Lucene search
Copyright (C) 2024 Greenbone AGOPENVAS:13614125623111120245759HistoryAug 28, 2024 - 12:00 a.m.
Debian: Security Advisory (DSA-5759-1)
2024-08-2800:00:00
Copyright (C) 2024 Greenbone AG
plugins.openvas.org
2
debian
python3.11
package
cve-2024-0397
cve-2024-4032
cve-2024-8088
update
installation
vendor fix
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS4
8.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/SC:N/VI:N/SI:N/VA:H/SA:N/S:N/AU:N/R:U/RE:L
AI Score
7.7
Confidence
High
EPSS
0.001
Percentile
17.8%
The remote host is missing an update for the Debian
# SPDX-FileCopyrightText: 2024 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.1.1.2024.5759");
script_cve_id("CVE-2024-0397", "CVE-2024-4032", "CVE-2024-8088");
script_tag(name:"creation_date", value:"2024-08-28 04:23:46 +0000 (Wed, 28 Aug 2024)");
script_version("2024-08-28T05:05:33+0000");
script_tag(name:"last_modification", value:"2024-08-28 05:05:33 +0000 (Wed, 28 Aug 2024)");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_name("Debian: Security Advisory (DSA-5759-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2024 Greenbone AG");
script_family("Debian Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages", re:"ssh/login/release=DEB12");
script_xref(name:"Advisory-ID", value:"DSA-5759-1");
script_xref(name:"URL", value:"https://www.debian.org/security/2024/DSA-5759-1");
script_tag(name:"summary", value:"The remote host is missing an update for the Debian 'python3.11' package(s) announced via the DSA-5759-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"affected", value:"'python3.11' package(s) on Debian 12.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
release = dpkg_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "DEB12") {
if(!isnull(res = isdpkgvuln(pkg:"idle-python3.11", ver:"3.11.2-6+deb12u3", rls:"DEB12"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libpython3.11", ver:"3.11.2-6+deb12u3", rls:"DEB12"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libpython3.11-dbg", ver:"3.11.2-6+deb12u3", rls:"DEB12"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libpython3.11-dev", ver:"3.11.2-6+deb12u3", rls:"DEB12"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libpython3.11-minimal", ver:"3.11.2-6+deb12u3", rls:"DEB12"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libpython3.11-stdlib", ver:"3.11.2-6+deb12u3", rls:"DEB12"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libpython3.11-testsuite", ver:"3.11.2-6+deb12u3", rls:"DEB12"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"python3.11", ver:"3.11.2-6+deb12u3", rls:"DEB12"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"python3.11-dbg", ver:"3.11.2-6+deb12u3", rls:"DEB12"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"python3.11-dev", ver:"3.11.2-6+deb12u3", rls:"DEB12"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"python3.11-doc", ver:"3.11.2-6+deb12u3", rls:"DEB12"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"python3.11-examples", ver:"3.11.2-6+deb12u3", rls:"DEB12"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"python3.11-full", ver:"3.11.2-6+deb12u3", rls:"DEB12"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"python3.11-minimal", ver:"3.11.2-6+deb12u3", rls:"DEB12"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"python3.11-nopie", ver:"3.11.2-6+deb12u3", rls:"DEB12"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"python3.11-venv", ver:"3.11.2-6+deb12u3", rls:"DEB12"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
osv
osv
python3.11 - security update
2024-08-27 00:00:00
Security update for python39
2024-07-01 12:04:26
python3.10, python3.8 vulnerabilities
2024-07-30 13:20:37
nessus
nessus
Debian dsa-5759 : idle-python3.11 - security update
2024-08-27 00:00:00
Ubuntu 20.04 LTS / 22.04 LTS : Python vulnerabilities (USN-6928-1)
2024-07-30 00:00:00
SUSE SLES12 Security Update : python39 (SUSE-SU-2024:2274-1)
2024-07-03 00:00:00
openvas
openvas
openSUSE: Security Advisory for python39 (SUSE-SU-2024:2280-1)
2024-07-10 00:00:00
Ubuntu: Security Advisory (USN-6928-1)
2024-07-31 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:2274-1)
2024-07-03 00:00:00
ubuntu
ubuntu
Python vulnerabilities
2024-07-30 00:00:00
Python vulnerability
2024-08-01 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: mingw-python3-3.11.9-2.fc39
2024-09-06 03:53:31
[SECURITY] Fedora 40 Update: mingw-python3-3.11.9-2.fc40
2024-09-06 04:04:03
[SECURITY] Fedora 40 Update: python3.11-3.11.9-6.fc40
2024-08-31 02:04:16
aix
aix
ibm
ibm
almalinux
almalinux
Moderate: python39:3.9 and python39-devel:3.9 security update
2024-08-28 00:00:00
Low: python3 security update
2024-07-23 00:00:00
Low: python3 security update
2024-07-23 00:00:00
redhat
redhat
(RHSA-2024:6030) Low: python3 security update
2024-08-29 11:16:43
(RHSA-2024:4779) Low: python3 security update
2024-07-23 15:13:23
oraclelinux
oraclelinux
python39:3.9 and python39-devel:3.9 security update
2024-08-29 00:00:00
python3 security update
2024-07-23 00:00:00
python3 security update
2024-07-23 00:00:00
cvelist
cvelist
CVE-2024-8088 Infinite loop when iterating over zip archive entry names from zipfile.Path
2024-08-22 18:45:31
CVE-2024-4032 Incorrect IPv4 and IPv6 private ranges
2024-06-17 15:05:58
debiancve
debiancve
redos
redos
ROS-20240904-07
2024-09-04 00:00:00
ROS-20240917-08
2024-09-17 00:00:00
ROS-20240820-02
2024-08-20 00:00:00
redhatcve
redhatcve
nvd
nvd
vulnrichment
vulnrichment
CVE-2024-8088 Infinite loop when iterating over zip archive entry names from zipfile.Path
2024-08-22 18:45:31
CVE-2024-4032 Incorrect IPv4 and IPv6 private ranges
2024-06-17 15:05:58
ubuntucve
ubuntucve
alpinelinux
alpinelinux
CVE-2024-4032
2024-06-17 15:15:52
CVE-2024-8088
2024-08-22 19:15:09
cve
cve
wolfi
wolfi
CVE-2024-8088 vulnerabilities
2024-09-19 21:18:36
CVE-2024-4032 vulnerabilities
2024-09-19 21:18:36
cbl_mariner
cbl_mariner
CVE-2024-0397 affecting package python3 for versions less than 3.9.19-3
2024-08-05 03:22:58
CVE-2024-0397 affecting package python3 for versions less than 3.12.3-1
2024-08-25 15:13:42
photon
photon
Important Photon OS Security Update - PHSA-2024-5.0-0334
2024-07-26 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS4
8.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/SC:N/VI:N/SI:N/VA:H/SA:N/S:N/AU:N/R:U/RE:L
AI Score
7.7
Confidence
High
EPSS
0.001
Percentile
17.8%
Related for OPENVAS:13614125623111120245759