require_keys("Host/OS/identifier", "Host/cpu", "Host/local_checks_enabled", "global_settings/vendor_unpatched");
  script_require_ports("Host/OS/CentOS Linux-8", "Host/OS/Red Hat Enterprise Linux-8", "Host/OS/Ubuntu Linux-20.04");

  exit(0);
}

if (!get_kb_item("global_settings/vendor_unpatched")) exit(0, "Unpatched Vulnerabilities Detection not active.");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (empty_or_null(get_one_kb_item("Host/CentOS/rpm-list")) && empty_or_null(get_one_kb_item("Host/Debian/dpkg-l")) && empty_or_null(get_one_kb_item("Host/RedHat/rpm-list"))) audit(AUDIT_PACKAGE_LIST_MISSING);

include('linux_unpatched.inc');

var distro_constraints_array = {
  "Ubuntu Linux-20.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "20.04",
        "pkgs": [
          {"reference": "python3.9"}
        ]
      }
    ]
  },
  "CentOS Linux-8": {
    "package_manager": "rpm-list",
    "constraints": [
      {
        "release": "8",
        "pkgs": [
          {"reference": "PyYAML"},
          {"reference": "mod_wsgi"},
          {"reference": "numpy"},
          {"reference": "python-PyMySQL"},
          {"reference": "python-cffi"},
          {"reference": "python-chardet"},
          {"reference": "python-cryptography"},
          {"reference": "python-idna"},
          {"reference": "python-lxml"},
          {"reference": "python-ply"},
          {"reference": "python-psutil"},
          {"reference": "python-psycopg2"},
          {"reference": "python-pycparser"},
          {"reference": "python-pysocks"},
          {"reference": "python-requests"},
          {"reference": "python-toml"},
          {"reference": "python-urllib3"},
          {"reference": "python-wheel"},
          {"reference": "python2"},
          {"reference": "python2-debug"},
          {"reference": "python2-devel"},
          {"reference": "python2-libs"},
          {"reference": "python2-test"},
          {"reference": "python2-tkinter"},
          {"reference": "python2-tools"},
          {"reference": "python39"},
          {"reference": "python39-PyMySQL"},
          {"reference": "python39-cffi"},
          {"reference": "python39-chardet"},
          {"reference": "python39-cryptography"},
          {"reference": "python39-devel"},
          {"reference": "python39-idle"},
          {"reference": "python39-idna"},
          {"reference": "python39-libs"},
          {"reference": "python39-lxml"},
          {"reference": "python39-mod_wsgi"},
          {"reference": "python39-numpy"},
          {"reference": "python39-numpy-doc"},
          {"reference": "python39-numpy-f2py"},
          {"reference": "python39-pip"},
          {"reference": "python39-pip-wheel"},
          {"reference": "python39-ply"},
          {"reference": "python39-psutil"},
          {"reference": "python39-psycopg2"},
          {"reference": "python39-psycopg2-doc"},
          {"reference": "python39-psycopg2-tests"},
          {"reference": "python39-pycparser"},
          {"reference": "python39-pysocks"},
          {"reference": "python39-pyyaml"},
          {"reference": "python39-requests"},
          {"reference": "python39-rpm-macros"},
          {"reference": "python39-scipy"},
          {"reference": "python39-setuptools"},
          {"reference": "python39-setuptools-wheel"},
          {"reference": "python39-six"},
          {"reference": "python39-test"},
          {"reference": "python39-tkinter"},
          {"reference": "python39-toml"},
          {"reference": "python39-urllib3"},
          {"reference": "python39-wheel"},
          {"reference": "python39-wheel-wheel"},
          {"reference": "python3x-pip"},
          {"reference": "python3x-setuptools"},
          {"reference": "python3x-six"},
          {"reference": "scipy"}
        ]
      }
    ]
  },
  "Red Hat Enterprise Linux-8": {
    "package_manager": "rpm-list",
    "constraints": [
      {
        "release": "8",
        "pkgs": [
          {"reference": "PyYAML"},
          {"reference": "mod_wsgi"},
          {"reference": "numpy"},
          {"reference": "python-PyMySQL"},
          {"reference": "python-cffi"},
          {"reference": "python-chardet"},
          {"reference": "python-cryptography"},
          {"reference": "python-idna"},
          {"reference": "python-lxml"},
          {"reference": "python-ply"},
          {"reference": "python-psutil"},
          {"reference": "python-psycopg2"},
          {"reference": "python-pycparser"},
          {"reference": "python-pysocks"},
          {"reference": "python-requests"},
          {"reference": "python-toml"},
          {"reference": "python-urllib3"},
          {"reference": "python-wheel"},
          {"reference": "python2"},
          {"reference": "python2-debug"},
          {"reference": "python2-devel"},
          {"reference": "python2-libs"},
          {"reference": "python2-test"},
          {"reference": "python2-tkinter"},
          {"reference": "python2-tools"},
          {"reference": "python39"},
          {"reference": "python39-PyMySQL"},
          {"reference": "python39-cffi"},
          {"reference": "python39-chardet"},
          {"reference": "python39-cryptography"},
          {"reference": "python39-devel"},
          {"reference": "python39-idle"},
          {"reference": "python39-idna"},
          {"reference": "python39-libs"},
          {"reference": "python39-lxml"},
          {"reference": "python39-mod_wsgi"},
          {"reference": "python39-numpy"},
          {"reference": "python39-numpy-doc"},
          {"reference": "python39-numpy-f2py"},
          {"reference": "python39-pip"},
          {"reference": "python39-pip-wheel"},
          {"reference": "python39-ply"},
          {"reference": "python39-psutil"},
          {"reference": "python39-psycopg2"},
          {"reference": "python39-psycopg2-doc"},
          {"reference": "python39-psycopg2-tests"},
          {"reference": "python39-pycparser"},
          {"reference": "python39-pysocks"},
          {"reference": "python39-pyyaml"},
          {"reference": "python39-requests"},
          {"reference": "python39-rpm-macros"},
          {"reference": "python39-scipy"},
          {"reference": "python39-setuptools"},
          {"reference": "python39-setuptools-wheel"},
          {"reference": "python39-six"},
          {"reference": "python39-test"},
          {"reference": "python39-tkinter"},
          {"reference": "python39-toml"},
          {"reference": "python39-urllib3"},
          {"reference": "python39-wheel"},
          {"reference": "python39-wheel-wheel"},
          {"reference": "python3x-pip"},
          {"reference": "python3x-setuptools"},
          {"reference": "python3x-six"},
          {"reference": "scipy"}
        ]
      }
    ]
  }
};

var distro_constraints_values = linux_unpatched::get_distro_constraints(distro_constraints_arr:distro_constraints_array);
if (empty_or_null(distro_constraints_values)) audit(AUDIT_HOST_NOT, 'affected');
var report = linux_unpatched::check_unpatched_constraints(distro_constraints_values:distro_constraints_values);

if (!empty_or_null(report))
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : report
  );
  exit(0);
}
else
{
  audit(AUDIT_HOST_NOT, 'affected');
}
28 Oct 2025 00:00Current
6.9Medium risk
Vulners AI Score6.9
CVSS 25
CVSS 3.17.5
EPSS0.01214
SSVC
linux unix vulnerability python flaw urlparse injection attack