python38:3.8 and python38-devel:3.8 security update

2021-11-09T12:47:54

Description

An update is available for python-more-itertools, pytest, python-psycopg2, python-lxml, python-PyMySQL, python3x-six, python-urllib3, PyYAML, python-attrs, python-jinja2, python-requests, python-atomicwrites, mod_wsgi, python3x-pip, python38, python-asn1crypto, python-chardet, python-markupsafe, python-pluggy, python-py, Cython, python-psutil, python-wcwidth, babel, python-ply, python-wheel, python3x-pyparsing, python-pysocks, python-pycparser, python3x-setuptools, python-cffi, pytz, python-cryptography, scipy, python-idna, numpy, python-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python-psutil: Double free because of refcount mishandling (CVE-2019-18874) * python-jinja2: ReDoS vulnerability in the urlize filter (CVE-2020-28493) * python: Information disclosure via pydoc (CVE-2021-3426) * python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-20095, CVE-2021-42771) * python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (CVE-2021-23336) * python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS (CVE-2021-28957) * python-ipaddress: Improper input validation of octal strings (CVE-2021-29921) * python-urllib3: ReDoS in the parsing of authority part of URL (CVE-2021-33503) * python-pip: Incorrect handling of unicode separators in git references (CVE-2021-3572) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section.

Affected Package

OS	OS Version	Package Name	Package Version
rocky	8.0	rocky linux	Rocky Linux -Rocky Linux

{"id": "RLSA-2021:4162", "vendorId": null, "type": "rocky", "bulletinFamily": "unix", "title": "python38:3.8 and python38-devel:3.8 security update", "description": "An update is available for python-more-itertools, pytest, python-psycopg2, python-lxml, python-PyMySQL, python3x-six, python-urllib3, PyYAML, python-attrs, python-jinja2, python-requests, python-atomicwrites, mod_wsgi, python3x-pip, python38, python-asn1crypto, python-chardet, python-markupsafe, python-pluggy, python-py, Cython, python-psutil, python-wcwidth, babel, python-ply, python-wheel, python3x-pyparsing, python-pysocks, python-pycparser, python3x-setuptools, python-cffi, pytz, python-cryptography, scipy, python-idna, numpy, python-packaging.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list\nPython is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. \n\nSecurity Fix(es):\n\n* python-psutil: Double free because of refcount mishandling (CVE-2019-18874)\n\n* python-jinja2: ReDoS vulnerability in the urlize filter (CVE-2020-28493)\n\n* python: Information disclosure via pydoc (CVE-2021-3426)\n\n* python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-20095, CVE-2021-42771)\n\n* python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (CVE-2021-23336)\n\n* python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS (CVE-2021-28957)\n\n* python-ipaddress: Improper input validation of octal strings (CVE-2021-29921)\n\n* python-urllib3: ReDoS in the parsing of authority part of URL (CVE-2021-33503)\n\n* python-pip: Incorrect handling of unicode separators in git references (CVE-2021-3572)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section.", "published": "2021-11-09T12:47:54", "modified": "2021-11-09T12:47:54", "epss": [{"cve": "CVE-2019-18874", "epss": 0.00191, "percentile": 0.55339, "modified": "2023-06-13"}, {"cve": "CVE-2020-27619", "epss": 0.00639, "percentile": 0.76212, "modified": "2023-06-06"}, {"cve": "CVE-2020-28493", "epss": 0.00151, "percentile": 0.50096, "modified": "2023-06-06"}, {"cve": "CVE-2021-23336", "epss": 0.00144, "percentile": 0.49855, "modified": "2023-09-23"}, {"cve": "CVE-2021-28957", "epss": 0.00241, "percentile": 0.60668, "modified": "2023-05-27"}, {"cve": "CVE-2021-29921", "epss": 0.00609, "percentile": 0.75541, "modified": "2023-05-27"}, {"cve": "CVE-2021-33503", "epss": 0.00221, "percentile": 0.59591, "modified": "2023-09-01"}, {"cve": "CVE-2021-3426", "epss": 0.00061, "percentile": 0.24126, "modified": "2023-05-23"}, {"cve": "CVE-2021-3572", "epss": 0.00057, "percentile": 0.21809, "modified": "2023-05-23"}, {"cve": "CVE-2021-42771", "epss": 0.00064, "percentile": 0.2637, "modified": "2023-05-23"}], "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 7.5}, "severity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://errata.rockylinux.org/RLSA-2021:4162", "reporter": "Rockylinux Product Errata", "references": [], "cvelist": ["CVE-2019-18874", "CVE-2020-27619", "CVE-2020-28493", "CVE-2021-20095", "CVE-2021-23336", "CVE-2021-28957", "CVE-2021-29921", "CVE-2021-33503", "CVE-2021-3426", "CVE-2021-3572", "CVE-2021-42771"], "immutableFields": [], "lastseen": "2023-09-24T06:40:16", "viewCount": 6, "enchantments": {"score": {"value": 8.1, "vector": "NONE"}, "dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2021:1633", "ALSA-2021:4151", "ALSA-2021:4158", "ALSA-2021:4160", "ALSA-2021:4161", "ALSA-2021:4162", "ALSA-2021:4201", "ALSA-2021:4324", "ALSA-2021:4399", "ALSA-2021:4455"]}, {"type": "alpinelinux", "idList": ["ALPINE:CVE-2019-18874", "ALPINE:CVE-2020-28493", "ALPINE:CVE-2021-23336", "ALPINE:CVE-2021-28957", "ALPINE:CVE-2021-29921", "ALPINE:CVE-2021-3426", "ALPINE:CVE-2021-42771"]}, {"type": "altlinux", "idList": ["69FCC7D3741E27576F8891899E5C3887", "AB97101874CBDB952FB76B7D7A40C454", "DFBA4EF54C79890FFE224A6EF14372C8"]}, {"type": "amazon", "idList": ["ALAS-2021-1498", "ALAS-2021-1500", "ALAS-2021-1504", "ALAS-2022-1593", "ALAS-2023-1720", "ALAS2-2021-1640", "ALAS2-2021-1670", "ALAS2-2021-1688", "ALAS2-2022-1742", "ALAS2-2022-1802", "ALAS2-2023-2010"]}, {"type": "archlinux", "idList": ["ASA-202102-19", "ASA-202102-20", "ASA-202102-28", "ASA-202102-37", "ASA-202103-27", "ASA-202105-15", "ASA-202106-25"]}, {"type": "avleonov", "idList": ["AVLEONOV:317FBD7DA93C95993A9FFF38FB04A987"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:1F5D3929DF559E968A272106B5A4B189", "CFOUNDRY:21B35C0D976E5B0E31872BF9E79110BB", "CFOUNDRY:89587F3ED65C323B89E14DDACE9BA27F", "CFOUNDRY:D1800B931E71999DC3B721FFDBB42636"]}, {"type": "cloudlinux", "idList": ["CLSA-2021:1632401716", "CLSA-2021:1633442879"]}, {"type": "cve", "idList": ["CVE-2019-18874", "CVE-2020-27619", "CVE-2020-28476", "CVE-2020-28493", "CVE-2021-20095", "CVE-2021-23336", "CVE-2021-28359", "CVE-2021-28957", "CVE-2021-29921", "CVE-2021-33503", "CVE-2021-3426", "CVE-2021-3572", "CVE-2021-42771"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1998-1:72403", "DEBIAN:DLA-1998-1:AFAA4", "DEBIAN:DLA-2569-1:11737", "DEBIAN:DLA-2569-1:E3354", "DEBIAN:DLA-2606-1:A3B32", "DEBIAN:DLA-2619-1:8192B", "DEBIAN:DLA-2628-1:6F808", "DEBIAN:DLA-2790-1:6682F", "DEBIAN:DLA-3164-1:A25EA", "DEBIAN:DSA-4880-1:0276D", "DEBIAN:DSA-4880-1:E9B9D", "DEBIAN:DSA-5018-1:CB693"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-18874", "DEBIANCVE:CVE-2020-27619", "DEBIANCVE:CVE-2020-28493", "DEBIANCVE:CVE-2021-23336", "DEBIANCVE:CVE-2021-28957", "DEBIANCVE:CVE-2021-29921", "DEBIANCVE:CVE-2021-33503", "DEBIANCVE:CVE-2021-3426", "DEBIANCVE:CVE-2021-3572", "DEBIANCVE:CVE-2021-42771"]}, {"type": "f5", "idList": ["F5:K23456112", "F5:K46604804"]}, {"type": "fedora", "idList": ["FEDORA:0984A3096E68", "FEDORA:180E930E766E", "FEDORA:19CF8305D42F", "FEDORA:279EF30AD439", "FEDORA:27A3A30520EC", "FEDORA:3245830C47E2", "FEDORA:344EE312AD63", "FEDORA:36BF9305D418", "FEDORA:3B93230A9BAA", "FEDORA:3CA1930493B5", "FEDORA:4BEAF309D338", "FEDORA:57F5D30A5969", "FEDORA:59A883072F03", "FEDORA:655EB6042F10", "FEDORA:6ED3730946F6", "FEDORA:71D65309D32B", "FEDORA:764EE30C99A3", "FEDORA:771E031BBAB0", "FEDORA:79CAE30A5759", "FEDORA:83CB5312AD6E", "FEDORA:8657A309BA6B", "FEDORA:8CA7130A6890", "FEDORA:8E873309A61B", "FEDORA:9408B30E7B01", "FEDORA:A8BE83094DF0", "FEDORA:AAF643072F13", "FEDORA:AC1C6304E3A3", "FEDORA:B0DC3307F42B", "FEDORA:B42DC304E39B", "FEDORA:C0A2E30B00AE", "FEDORA:C1819309C5A0", "FEDORA:CA2F130B268C", "FEDORA:CFC09309E7A4", "FEDORA:D1ECA309D9B4", "FEDORA:D47CC30C448C", "FEDORA:DF3DB6123848", "FEDORA:E08683076E52", "FEDORA:E9B1430CC2C0"]}, {"type": "fortinet", "idList": ["FG-IR-22-008"]}, {"type": "freebsd", "idList": ["374793AD-2720-4C4A-B86C-FC4A1780DEAC", "F671C282-95EF-11EB-9C34-080027F515EA"]}, {"type": "gentoo", "idList": ["GLSA-202104-04", "GLSA-202107-19", "GLSA-202107-36", "GLSA-202208-03", "GLSA-202208-06", "GLSA-202305-02"]}, {"type": "github", "idList": ["GHSA-3XXV-P78R-4FC6", "GHSA-5XP3-JFQ3-5Q8X", "GHSA-G3RQ-G295-4J3M", "GHSA-H4M5-QPFP-3MPV", "GHSA-JQ4V-F5Q6-MJQQ", "GHSA-Q2Q7-5PP4-W6PG", "GHSA-QFC5-MCWQ-26Q8"]}, {"type": "githubexploit", "idList": ["0B1484CA-22A0-50C8-9FDE-1E07AD2BBF96", "1713E8B5-FB61-5B95-8337-AC6691ECF711"]}, {"type": "gitlab", "idList": ["GITLAB-2B9F06DA84CB3AA272E072E600CA944E"]}, {"type": "ibm", "idList": ["0B06DFE07E3434F430295CC71DF2D2D5405FDA3C1FC806C0F8B49507D84FD167", "169242E6888352607848258E8D12AEA0F5C908A1E0757CD20B9751B8AE121BAC", "182ABCECEC608BADE96BCE85E39885F9C426570CF16077D455A1277D9CC3649A", "1A8A5E6AC75FF4A1A546DD1431D4E3A224B13E96434DBC2C5C874D7E73D90553", "1B0ED4A3526A4957AFA5966EC1D954AC93826AA8F95F1EF2E8A3A6657E73F691", "1E239D8C4813C8FA705CBB86F01F323B29B73D1086FDF65021C9CB4B0146A272", "28E1A34D8B7AACAE238760E03EC7DC2D0E6A35DCA936AE45B1D6CE580679D06C", "29F555FE0C007641F374A2C889492591D81568655082EAB6C7D0BA3A429C7001", "2CBBC01EA20F67490CBAC1FBC54F752062CF74FF574C30707039FE42DBFD1C37", "2DB6C9FAA0CAC51EA8DC954A05A9A936B56C232A5503AE86749F4C0A4A99EA89", "2E7AE1B4FCF61DA7074EF9FEB76AB3CBCB5D9C697787A4E20F66CC75980CBD5A", "32A552C9D601D5556D9E77A4710C33359E9E59554828DF5DF32E88FA7D8B12FD", "3CF3C789E67BC4BED4E00BAB92CFDEBBACDE7238E903B67252519FD7D01B4413", "4C8CA1383C163507ED1B7874FEE70E6DCE4EDA7CBB08F7BF310F30881A0E0070", "50F054E398D9C2FEC6804DE8873031657002656851BE150871B2800BAA7C2644", "532726FECC3B1D24D191D2502D19E229E8A42F481E2D82243939EB0E63D6C934", "56D5C4D9B33C1F45EC0E3A48B1E1AB84BC4291F8AFD78D9A30A0AC38C27FE216", "5CDB62939BDB1AEB58D3A45D9E041527DD99AB90D539C49AF6D6B260D17BDD64", "5EA911A52931619D9DAB8C1664C2291A4B990D6687B3AD2CCCDF6E3868563D11", "6549F7FB91216E6B5325DB660AF73FDF2D181F5FC1D3D96D412B600D6C349A96", "65575758CE6E879BDCFD17ADB708B2448CDF9C00E078AEFB1967358BF519C078", "667BEE630453498F367E4B78B619E069428C704CC5FA121FA9F4650D4F967603", "700973DB1C0B5FBE751BA9F1B6AF32C7F25F98D790B93A9C9D2DE61EB734BD58", "71B2E5A93BAD65EDC8828AD648152A6133B0A6F1A9CD3EC0D973BAFD3EE16900", "7FAB240CA346743774B3038B1CF28BBF2974EBCA7D39061F9FE7518890E9860D", "97D5F772EC68BDCD260FBB9DFB7A322AAAC657E9360305DF11F9C6A6A40D1B85", "BDFA432EA62E6EFDD1DA5F84B4EE926C27FCF1125443F9D0EC5005B0FEE74C89", "C596338966F1610A28DC01FBB21502CC71651B70DBC8B96D9603EBE432E4D5E6", "C9A62458FFCDA7D13068BA51A14F3364875030AD9E3379B54C1EB8EAA4DD8D49", "D5EE91437C61DB828864546A9877E1F863FE9DDA2D0B0BA7C35A8B9BDD774A7D", "E1C5E861A6D158C86885CB6838A7B1FCA55ABEA2FBC0185590EDB82BF0D81FA8", "EF38988A8ADFAFD600C0AFEBC1A1C334BFCA6536F9015788D929A5A8036B9536", "FFEEC184B6E70C6210AE293D53A3A1B1504EA119812486B8160ACE05A643D9DD"]}, {"type": "mageia", "idList": ["MGASA-2019-0370", "MGASA-2020-0477", "MGASA-2021-0135", "MGASA-2021-0165", "MGASA-2021-0178", "MGASA-2021-0193", "MGASA-2021-0246", "MGASA-2021-0267", "MGASA-2021-0327", "MGASA-2021-0371", "MGASA-2021-0377", "MGASA-2021-0386"]}, {"type": "nessus", "idList": ["AL2_ALAS-2021-1640.NASL", "AL2_ALAS-2021-1670.NASL", "AL2_ALAS-2021-1688.NASL", "AL2_ALAS-2022-1802.NASL", "AL2_ALAS-2023-2010.NASL", "ALA_ALAS-2021-1498.NASL", "ALA_ALAS-2021-1500.NASL", "ALA_ALAS-2021-1504.NASL", "ALA_ALAS-2022-1593.NASL", "ALA_ALAS-2023-1720.NASL", "ALMA_LINUX_ALSA-2021-1633.NASL", "ALMA_LINUX_ALSA-2021-4158.NASL", "ALMA_LINUX_ALSA-2021-4161.NASL", "ALMA_LINUX_ALSA-2021-4201.NASL", "ALMA_LINUX_ALSA-2021-4324.NASL", "ALMA_LINUX_ALSA-2021-4399.NASL", "ALMA_LINUX_ALSA-2021-4455.NASL", "ARUBA_CLEARPASS_POLMAN_6_10_4.NASL", "CENTOS8_RHSA-2021-1633.NASL", "CENTOS8_RHSA-2021-4151.NASL", "CENTOS8_RHSA-2021-4158.NASL", "CENTOS8_RHSA-2021-4160.NASL", "CENTOS8_RHSA-2021-4161.NASL", "CENTOS8_RHSA-2021-4162.NASL", "CENTOS8_RHSA-2021-4201.NASL", "CENTOS8_RHSA-2021-4324.NASL", "CENTOS8_RHSA-2021-4399.NASL", "CENTOS8_RHSA-2021-4455.NASL", "DEBIAN_DLA-1998.NASL", "DEBIAN_DLA-2569.NASL", "DEBIAN_DLA-2606.NASL", "DEBIAN_DLA-2619.NASL", "DEBIAN_DLA-2628.NASL", "DEBIAN_DLA-2790.NASL", "DEBIAN_DLA-3164.NASL", "DEBIAN_DLA-3477.NASL", "DEBIAN_DLA-3575.NASL", "DEBIAN_DSA-4880.NASL", "DEBIAN_DSA-5018.NASL", "EULEROS_SA-2020-2489.NASL", "EULEROS_SA-2020-2502.NASL", "EULEROS_SA-2020-2527.NASL", "EULEROS_SA-2020-2528.NASL", "EULEROS_SA-2021-1114.NASL", "EULEROS_SA-2021-1226.NASL", "EULEROS_SA-2021-1350.NASL", "EULEROS_SA-2021-1512.NASL", "EULEROS_SA-2021-1543.NASL", "EULEROS_SA-2021-1560.NASL", "EULEROS_SA-2021-1623.NASL", "EULEROS_SA-2021-1649.NASL", "EULEROS_SA-2021-1722.NASL", "EULEROS_SA-2021-1747.NASL", "EULEROS_SA-2021-1835.NASL", "EULEROS_SA-2021-1886.NASL", "EULEROS_SA-2021-1911.NASL", "EULEROS_SA-2021-1936.NASL", "EULEROS_SA-2021-1957.NASL", "EULEROS_SA-2021-2007.NASL", "EULEROS_SA-2021-2022.NASL", "EULEROS_SA-2021-2028.NASL", "EULEROS_SA-2021-2096.NASL", "EULEROS_SA-2021-2100.NASL", "EULEROS_SA-2021-2159.NASL", "EULEROS_SA-2021-2182.NASL", "EULEROS_SA-2021-2202.NASL", "EULEROS_SA-2021-2235.NASL", "EULEROS_SA-2021-2261.NASL", "EULEROS_SA-2021-2287.NASL", "EULEROS_SA-2021-2319.NASL", "EULEROS_SA-2021-2353.NASL", "EULEROS_SA-2021-2427.NASL", "EULEROS_SA-2021-2482.NASL", "EULEROS_SA-2021-2483.NASL", "EULEROS_SA-2021-2484.NASL", "EULEROS_SA-2021-2516.NASL", "EULEROS_SA-2021-2517.NASL", "EULEROS_SA-2021-2538.NASL", "EULEROS_SA-2021-2539.NASL", "EULEROS_SA-2021-2562.NASL", "EULEROS_SA-2021-2563.NASL", "EULEROS_SA-2021-2571.NASL", "EULEROS_SA-2021-2609.NASL", "EULEROS_SA-2021-2610.NASL", "EULEROS_SA-2021-2640.NASL", "EULEROS_SA-2021-2693.NASL", "EULEROS_SA-2021-2695.NASL", "EULEROS_SA-2021-2718.NASL", "EULEROS_SA-2021-2720.NASL", "EULEROS_SA-2021-2732.NASL", "EULEROS_SA-2021-2736.NASL", "EULEROS_SA-2021-2755.NASL", "EULEROS_SA-2021-2761.NASL", "EULEROS_SA-2021-2771.NASL", "EULEROS_SA-2021-2788.NASL", "EULEROS_SA-2021-2792.NASL", "EULEROS_SA-2021-2796.NASL", "EULEROS_SA-2021-2830.NASL", "EULEROS_SA-2021-2840.NASL", "EULEROS_SA-2021-2875.NASL", "EULEROS_SA-2021-2877.NASL", "EULEROS_SA-2021-2890.NASL", "EULEROS_SA-2021-2907.NASL", "EULEROS_SA-2022-1091.NASL", "EULEROS_SA-2022-1092.NASL", "EULEROS_SA-2022-1140.NASL", "EULEROS_SA-2022-1141.NASL", "EULEROS_SA-2022-1199.NASL", "EULEROS_SA-2022-1218.NASL", "EULEROS_SA-2022-1367.NASL", "EULEROS_SA-2022-1393.NASL", "EULEROS_SA-2022-2740.NASL", "EULEROS_SA-2022-2775.NASL", "EULEROS_SA-2022-2828.NASL", "EULEROS_SA-2022-2854.NASL", "EULEROS_SA-2023-1152.NASL", "EULEROS_SA-2023-1173.NASL", "EULEROS_SA-2023-1201.NASL", "EULEROS_SA-2023-1231.NASL", "EULEROS_SA-2023-1285.NASL", "EULEROS_SA-2023-1286.NASL", "FEDORA_2020-A06EBAFAD8.NASL", "FEDORA_2021-1BB399A5AF.NASL", "FEDORA_2021-2897F5366C.NASL", "FEDORA_2021-2AB6F060D9.NASL", "FEDORA_2021-2AB8EBCABC.NASL", "FEDORA_2021-309BC2E727.NASL", "FEDORA_2021-3352C1C802.NASL", "FEDORA_2021-7547AD987F.NASL", "FEDORA_2021-7C1BB32D13.NASL", "FEDORA_2021-7D3A9004E2.NASL", "FEDORA_2021-907F3BACAE.NASL", "FEDORA_2021-A311BF10D4.NASL", "FEDORA_2021-B1843407CA.NASL", "FEDORA_2021-B326FCB83F.NASL", "FEDORA_2021-B76EDE8F4D.NASL", "FEDORA_2021-EF83E8525A.NASL", "FEDORA_2021-F4FD9372C7.NASL", "FREEBSD_PKG_374793AD27204C4AB86CFC4A1780DEAC.NASL", "FREEBSD_PKG_F671C28295EF11EB9C34080027F515EA.NASL", "GENTOO_GLSA-202104-04.NASL", "GENTOO_GLSA-202107-19.NASL", "GENTOO_GLSA-202107-36.NASL", "GENTOO_GLSA-202208-03.NASL", "GENTOO_GLSA-202208-06.NASL", "GENTOO_GLSA-202305-02.NASL", "NEWSTART_CGSL_NS-SA-2022-0049_PYTHON3.NASL", "OPENSUSE-2020-2332.NASL", "OPENSUSE-2020-2333.NASL", "OPENSUSE-2021-1598.NASL", "OPENSUSE-2021-2012.NASL", "OPENSUSE-2021-2940.NASL", "OPENSUSE-2021-3945.NASL", "OPENSUSE-2021-4001.NASL", "OPENSUSE-2021-4002.NASL", "OPENSUSE-2021-4104.NASL", "OPENSUSE-2021-435.NASL", "OPENSUSE-2022-0064-1.NASL", "OPENSUSE-2022-0942-1.NASL", "OPENSUSE-2022-1091-1.NASL", "ORACLELINUX_ELSA-2021-1633.NASL", "ORACLELINUX_ELSA-2021-4151.NASL", "ORACLELINUX_ELSA-2021-4160.NASL", "ORACLELINUX_ELSA-2021-4162.NASL", "ORACLELINUX_ELSA-2021-4201.NASL", "ORACLELINUX_ELSA-2021-4324.NASL", "ORACLELINUX_ELSA-2021-4399.NASL", "ORACLELINUX_ELSA-2021-4455.NASL", "ORACLELINUX_ELSA-2021-9562.NASL", "ORACLELINUX_ELSA-2022-9341.NASL", "ORACLELINUX_ELSA-2023-12349.NASL", "ORACLE_RDBMS_CPU_JUL_2021.NASL", "ORACLE_RDBMS_CPU_OCT_2021.NASL", "PHOTONOS_PHSA-2020-1_0-0338_PYTHON3.NASL", "PHOTONOS_PHSA-2020-2_0-0295_PYTHON3.NASL", "PHOTONOS_PHSA-2020-3_0-0161_PYTHON3.NASL", "PHOTONOS_PHSA-2021-2_0-0327_PYTHON3.NASL", "PHOTONOS_PHSA-2021-2_0-0393_PYTHON.NASL", "PHOTONOS_PHSA-2021-3_0-0266_PYTHON.NASL", "PHOTONOS_PHSA-2021-4_0-0007_PYTHON3.NASL", "PHOTONOS_PHSA-2021-4_0-0028_PYTHON3.NASL", "PHOTONOS_PHSA-2021-4_0-0060_PYTHON3.NASL", "PHOTONOS_PHSA-2021-4_0-0072_PYTHON3.NASL", "PHOTONOS_PHSA-2022-3_0-0349_PYTHON3.NASL", "PYTHON_3_10_0A7.NASL", "PYTHON_PYDOC_ID.NBIN", "REDHAT-RHSA-2020-2583.NASL", "REDHAT-RHSA-2020-2593.NASL", "REDHAT-RHSA-2020-2635.NASL", "REDHAT-RHSA-2020-4299.NASL", "REDHAT-RHSA-2021-1313.NASL", "REDHAT-RHSA-2021-1633.NASL", "REDHAT-RHSA-2021-3252.NASL", "REDHAT-RHSA-2021-3254.NASL", "REDHAT-RHSA-2021-4151.NASL", "REDHAT-RHSA-2021-4158.NASL", "REDHAT-RHSA-2021-4160.NASL", "REDHAT-RHSA-2021-4161.NASL", "REDHAT-RHSA-2021-4162.NASL", "REDHAT-RHSA-2021-4201.NASL", "REDHAT-RHSA-2021-4324.NASL", "REDHAT-RHSA-2021-4399.NASL", "REDHAT-RHSA-2021-4455.NASL", "REDHAT-RHSA-2021-4702.NASL", "SUSE_SU-2020-3865-1.NASL", "SUSE_SU-2020-3930-1.NASL", "SUSE_SU-2021-0768-1.NASL", "SUSE_SU-2021-0794-1.NASL", "SUSE_SU-2021-0886-1.NASL", "SUSE_SU-2021-0887-1.NASL", "SUSE_SU-2021-0947-1.NASL", "SUSE_SU-2021-14644-1.NASL", "SUSE_SU-2021-1490-1.NASL", "SUSE_SU-2021-1557-1.NASL", "SUSE_SU-2021-1621-1.NASL", "SUSE_SU-2021-2012-1.NASL", "SUSE_SU-2021-2940-1.NASL", "SUSE_SU-2021-3486-1.NASL", "SUSE_SU-2021-3945-1.NASL", "SUSE_SU-2021-4001-1.NASL", "SUSE_SU-2021-4002-1.NASL", "SUSE_SU-2021-4015-1.NASL", "SUSE_SU-2021-4015-2.NASL", "SUSE_SU-2021-4051-1.NASL", "SUSE_SU-2021-4104-1.NASL", "SUSE_SU-2021-4161-1.NASL", "SUSE_SU-2022-0060-1.NASL", "SUSE_SU-2022-0064-1.NASL", "SUSE_SU-2022-0803-1.NASL", "SUSE_SU-2022-0895-1.NASL", "SUSE_SU-2022-0942-1.NASL", "SUSE_SU-2022-1044-1.NASL", "SUSE_SU-2022-1091-1.NASL", "SUSE_SU-2022-1094-1.NASL", "SUSE_SU-2022-1485-1.NASL", "SUSE_SU-2022-2351-1.NASL", "SUSE_SU-2022-3590-1.NASL", "SUSE_SU-2022-3836-1.NASL", "SUSE_SU-2022-3934-1.NASL", "SUSE_SU-2022-3937-1.NASL", "UBUNTU_USN-4204-1.NASL", "UBUNTU_USN-4742-1.NASL", "UBUNTU_USN-4754-1.NASL", "UBUNTU_USN-4754-3.NASL", "UBUNTU_USN-4896-1.NASL", "UBUNTU_USN-4962-1.NASL", "UBUNTU_USN-4973-1.NASL", "UBUNTU_USN-4973-2.NASL", "UBUNTU_USN-5342-1.NASL", "UBUNTU_USN-5701-1.NASL", "UBUNTU_USN-5812-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310844253", "OPENVAS:1361412562310877527", "OPENVAS:1361412562310877558", "OPENVAS:1361412562310891998"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2021", "ORACLE:CPUAPR2022", "ORACLE:CPUAPR2023", "ORACLE:CPUJAN2022", "ORACLE:CPUJUL2021", "ORACLE:CPUJUL2022", "ORACLE:CPUOCT2021", "ORACLE:CPUOCT2022"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-1633", "ELSA-2021-4151", "ELSA-2021-4160", "ELSA-2021-4162", "ELSA-2021-4201", "ELSA-2021-4324", "ELSA-2021-4399", "ELSA-2021-4455", "ELSA-2021-9562", "ELSA-2022-9341", "ELSA-2023-12349"]}, {"type": "osv", "idList": ["OSV:CVE-2021-28957", "OSV:CVE-2021-29921", "OSV:CVE-2021-3426", "OSV:CVE-2021-42771", "OSV:DLA-1998-1", "OSV:DLA-2569-1", "OSV:DLA-2619-1", "OSV:DLA-2628-1", "OSV:DLA-2790-1", "OSV:DLA-3164-1", "OSV:DLA-3477-1", "OSV:DSA-4880-1", "OSV:DSA-5018-1", "OSV:GHSA-3XXV-P78R-4FC6", "OSV:GHSA-5XP3-JFQ3-5Q8X", "OSV:GHSA-G3RQ-G295-4J3M", "OSV:GHSA-H4M5-QPFP-3MPV", "OSV:GHSA-JQ4V-F5Q6-MJQQ", "OSV:GHSA-Q2Q7-5PP4-W6PG", "OSV:GHSA-QFC5-MCWQ-26Q8", "OSV:PYSEC-2019-41", "OSV:PYSEC-2021-108", "OSV:PYSEC-2021-19", "OSV:PYSEC-2021-4", "OSV:PYSEC-2021-421", "OSV:PYSEC-2021-437", "OSV:PYSEC-2021-66"]}, {"type": "paloalto", "idList": ["PA-CVE-2020-27619"]}, {"type": "photon", "idList": ["PHSA-2020-0161", "PHSA-2020-0338", "PHSA-2020-1.0-0338", "PHSA-2020-2.0-0295", "PHSA-2020-3.0-0161", "PHSA-2021-0007", "PHSA-2021-0028", "PHSA-2021-0060", "PHSA-2021-0072", "PHSA-2021-0123", "PHSA-2021-0204", "PHSA-2021-0266", "PHSA-2021-0327", "PHSA-2021-0442", "PHSA-2021-2.0-0323", "PHSA-2021-2.0-0327", "PHSA-2021-2.0-0393", "PHSA-2021-3.0-0204", "PHSA-2021-3.0-0266", "PHSA-2021-4.0-0007", "PHSA-2021-4.0-0028", "PHSA-2021-4.0-0060", "PHSA-2021-4.0-0072", "PHSA-2021-4.0-0123", "PHSA-2022-0349", "PHSA-2022-0406", "PHSA-2022-3.0-0349", "PHSA-2022-3.0-0406"]}, {"type": "prion", "idList": ["PRION:CVE-2021-23336", "PRION:CVE-2021-28359", "PRION:CVE-2021-28957", "PRION:CVE-2021-29921", "PRION:CVE-2021-33503", "PRION:CVE-2021-3426", "PRION:CVE-2021-3572", "PRION:CVE-2021-42771"]}, {"type": "redhat", "idList": ["RHSA-2020:2583", "RHSA-2020:2593", "RHSA-2020:2635", "RHSA-2020:4254", "RHSA-2020:4255", "RHSA-2020:4299", "RHSA-2020:5249", "RHSA-2021:1313", "RHSA-2021:1633", "RHSA-2021:2121", "RHSA-2021:2136", "RHSA-2021:2461", "RHSA-2021:2479", "RHSA-2021:2532", "RHSA-2021:2543", "RHSA-2021:2920", "RHSA-2021:3119", "RHSA-2021:3252", "RHSA-2021:3254", "RHSA-2021:3473", "RHSA-2021:4032", "RHSA-2021:4151", "RHSA-2021:4158", "RHSA-2021:4160", "RHSA-2021:4161", "RHSA-2021:4162", "RHSA-2021:4201", "RHSA-2021:4324", "RHSA-2021:4399", "RHSA-2021:4455", "RHSA-2021:4627", "RHSA-2021:4702", "RHSA-2021:4845", "RHSA-2021:4914", "RHSA-2021:5038", "RHSA-2021:5127", "RHSA-2021:5128", "RHSA-2021:5129", "RHSA-2021:5137", "RHSA-2022:0202", "RHSA-2022:0318", "RHSA-2022:0580", "RHSA-2022:0842", "RHSA-2022:0856", "RHSA-2022:1396", "RHSA-2022:5069", "RHSA-2022:5070", "RHSA-2022:6429"]}, {"type": "redhatcve", "idList": ["RH:CVE-2019-18874", "RH:CVE-2020-27619", "RH:CVE-2020-28493", "RH:CVE-2021-20095", "RH:CVE-2021-23336", "RH:CVE-2021-28957", "RH:CVE-2021-29921", "RH:CVE-2021-33503", "RH:CVE-2021-3426", "RH:CVE-2021-3572", "RH:CVE-2021-42771"]}, {"type": "redos", "idList": ["ROS-20220125-01", "ROS-20230619-05"]}, {"type": "rocky", "idList": ["RLSA-2021:4151", "RLSA-2021:4158", "RLSA-2021:4160", "RLSA-2021:4161", "RLSA-2021:4201", "RLSA-2021:4324"]}, {"type": "rosalinux", "idList": ["ROSA-SA-2021-1957"]}, {"type": "sonarsource", "idList": ["SONARSOURCE:975650E98377379A199A2570C63A856D"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2020:2332-1", "OPENSUSE-SU-2020:2333-1", "OPENSUSE-SU-2021:0435-1", "OPENSUSE-SU-2021:1553-1", "OPENSUSE-SU-2021:1598-1", "OPENSUSE-SU-2021:2012-1", "OPENSUSE-SU-2021:2940-1", "OPENSUSE-SU-2021:3945-1", "OPENSUSE-SU-2021:4001-1", "OPENSUSE-SU-2021:4002-1", "OPENSUSE-SU-2021:4104-1", "OPENSUSE-SU-2022:0064-1", "OPENSUSE-SU-2022:0803-1", "OPENSUSE-SU-2022:0942-1", "OPENSUSE-SU-2022:1091-1", "SUSE-SU-2022:1485-1", "SUSE-SU-2022:3836-1"]}, {"type": "ubuntu", "idList": ["USN-4204-1", "USN-4742-1", "USN-4754-1", "USN-4754-2", "USN-4754-3", "USN-4754-4", "USN-4754-5", "USN-4896-1", "USN-4896-2", "USN-4961-2", "USN-4962-1", "USN-4973-1", "USN-4973-2", "USN-5342-1", "USN-5342-3", "USN-5701-1", "USN-5812-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-18874", "UB:CVE-2020-27619", "UB:CVE-2020-28493", "UB:CVE-2021-23336", "UB:CVE-2021-28957", "UB:CVE-2021-29921", "UB:CVE-2021-33503", "UB:CVE-2021-33571", "UB:CVE-2021-3426", "UB:CVE-2021-3572", "UB:CVE-2021-42771"]}, {"type": "veracode", "idList": ["VERACODE:21945", "VERACODE:29200", "VERACODE:29449", "VERACODE:29500", "VERACODE:29778", "VERACODE:29916", "VERACODE:30301", "VERACODE:30649", "VERACODE:30782", "VERACODE:32679", "VERACODE:32902"]}]}, "epss": [{"cve": "CVE-2019-18874", "epss": 0.00191, "percentile": 0.55138, "modified": "2023-05-02"}, {"cve": "CVE-2020-27619", "epss": 0.00322, "percentile": 0.66183, "modified": "2023-05-01"}, {"cve": "CVE-2020-28493", "epss": 0.00151, "percentile": 0.49879, "modified": "2023-05-01"}, {"cve": "CVE-2021-23336", "epss": 0.00149, "percentile": 0.49521, "modified": "2023-05-01"}, {"cve": "CVE-2021-28957", "epss": 0.00241, "percentile": 0.60609, "modified": "2023-05-01"}, {"cve": "CVE-2021-29921", "epss": 0.00609, "percentile": 0.75498, "modified": "2023-05-01"}, {"cve": "CVE-2021-33503", "epss": 0.00221, "percentile": 0.58765, "modified": "2023-05-01"}, {"cve": "CVE-2021-3426", "epss": 0.00061, "percentile": 0.24065, "modified": "2023-05-01"}, {"cve": "CVE-2021-3572", "epss": 0.00057, "percentile": 0.21718, "modified": "2023-05-01"}, {"cve": "CVE-2021-42771", "epss": 0.00048, "percentile": 0.14906, "modified": "2023-05-02"}], "vulnersScore": 8.1}, "_state": {"score": 1695537794, "dependencies": 1695537752, "epss": 0}, "_internal": {"score_hash": "ee4590ac2aa42553762620f907a2c34e"}, "vendorCvss": {}, "fixes": ["https://bugzilla.redhat.com/show_bug.cgi?id={'ticket': '1772014', 'sourceBy': 'Red Hat', 'sourceLink': 'https://bugzilla.redhat.com/show_bug.cgi?id=1772014', 'description': ''}", "https://bugzilla.redhat.com/show_bug.cgi?id={'ticket': '1928707', 'sourceBy': 'Red Hat', 'sourceLink': 'https://bugzilla.redhat.com/show_bug.cgi?id=1928707', 'description': ''}", "https://bugzilla.redhat.com/show_bug.cgi?id={'ticket': '1928904', 'sourceBy': 'Red Hat', 'sourceLink': 'https://bugzilla.redhat.com/show_bug.cgi?id=1928904', 'description': ''}", "https://bugzilla.redhat.com/show_bug.cgi?id={'ticket': '1935913', 'sourceBy': 'Red Hat', 'sourceLink': 'https://bugzilla.redhat.com/show_bug.cgi?id=1935913', 'description': ''}", "https://bugzilla.redhat.com/show_bug.cgi?id={'ticket': '1941534', 'sourceBy': 'Red Hat', 'sourceLink': 'https://bugzilla.redhat.com/show_bug.cgi?id=1941534', 'description': ''}", "https://bugzilla.redhat.com/show_bug.cgi?id={'ticket': '1955615', 'sourceBy': 'Red Hat', 'sourceLink': 'https://bugzilla.redhat.com/show_bug.cgi?id=1955615', 'description': ''}", "https://bugzilla.redhat.com/show_bug.cgi?id={'ticket': '1957458', 'sourceBy': 'Red Hat', 'sourceLink': 'https://bugzilla.redhat.com/show_bug.cgi?id=1957458', 'description': ''}", "https://bugzilla.redhat.com/show_bug.cgi?id={'ticket': '1962856', 'sourceBy': 'Red Hat', 'sourceLink': 'https://bugzilla.redhat.com/show_bug.cgi?id=1962856', 'description': ''}", "https://bugzilla.redhat.com/show_bug.cgi?id={'ticket': '1968074', 'sourceBy': 'Red Hat', 'sourceLink': 'https://bugzilla.redhat.com/show_bug.cgi?id=1968074', 'description': ''}"], "affectedPackage": [{"OS": "rocky", "OSVersion": 8.0, "arch": "Rocky Linux 8", "packageVersion": "Rocky Linux -Rocky Linux ", "packageFilename": "Rocky Linux 8", "operator": "lt", "packageName": "rocky linux"}]}

{"redhat": [{"lastseen": "2023-09-10T12:36:24", "description": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. \n\nSecurity Fix(es):\n\n* python-psutil: Double free because of refcount mishandling (CVE-2019-18874)\n\n* python-jinja2: ReDoS vulnerability in the urlize filter (CVE-2020-28493)\n\n* python: Information disclosure via pydoc (CVE-2021-3426)\n\n* python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-20095, CVE-2021-42771)\n\n* python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (CVE-2021-23336)\n\n* python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS (CVE-2021-28957)\n\n* python-ipaddress: Improper input validation of octal strings (CVE-2021-29921)\n\n* python-urllib3: ReDoS in the parsing of authority part of URL (CVE-2021-33503)\n\n* python-pip: Incorrect handling of unicode separators in git references (CVE-2021-3572)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-11-09T12:47:54", "type": "redhat", "title": "(RHSA-2021:4162) Moderate: python38:3.8 and python38-devel:3.8 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-18874", "CVE-2020-27619", "CVE-2020-28493", "CVE-2021-20095", "CVE-2021-23336", "CVE-2021-28957", "CVE-2021-29921", "CVE-2021-33503", "CVE-2021-3426", "CVE-2021-3572", "CVE-2021-42771"], "modified": "2021-12-23T21:18:48", "id": "RHSA-2021:4162", "href": "https://access.redhat.com/errata/RHSA-2021:4162", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-16T15:29:43", "description": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* python: Unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)\n\n* python-jinja2: ReDoS vulnerability in the urlize filter (CVE-2020-28493)\n\n* python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-20095, CVE-2021-42771)\n\n* python-pygments: Infinite loop in SML lexer may lead to DoS (CVE-2021-20270)\n\n* python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (CVE-2021-23336)\n\n* python-pygments: ReDoS in multiple lexers (CVE-2021-27291)\n\n* python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS (CVE-2021-28957)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-11-09T08:24:39", "type": "redhat", "title": "(RHSA-2021:4151) Moderate: python27:2.7 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27619", "CVE-2020-28493", "CVE-2021-20095", "CVE-2021-20270", "CVE-2021-23336", "CVE-2021-27291", "CVE-2021-28957", "CVE-2021-42771"], "modified": "2021-11-09T14:10:37", "id": "RHSA-2021:4151", "href": "https://access.redhat.com/errata/RHSA-2021:4151", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-09-10T12:36:24", "description": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nThe following packages have been upgraded to a later upstream version: rh-python38-python (3.8.11). (BZ#1969523)\n\nSecurity Fix(es):\n\n* python-cryptography: Bleichenbacher timing oracle attack against RSA decryption (CVE-2020-25659)\n\n* python: Unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)\n\n* python-lxml: mXSS due to the use of improper parser (CVE-2020-27783)\n\n* python-jinja2: ReDoS vulnerability due to the sub-pattern (CVE-2020-28493)\n\n* python-cryptography: Large inputs for symmetric encryption can trigger integer overflow leading to buffer overflow (CVE-2020-36242)\n\n* python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c (CVE-2021-3177)\n\n* python: Information disclosure via pydoc (CVE-2021-3426)\n\n* python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-20095)\n\n* python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (CVE-2021-23336)\n\n* python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS (CVE-2021-28957)\n\n* python-ipaddress: Improper input validation of octal strings (CVE-2021-29921)\n\n* python-urllib3: ReDoS in the parsing of authority part of URL (CVE-2021-33503)\n\n* python-pip: Incorrect handling of unicode separators in git references (CVE-2021-3572)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional information\n\n* Changes in the default separator for the Python urllib parsing functions\n\nTo mitigate the Web Cache Poisoning CVE-2021-23336 in the Python urllib library, the default separator for the urllib.parse.parse_qsl and urllib.parse.parse_qs functions is being changed from both ampersand (&) and semicolon (;) to only an ampersand.\n\nThe change of the default separator is potentially backwards incompatible, therefore Red Hat provides a way to configure the behavior in Python packages where the default separator has been changed. In addition, the affected urllib parsing functions issue a warning if they detect that a customer\u2019s application has been affected by the change.\n\nFor more information, see the Knowledgebase article \"Mitigation of Web Cache Poisoning in the Python urllib library (CVE-2021-23336)\" linked from the References section.\n\n* The Python \"ipaddress\" module no longer allows leading zeros in IPv4 addresses\n\nTo mitigate CVE-2021-29921, the Python \"ipaddress\" module now rejects IPv4 addresses with leading zeros with an \"AddressValueError: Leading zeros are not permitted\" error.\n\nCustomers who rely on the previous behavior can pre-process their IPv4 address inputs to strip the leading zeros off. For details, see the Red Hat Software Collections 3.7 Release Notes.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-08-24T07:30:01", "type": "redhat", "title": "(RHSA-2021:3254) Moderate: rh-python38 security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25659", "CVE-2020-27619", "CVE-2020-27783", "CVE-2020-28493", "CVE-2020-36242", "CVE-2021-20095", "CVE-2021-23336", "CVE-2021-28957", "CVE-2021-29921", "CVE-2021-3177", "CVE-2021-33503", "CVE-2021-3426", "CVE-2021-3572", "CVE-2021-3733", "CVE-2021-4189", "CVE-2021-42771", "CVE-2022-0391"], "modified": "2022-03-29T16:16:16", "id": "RHSA-2021:3254", "href": "https://access.redhat.com/errata/RHSA-2021:3254", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-09-10T12:36:24", "description": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* python: Information disclosure via pydoc (CVE-2021-3426)\n\n* python: urllib: Regular expression DoS in AbstractBasicAuthHandler (CVE-2021-3733)\n\n* python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS (CVE-2021-28957)\n\n* python-ipaddress: Improper input validation of octal strings (CVE-2021-29921)\n\n* python-urllib3: ReDoS in the parsing of authority part of URL (CVE-2021-33503)\n\n* python-pip: Incorrect handling of unicode separators in git references (CVE-2021-3572)\n\n* python: urllib: HTTP client possible infinite loop on a 100 Continue response (CVE-2021-3737)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-11-09T08:26:25", "type": "redhat", "title": "(RHSA-2021:4160) Moderate: python39:3.9 and python39-devel:3.9 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28957", "CVE-2021-29921", "CVE-2021-33503", "CVE-2021-3426", "CVE-2021-3572", "CVE-2021-3733", "CVE-2021-3737"], "modified": "2021-11-09T14:12:45", "id": "RHSA-2021:4160", "href": "https://access.redhat.com/errata/RHSA-2021:4160", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-16T15:29:43", "description": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* python: Unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)\n\n* python-jinja2: ReDoS vulnerability due to the sub-pattern (CVE-2020-28493)\n\n* python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c (CVE-2021-3177)\n\n* python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-20095)\n\n* python-pygments: Infinite loop in SML lexer may lead to DoS (CVE-2021-20270)\n\n* python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (CVE-2021-23336)\n\n* python-pygments: ReDoS via crafted malicious input (CVE-2021-27291)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional information\n\n* Changes in the default separator for the Python urllib parsing functions\n\nTo mitigate the Web Cache Poisoning CVE-2021-23336 in the Python urllib library, the default separator for the urllib.parse.parse_qsl and urllib.parse.parse_qs functions is being changed from both ampersand (&) and semicolon (;) to only an ampersand.\n\nThe change of the default separator is potentially backwards incompatible, therefore Red Hat provides a way to configure the behavior in Python packages where the default separator has been changed. In addition, the affected urllib parsing functions issue a warning if they detect that a customer\u2019s application has been affected by the change.\n\nFor more information, see the Knowledgebase article \"Mitigation of Web Cache Poisoning in the Python urllib library (CVE-2021-23336)\" linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-08-24T07:29:51", "type": "redhat", "title": "(RHSA-2021:3252) Moderate: python27 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-27619", "CVE-2020-28493", "CVE-2021-20095", "CVE-2021-20270", "CVE-2021-23336", "CVE-2021-27291", "CVE-2021-3177", "CVE-2021-42771"], "modified": "2021-11-10T21:12:00", "id": "RHSA-2021:3252", "href": "https://access.redhat.com/errata/RHSA-2021:3252", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-25T12:20:41", "description": "Babel provides tools to build and work with gettext message catalogs, and a Python interface to the CLDR (Common Locale Data Repository), providing access to various locale display names, localized number and date formatting, etc.\n\nSecurity Fix(es):\n\n* python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-20095, CVE-2021-42771)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-11-09T08:37:19", "type": "redhat", "title": "(RHSA-2021:4201) Moderate: babel security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20095", "CVE-2021-42771"], "modified": "2021-11-09T14:10:42", "id": "RHSA-2021:4201", "href": "https://access.redhat.com/errata/RHSA-2021:4201", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:29:43", "description": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. \n\nSecurity Fix(es):\n\n* python: CRLF injection via HTTP request method in httplib/http.client (CVE-2020-26116)\n\n* python: Unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)\n\n* python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c (CVE-2021-3177)\n\n* python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (CVE-2021-23336)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-05-18T05:42:46", "type": "redhat", "title": "(RHSA-2021:1633) Moderate: python3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-26116", "CVE-2020-27619", "CVE-2021-23336", "CVE-2021-3177"], "modified": "2021-05-18T11:34:39", "id": "RHSA-2021:1633", "href": "https://access.redhat.com/errata/RHSA-2021:1633", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-04T12:27:59", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* python-psutil: A double free issue has been discovered in python-psutil that may allow a local attacker to get code execution with the privileges of the user running the python-psutil application. (CVE-2019-18874)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-06-22T23:43:17", "type": "redhat", "title": "(RHSA-2020:2583) Moderate: OpenShift Container Platform 4.4.9 python-psutil security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-18874"], "modified": "2020-06-22T23:44:01", "id": "RHSA-2020:2583", "href": "https://access.redhat.com/errata/RHSA-2020:2583", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-08-16T15:29:43", "description": "psutil is a module providing an interface for retrieving information on all running processes and system utilization (CPU, memory, disks, network, users) in a portable way by using Python.\n\nSecurity Fix(es):\n\n* python-psutil: double free because of refcount mishandling (CVE-2019-18874)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-11-09T09:01:04", "type": "redhat", "title": "(RHSA-2021:4324) Moderate: python-psutil security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-18874"], "modified": "2021-11-09T14:12:29", "id": "RHSA-2021:4324", "href": "https://access.redhat.com/errata/RHSA-2021:4324", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-08-16T15:29:43", "description": "The python-jinja2 package contains Jinja2, a template engine written in pure Python. Jinja2 provides a Django inspired non-XML syntax but supports inline expressions and an optional sandboxed environment. \n\nSecurity Fix(es):\n\n* python-jinja2: ReDoS vulnerability due to the sub-pattern (CVE-2020-28493)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-11-09T08:26:43", "type": "redhat", "title": "(RHSA-2021:4161) Moderate: python-jinja2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28493"], "modified": "2021-11-09T14:11:52", "id": "RHSA-2021:4161", "href": "https://access.redhat.com/errata/RHSA-2021:4161", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-08-04T12:27:59", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* python-psutil: double free because of refcount mishandling (CVE-2019-18874)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-06-23T19:26:29", "type": "redhat", "title": "(RHSA-2020:2635) Moderate: OpenShift Container Platform 4.3.26 python-psutil security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-18874"], "modified": "2020-06-23T19:29:52", "id": "RHSA-2020:2635", "href": "https://access.redhat.com/errata/RHSA-2020:2635", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-08-04T12:27:59", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* python-psutil: double free because of refcount mishandling (CVE-2019-18874)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-07-01T15:50:50", "type": "redhat", "title": "(RHSA-2020:2593) Moderate: OpenShift Container Platform 4.2.36 python-psutil security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-18874"], "modified": "2020-07-01T15:57:04", "id": "RHSA-2020:2593", "href": "https://access.redhat.com/errata/RHSA-2020:2593", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-05-27T14:34:16", "description": "lxml is an XML processing library providing access to libxml2 and libxslt libraries using the Python ElementTree API. \n\nSecurity Fix(es):\n\n* python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS (CVE-2021-28957)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-11-09T08:26:20", "type": "redhat", "title": "(RHSA-2021:4158) Moderate: python-lxml security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28957"], "modified": "2021-11-09T14:11:39", "id": "RHSA-2021:4158", "href": "https://access.redhat.com/errata/RHSA-2021:4158", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "nessus": [{"lastseen": "2023-05-18T15:35:39", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4162 advisory.\n\n - python-psutil: Double free because of refcount mishandling (CVE-2019-18874)\n\n - python: Unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)\n\n - python-jinja2: ReDoS vulnerability in the urlize filter (CVE-2020-28493)\n\n - CVE-2021-42771 python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-20095)\n\n - python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (CVE-2021-23336)\n\n - python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS (CVE-2021-28957)\n\n - python-ipaddress: Improper input validation of octal strings (CVE-2021-29921)\n\n - python-urllib3: ReDoS in the parsing of authority part of URL (CVE-2021-33503)\n\n - python: Information disclosure via pydoc (CVE-2021-3426)\n\n - python-pip: Incorrect handling of unicode separators in git references (CVE-2021-3572)\n\n - CVE-2021-20095 python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-42771)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-11T00:00:00", "type": "nessus", "title": "CentOS 8 : python38:3.8 and python38-devel:3.8 (CESA-2021:4162)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-18874", "CVE-2020-27619", "CVE-2020-28493", "CVE-2021-20095", "CVE-2021-23336", "CVE-2021-28957", "CVE-2021-29921", "CVE-2021-33503", "CVE-2021-3426", "CVE-2021-3572", "CVE-2021-42771"], "modified": "2023-02-08T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:python38", "p-cpe:/a:centos:centos:python38-cython", "p-cpe:/a:centos:centos:python38-pymysql", "p-cpe:/a:centos:centos:python38-asn1crypto", "p-cpe:/a:centos:centos:python38-atomicwrites", "p-cpe:/a:centos:centos:python38-attrs", "p-cpe:/a:centos:centos:python38-babel", "p-cpe:/a:centos:centos:python38-cffi", "p-cpe:/a:centos:centos:python38-chardet", "p-cpe:/a:centos:centos:python38-cryptography", "p-cpe:/a:centos:centos:python38-debug", "p-cpe:/a:centos:centos:python38-devel", "p-cpe:/a:centos:centos:python38-idle", "p-cpe:/a:centos:centos:python38-idna", "p-cpe:/a:centos:centos:python38-jinja2", "p-cpe:/a:centos:centos:python38-libs", "p-cpe:/a:centos:centos:python38-lxml", "p-cpe:/a:centos:centos:python38-markupsafe", "p-cpe:/a:centos:centos:python38-mod_wsgi", "p-cpe:/a:centos:centos:python38-more-itertools", "p-cpe:/a:centos:centos:python38-numpy", "p-cpe:/a:centos:centos:python38-numpy-doc", "p-cpe:/a:centos:centos:python38-numpy-f2py", "p-cpe:/a:centos:centos:python38-packaging", "p-cpe:/a:centos:centos:python38-pip", "p-cpe:/a:centos:centos:python38-pip-wheel", "p-cpe:/a:centos:centos:python38-pluggy", "p-cpe:/a:centos:centos:python38-ply", "p-cpe:/a:centos:centos:python38-psutil", "p-cpe:/a:centos:centos:python38-psycopg2", "p-cpe:/a:centos:centos:python38-psycopg2-doc", "p-cpe:/a:centos:centos:python38-psycopg2-tests", "p-cpe:/a:centos:centos:python38-py", "p-cpe:/a:centos:centos:python38-pycparser", "p-cpe:/a:centos:centos:python38-pyparsing", "p-cpe:/a:centos:centos:python38-pysocks", "p-cpe:/a:centos:centos:python38-pytest", "p-cpe:/a:centos:centos:python38-pytz", "p-cpe:/a:centos:centos:python38-pyyaml", "p-cpe:/a:centos:centos:python38-requests", "p-cpe:/a:centos:centos:python38-rpm-macros", "p-cpe:/a:centos:centos:python38-scipy", "p-cpe:/a:centos:centos:python38-setuptools", "p-cpe:/a:centos:centos:python38-setuptools-wheel", "p-cpe:/a:centos:centos:python38-six", "p-cpe:/a:centos:centos:python38-test", "p-cpe:/a:centos:centos:python38-tkinter", "p-cpe:/a:centos:centos:python38-urllib3", "p-cpe:/a:centos:centos:python38-wcwidth", "p-cpe:/a:centos:centos:python38-wheel", "p-cpe:/a:centos:centos:python38-wheel-wheel"], "id": "CENTOS8_RHSA-2021-4162.NASL", "href": "https://www.tenable.com/plugins/nessus/155064", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2021:4162. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155064);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/08\");\n\n script_cve_id(\n \"CVE-2019-18874\",\n \"CVE-2020-28493\",\n \"CVE-2021-3426\",\n \"CVE-2021-3572\",\n \"CVE-2021-20095\",\n \"CVE-2021-23336\",\n \"CVE-2021-28957\",\n \"CVE-2021-29921\",\n \"CVE-2021-33503\",\n \"CVE-2021-42771\"\n );\n script_xref(name:\"RHSA\", value:\"2021:4162\");\n script_xref(name:\"IAVA\", value:\"2021-A-0263-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0052-S\");\n\n script_name(english:\"CentOS 8 : python38:3.8 and python38-devel:3.8 (CESA-2021:4162)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2021:4162 advisory.\n\n - python-psutil: Double free because of refcount mishandling (CVE-2019-18874)\n\n - python: Unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)\n\n - python-jinja2: ReDoS vulnerability in the urlize filter (CVE-2020-28493)\n\n - CVE-2021-42771 python-babel: Relative path traversal allows attacker to load arbitrary locale files and\n execute arbitrary code (CVE-2021-20095)\n\n - python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in\n query parameters (CVE-2021-23336)\n\n - python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS (CVE-2021-28957)\n\n - python-ipaddress: Improper input validation of octal strings (CVE-2021-29921)\n\n - python-urllib3: ReDoS in the parsing of authority part of URL (CVE-2021-33503)\n\n - python: Information disclosure via pydoc (CVE-2021-3426)\n\n - python-pip: Incorrect handling of unicode separators in git references (CVE-2021-3572)\n\n - CVE-2021-20095 python-babel: Relative path traversal allows attacker to load arbitrary locale files and\n execute arbitrary code (CVE-2021-42771)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:4162\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29921\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-Cython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-PyMySQL\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-asn1crypto\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-atomicwrites\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-attrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-babel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-cffi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-chardet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-cryptography\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-idle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-idna\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-jinja2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-lxml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-markupsafe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-mod_wsgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-more-itertools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-numpy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-numpy-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-numpy-f2py\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-packaging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-pip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-pip-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-pluggy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-ply\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-psutil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-psycopg2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-psycopg2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-psycopg2-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-py\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-pycparser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-pyparsing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-pysocks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-pytest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-pytz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-pyyaml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-requests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-rpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-scipy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-setuptools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-setuptools-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-six\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-wcwidth\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python38-wheel-wheel\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/CentOS/release');\nif (isnull(os_release) || 'CentOS' >!< os_release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< os_release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/python38-devel');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module python38-devel:3.8');\nif ('3.8' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module python38-devel:' + module_ver);\n\nvar appstreams = {\n 'python38-devel:3.8': [\n {'reference':'python38-3.8.8-4.module_el8.5.0+896+eb9e77ba', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-3.8.8-4.module_el8.5.0+896+eb9e77ba', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-asn1crypto-1.2.0-3.module_el8.4.0+647+0ba99ce8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-asn1crypto-1.2.0-3.module_el8.4.0+647+0ba99ce8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-atomicwrites-1.3.0-8.module_el8.4.0+647+0ba99ce8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-atomicwrites-1.3.0-8.module_el8.4.0+647+0ba99ce8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-attrs-19.3.0-3.module_el8.4.0+647+0ba99ce8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-attrs-19.3.0-3.module_el8.4.0+647+0ba99ce8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-babel-2.7.0-11.module_el8.5.0+773+083016c5', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-babel-2.7.0-11.module_el8.5.0+773+083016c5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-cffi-1.13.2-3.module_el8.4.0+647+0ba99ce8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-cffi-1.13.2-3.module_el8.4.0+647+0ba99ce8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-chardet-3.0.4-19.module_el8.4.0+665+abc3a503', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-chardet-3.0.4-19.module_el8.4.0+665+abc3a503', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-cryptography-2.8-3.module_el8.4.0+647+0ba99ce8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-cryptography-2.8-3.module_el8.4.0+647+0ba99ce8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-Cython-0.29.14-4.module_el8.4.0+647+0ba99ce8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-Cython-0.29.14-4.module_el8.4.0+647+0ba99ce8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-debug-3.8.8-4.module_el8.5.0+896+eb9e77ba', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-debug-3.8.8-4.module_el8.5.0+896+eb9e77ba', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-devel-3.8.8-4.module_el8.5.0+896+eb9e77ba', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-devel-3.8.8-4.module_el8.5.0+896+eb9e77ba', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-idle-3.8.8-4.module_el8.5.0+896+eb9e77ba', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-idle-3.8.8-4.module_el8.5.0+896+eb9e77ba', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-idna-2.8-6.module_el8.4.0+647+0ba99ce8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-idna-2.8-6.module_el8.4.0+647+0ba99ce8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-jinja2-2.10.3-5.module_el8.5.0+742+dbad1979', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-jinja2-2.10.3-5.module_el8.5.0+742+dbad1979', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-libs-3.8.8-4.module_el8.5.0+896+eb9e77ba', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-libs-3.8.8-4.module_el8.5.0+896+eb9e77ba', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-lxml-4.4.1-6.module_el8.5.0+742+dbad1979', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-lxml-4.4.1-6.module_el8.5.0+742+dbad1979', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-markupsafe-1.1.1-6.module_el8.4.0+647+0ba99ce8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-markupsafe-1.1.1-6.module_el8.4.0+647+0ba99ce8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-mod_wsgi-4.6.8-3.module_el8.4.0+647+0ba99ce8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-mod_wsgi-4.6.8-3.module_el8.4.0+647+0ba99ce8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-more-itertools-7.2.0-5.module_el8.4.0+647+0ba99ce8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-more-itertools-7.2.0-5.module_el8.4.0+647+0ba99ce8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-numpy-1.17.3-6.module_el8.5.0+896+eb9e77ba', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-numpy-1.17.3-6.module_el8.5.0+896+eb9e77ba', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-numpy-doc-1.17.3-6.module_el8.5.0+896+eb9e77ba', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-numpy-doc-1.17.3-6.module_el8.5.0+896+eb9e77ba', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-numpy-f2py-1.17.3-6.module_el8.5.0+896+eb9e77ba', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-numpy-f2py-1.17.3-6.module_el8.5.0+896+eb9e77ba', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-packaging-19.2-3.module_el8.4.0+647+0ba99ce8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-packaging-19.2-3.module_el8.4.0+647+0ba99ce8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pip-19.3.1-4.module_el8.5.0+896+eb9e77ba', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pip-19.3.1-4.module_el8.5.0+896+eb9e77ba', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pip-wheel-19.3.1-4.module_el8.5.0+896+eb9e77ba', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pip-wheel-19.3.1-4.module_el8.5.0+896+eb9e77ba', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pluggy-0.13.0-3.module_el8.4.0+647+0ba99ce8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pluggy-0.13.0-3.module_el8.4.0+647+0ba99ce8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-ply-3.11-10.module_el8.4.0+665+abc3a503', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-ply-3.11-10.module_el8.4.0+665+abc3a503', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-psutil-5.6.4-4.module_el8.5.0+871+689c57c1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-psutil-5.6.4-4.module_el8.5.0+871+689c57c1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-psycopg2-2.8.4-4.module_el8.4.0+647+0ba99ce8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-psycopg2-2.8.4-4.module_el8.4.0+647+0ba99ce8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-psycopg2-doc-2.8.4-4.module_el8.4.0+647+0ba99ce8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-psycopg2-doc-2.8.4-4.module_el8.4.0+647+0ba99ce8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-psycopg2-tests-2.8.4-4.module_el8.4.0+647+0ba99ce8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-psycopg2-tests-2.8.4-4.module_el8.4.0+647+0ba99ce8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-py-1.8.0-8.module_el8.4.0+647+0ba99ce8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-py-1.8.0-8.module_el8.4.0+647+0ba99ce8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pycparser-2.19-3.module_el8.4.0+647+0ba99ce8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pycparser-2.19-3.module_el8.4.0+647+0ba99ce8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-PyMySQL-0.10.1-1.module_el8.4.0+677+b84873a2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-PyMySQL-0.10.1-1.module_el8.4.0+677+b84873a2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pyparsing-2.4.5-3.module_el8.4.0+647+0ba99ce8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pyparsing-2.4.5-3.module_el8.4.0+647+0ba99ce8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pysocks-1.7.1-4.module_el8.4.0+665+abc3a503', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pysocks-1.7.1-4.module_el8.4.0+665+abc3a503', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pytest-4.6.6-3.module_el8.4.0+647+0ba99ce8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pytest-4.6.6-3.module_el8.4.0+647+0ba99ce8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pytz-2019.3-3.module_el8.4.0+647+0ba99ce8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pytz-2019.3-3.module_el8.4.0+647+0ba99ce8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pyyaml-5.4.1-1.module_el8.5.0+758+421c7348', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pyyaml-5.4.1-1.module_el8.5.0+758+421c7348', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-requests-2.22.0-9.module_el8.4.0+647+0ba99ce8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-requests-2.22.0-9.module_el8.4.0+647+0ba99ce8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-rpm-macros-3.8.8-4.module_el8.5.0+896+eb9e77ba', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-rpm-macros-3.8.8-4.module_el8.5.0+896+eb9e77ba', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-scipy-1.3.1-4.module_el8.4.0+647+0ba99ce8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-scipy-1.3.1-4.module_el8.4.0+647+0ba99ce8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-setuptools-41.6.0-5.module_el8.5.0+896+eb9e77ba', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-setuptools-41.6.0-5.module_el8.5.0+896+eb9e77ba', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-setuptools-wheel-41.6.0-5.module_el8.5.0+896+eb9e77ba', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-setuptools-wheel-41.6.0-5.module_el8.5.0+896+eb9e77ba', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-six-1.12.0-10.module_el8.4.0+647+0ba99ce8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-six-1.12.0-10.module_el8.4.0+647+0ba99ce8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-test-3.8.8-4.module_el8.5.0+896+eb9e77ba', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-test-3.8.8-4.module_el8.5.0+896+eb9e77ba', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-tkinter-3.8.8-4.module_el8.5.0+896+eb9e77ba', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-tkinter-3.8.8-4.module_el8.5.0+896+eb9e77ba', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-urllib3-1.25.7-5.module_el8.5.0+855+e844d92d', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-urllib3-1.25.7-5.module_el8.5.0+855+e844d92d', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-wcwidth-0.1.7-16.module_el8.4.0+647+0ba99ce8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-wcwidth-0.1.7-16.module_el8.4.0+647+0ba99ce8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-wheel-0.33.6-6.module_el8.5.0+896+eb9e77ba', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-wheel-0.33.6-6.module_el8.5.0+896+eb9e77ba', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-wheel-wheel-0.33.6-6.module_el8.5.0+896+eb9e77ba', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-wheel-wheel-0.33.6-6.module_el8.5.0+896+eb9e77ba', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n};\n\nvar flag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && _release) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module python38-devel:3.8');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python38 / python38-Cython / python38-PyMySQL / python38-asn1crypto / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:25:55", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4162 advisory.\n\n - python-psutil: Double free because of refcount mishandling (CVE-2019-18874)\n\n - python: Unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)\n\n - python-jinja2: ReDoS vulnerability in the urlize filter (CVE-2020-28493)\n\n - CVE-2021-42771 python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-20095)\n\n - python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (CVE-2021-23336)\n\n - python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS (CVE-2021-28957)\n\n - python-ipaddress: Improper input validation of octal strings (CVE-2021-29921)\n\n - python-urllib3: ReDoS in the parsing of authority part of URL (CVE-2021-33503)\n\n - python: Information disclosure via pydoc (CVE-2021-3426)\n\n - python-pip: Incorrect handling of unicode separators in git references (CVE-2021-3572)\n\n - CVE-2021-20095 python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-42771)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-11T00:00:00", "type": "nessus", "title": "RHEL 8 : python38:3.8 and python38-devel:3.8 (RHSA-2021:4162)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-18874", "CVE-2020-27619", "CVE-2020-28493", "CVE-2021-20095", "CVE-2021-23336", "CVE-2021-28957", "CVE-2021-29921", "CVE-2021-33503", "CVE-2021-3426", "CVE-2021-3572", "CVE-2021-42771"], "modified": "2023-05-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:python38-psycopg2", "p-cpe:/a:redhat:enterprise_linux:python38-psycopg2-doc", "p-cpe:/a:redhat:enterprise_linux:python38-psycopg2-tests", "p-cpe:/a:redhat:enterprise_linux:python38-py", "p-cpe:/a:redhat:enterprise_linux:python38-pycparser", "p-cpe:/a:redhat:enterprise_linux:python38-pyparsing", "p-cpe:/a:redhat:enterprise_linux:python38-pysocks", "p-cpe:/a:redhat:enterprise_linux:python38-pytest", "p-cpe:/a:redhat:enterprise_linux:python38-pytz", "p-cpe:/a:redhat:enterprise_linux:python38-pyyaml", "p-cpe:/a:redhat:enterprise_linux:python38-requests", "p-cpe:/a:redhat:enterprise_linux:python38-rpm-macros", "p-cpe:/a:redhat:enterprise_linux:python38-scipy", "p-cpe:/a:redhat:enterprise_linux:python38-setuptools", "p-cpe:/a:redhat:enterprise_linux:python38-setuptools-wheel", "p-cpe:/a:redhat:enterprise_linux:python38-six", "p-cpe:/a:redhat:enterprise_linux:python38-test", "p-cpe:/a:redhat:enterprise_linux:python38-tkinter", "p-cpe:/a:redhat:enterprise_linux:python38-urllib3", "p-cpe:/a:redhat:enterprise_linux:python38-wcwidth", "p-cpe:/a:redhat:enterprise_linux:python38-wheel", "p-cpe:/a:redhat:enterprise_linux:python38-wheel-wheel", "cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:python38", "p-cpe:/a:redhat:enterprise_linux:python38-cython", "p-cpe:/a:redhat:enterprise_linux:python38-pymysql", "p-cpe:/a:redhat:enterprise_linux:python38-asn1crypto", "p-cpe:/a:redhat:enterprise_linux:python38-atomicwrites", "p-cpe:/a:redhat:enterprise_linux:python38-attrs", "p-cpe:/a:redhat:enterprise_linux:python38-babel", "p-cpe:/a:redhat:enterprise_linux:python38-cffi", "p-cpe:/a:redhat:enterprise_linux:python38-chardet", "p-cpe:/a:redhat:enterprise_linux:python38-cryptography", "p-cpe:/a:redhat:enterprise_linux:python38-debug", "p-cpe:/a:redhat:enterprise_linux:python38-devel", "p-cpe:/a:redhat:enterprise_linux:python38-idle", "p-cpe:/a:redhat:enterprise_linux:python38-idna", "p-cpe:/a:redhat:enterprise_linux:python38-jinja2", "p-cpe:/a:redhat:enterprise_linux:python38-libs", "p-cpe:/a:redhat:enterprise_linux:python38-lxml", "p-cpe:/a:redhat:enterprise_linux:python38-markupsafe", "p-cpe:/a:redhat:enterprise_linux:python38-mod_wsgi", "p-cpe:/a:redhat:enterprise_linux:python38-more-itertools", "p-cpe:/a:redhat:enterprise_linux:python38-numpy", "p-cpe:/a:redhat:enterprise_linux:python38-numpy-doc", "p-cpe:/a:redhat:enterprise_linux:python38-numpy-f2py", "p-cpe:/a:redhat:enterprise_linux:python38-packaging", "p-cpe:/a:redhat:enterprise_linux:python38-pip", "p-cpe:/a:redhat:enterprise_linux:python38-pip-wheel", "p-cpe:/a:redhat:enterprise_linux:python38-pluggy", "p-cpe:/a:redhat:enterprise_linux:python38-ply", "p-cpe:/a:redhat:enterprise_linux:python38-psutil"], "id": "REDHAT-RHSA-2021-4162.NASL", "href": "https://www.tenable.com/plugins/nessus/155193", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:4162. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155193);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2019-18874\",\n \"CVE-2020-27619\",\n \"CVE-2020-28493\",\n \"CVE-2021-3426\",\n \"CVE-2021-3572\",\n \"CVE-2021-20095\",\n \"CVE-2021-23336\",\n \"CVE-2021-28957\",\n \"CVE-2021-29921\",\n \"CVE-2021-33503\",\n \"CVE-2021-42771\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0052-S\");\n script_xref(name:\"RHSA\", value:\"2021:4162\");\n script_xref(name:\"IAVA\", value:\"2021-A-0263-S\");\n\n script_name(english:\"RHEL 8 : python38:3.8 and python38-devel:3.8 (RHSA-2021:4162)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:4162 advisory.\n\n - python-psutil: Double free because of refcount mishandling (CVE-2019-18874)\n\n - python: Unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)\n\n - python-jinja2: ReDoS vulnerability in the urlize filter (CVE-2020-28493)\n\n - CVE-2021-42771 python-babel: Relative path traversal allows attacker to load arbitrary locale files and\n execute arbitrary code (CVE-2021-20095)\n\n - python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in\n query parameters (CVE-2021-23336)\n\n - python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS (CVE-2021-28957)\n\n - python-ipaddress: Improper input validation of octal strings (CVE-2021-29921)\n\n - python-urllib3: ReDoS in the parsing of authority part of URL (CVE-2021-33503)\n\n - python: Information disclosure via pydoc (CVE-2021-3426)\n\n - python-pip: Incorrect handling of unicode separators in git references (CVE-2021-3572)\n\n - CVE-2021-20095 python-babel: Relative path traversal allows attacker to load arbitrary locale files and\n execute arbitrary code (CVE-2021-42771)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-18874\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-27619\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-28493\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3426\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3572\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-20095\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23336\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-28957\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-29921\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-33503\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-42771\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:4162\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1772014\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1889886\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1928707\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1928904\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1935913\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1941534\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1955615\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1957458\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1962856\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1968074\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29921\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 22, 79, 95, 200, 400, 416, 444, 835);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-Cython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-PyMySQL\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-asn1crypto\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-atomicwrites\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-attrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-babel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-cffi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-chardet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-cryptography\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-idle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-idna\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-jinja2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-lxml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-markupsafe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-mod_wsgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-more-itertools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-numpy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-numpy-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-numpy-f2py\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-packaging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-pip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-pip-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-pluggy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-ply\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-psutil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-psycopg2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-psycopg2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-psycopg2-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-py\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-pycparser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-pyparsing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-pysocks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-pytest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-pytz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-pyyaml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-requests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-rpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-scipy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-setuptools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-setuptools-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-six\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-wcwidth\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python38-wheel-wheel\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar appstreams = {\n 'python38:3.8': [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/appstream/debug',\n 'content/eus/rhel8/8.6/s390x/appstream/os',\n 'content/eus/rhel8/8.6/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/baseos/debug',\n 'content/eus/rhel8/8.6/s390x/baseos/os',\n 'content/eus/rhel8/8.6/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/highavailability/debug',\n 'content/eus/rhel8/8.6/s390x/highavailability/os',\n 'content/eus/rhel8/8.6/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/sap/debug',\n 'content/eus/rhel8/8.6/s390x/sap/os',\n 'content/eus/rhel8/8.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/supplementary/debug',\n 'content/eus/rhel8/8.6/s390x/supplementary/os',\n 'content/eus/rhel8/8.6/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'python38-3.8.8-4.module+el8.5.0+12205+a865257a', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-asn1crypto-1.2.0-3.module+el8.4.0+8888+89bc7e79', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-babel-2.7.0-11.module+el8.5.0+11015+9c1c7c42', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-cffi-1.13.2-3.module+el8.4.0+8888+89bc7e79', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-chardet-3.0.4-19.module+el8.4.0+8888+89bc7e79', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-cryptography-2.8-3.module+el8.4.0+8888+89bc7e79', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-Cython-0.29.14-4.module+el8.4.0+8888+89bc7e79', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-debug-3.8.8-4.module+el8.5.0+12205+a865257a', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-devel-3.8.8-4.module+el8.5.0+12205+a865257a', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-idle-3.8.8-4.module+el8.5.0+12205+a865257a', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-idna-2.8-6.module+el8.4.0+8888+89bc7e79', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-jinja2-2.10.3-5.module+el8.5.0+10542+ba057329', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-libs-3.8.8-4.module+el8.5.0+12205+a865257a', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-lxml-4.4.1-6.module+el8.5.0+10542+ba057329', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-markupsafe-1.1.1-6.module+el8.4.0+8888+89bc7e79', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-mod_wsgi-4.6.8-3.module+el8.4.0+8888+89bc7e79', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-numpy-1.17.3-6.module+el8.5.0+12205+a865257a', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-numpy-doc-1.17.3-6.module+el8.5.0+12205+a865257a', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-numpy-f2py-1.17.3-6.module+el8.5.0+12205+a865257a', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pip-19.3.1-4.module+el8.5.0+12205+a865257a', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pip-wheel-19.3.1-4.module+el8.5.0+12205+a865257a', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-ply-3.11-10.module+el8.4.0+9579+e9717e18', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-psutil-5.6.4-4.module+el8.5.0+12031+10ce4870', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-psycopg2-2.8.4-4.module+el8.4.0+8888+89bc7e79', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-psycopg2-doc-2.8.4-4.module+el8.4.0+8888+89bc7e79', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-psycopg2-tests-2.8.4-4.module+el8.4.0+8888+89bc7e79', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pycparser-2.19-3.module+el8.4.0+8888+89bc7e79', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-PyMySQL-0.10.1-1.module+el8.4.0+9692+8e86ab84', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pysocks-1.7.1-4.module+el8.4.0+8888+89bc7e79', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pytz-2019.3-3.module+el8.4.0+8888+89bc7e79', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pyyaml-5.4.1-1.module+el8.5.0+10721+14d8e0d5', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-requests-2.22.0-9.module+el8.4.0+8888+89bc7e79', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-rpm-macros-3.8.8-4.module+el8.5.0+12205+a865257a', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-scipy-1.3.1-4.module+el8.4.0+8888+89bc7e79', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-setuptools-41.6.0-5.module+el8.5.0+12205+a865257a', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-setuptools-wheel-41.6.0-5.module+el8.5.0+12205+a865257a', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-six-1.12.0-10.module+el8.4.0+8888+89bc7e79', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-test-3.8.8-4.module+el8.5.0+12205+a865257a', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-tkinter-3.8.8-4.module+el8.5.0+12205+a865257a', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-urllib3-1.25.7-5.module+el8.5.0+11639+ea5b349d', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-wheel-0.33.6-6.module+el8.5.0+12205+a865257a', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-wheel-wheel-0.33.6-6.module+el8.5.0+12205+a865257a', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'python38-3.8.8-4.module+el8.5.0+12205+a865257a', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-asn1crypto-1.2.0-3.module+el8.4.0+8888+89bc7e79', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-babel-2.7.0-11.module+el8.5.0+11015+9c1c7c42', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-cffi-1.13.2-3.module+el8.4.0+8888+89bc7e79', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-chardet-3.0.4-19.module+el8.4.0+8888+89bc7e79', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-cryptography-2.8-3.module+el8.4.0+8888+89bc7e79', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-Cython-0.29.14-4.module+el8.4.0+8888+89bc7e79', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-debug-3.8.8-4.module+el8.5.0+12205+a865257a', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-devel-3.8.8-4.module+el8.5.0+12205+a865257a', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-idle-3.8.8-4.module+el8.5.0+12205+a865257a', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-idna-2.8-6.module+el8.4.0+8888+89bc7e79', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-jinja2-2.10.3-5.module+el8.5.0+10542+ba057329', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-libs-3.8.8-4.module+el8.5.0+12205+a865257a', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-lxml-4.4.1-6.module+el8.5.0+10542+ba057329', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-markupsafe-1.1.1-6.module+el8.4.0+8888+89bc7e79', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-mod_wsgi-4.6.8-3.module+el8.4.0+8888+89bc7e79', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-numpy-1.17.3-6.module+el8.5.0+12205+a865257a', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-numpy-doc-1.17.3-6.module+el8.5.0+12205+a865257a', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-numpy-f2py-1.17.3-6.module+el8.5.0+12205+a865257a', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pip-19.3.1-4.module+el8.5.0+12205+a865257a', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pip-wheel-19.3.1-4.module+el8.5.0+12205+a865257a', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-ply-3.11-10.module+el8.4.0+9579+e9717e18', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-psutil-5.6.4-4.module+el8.5.0+12031+10ce4870', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-psycopg2-2.8.4-4.module+el8.4.0+8888+89bc7e79', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-psycopg2-doc-2.8.4-4.module+el8.4.0+8888+89bc7e79', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-psycopg2-tests-2.8.4-4.module+el8.4.0+8888+89bc7e79', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pycparser-2.19-3.module+el8.4.0+8888+89bc7e79', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-PyMySQL-0.10.1-1.module+el8.4.0+9692+8e86ab84', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pysocks-1.7.1-4.module+el8.4.0+8888+89bc7e79', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pytz-2019.3-3.module+el8.4.0+8888+89bc7e79', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pyyaml-5.4.1-1.module+el8.5.0+10721+14d8e0d5', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-requests-2.22.0-9.module+el8.4.0+8888+89bc7e79', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-rpm-macros-3.8.8-4.module+el8.5.0+12205+a865257a', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-scipy-1.3.1-4.module+el8.4.0+8888+89bc7e79', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-setuptools-41.6.0-5.module+el8.5.0+12205+a865257a', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-setuptools-wheel-41.6.0-5.module+el8.5.0+12205+a865257a', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-six-1.12.0-10.module+el8.4.0+8888+89bc7e79', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-test-3.8.8-4.module+el8.5.0+12205+a865257a', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-tkinter-3.8.8-4.module+el8.5.0+12205+a865257a', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-urllib3-1.25.7-5.module+el8.5.0+11639+ea5b349d', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-wheel-0.33.6-6.module+el8.5.0+12205+a865257a', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-wheel-wheel-0.33.6-6.module+el8.5.0+12205+a865257a', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n ],\n 'python38-devel:3.8': [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/appstream/debug',\n 'content/eus/rhel8/8.6/s390x/appstream/os',\n 'content/eus/rhel8/8.6/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/baseos/debug',\n 'content/eus/rhel8/8.6/s390x/baseos/os',\n 'content/eus/rhel8/8.6/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/highavailability/debug',\n 'content/eus/rhel8/8.6/s390x/highavailability/os',\n 'content/eus/rhel8/8.6/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/sap/debug',\n 'content/eus/rhel8/8.6/s390x/sap/os',\n 'content/eus/rhel8/8.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/supplementary/debug',\n 'content/eus/rhel8/8.6/s390x/supplementary/os',\n 'content/eus/rhel8/8.6/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'python38-atomicwrites-1.3.0-8.module+el8.4.0+8888+89bc7e79', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-attrs-19.3.0-3.module+el8.4.0+8888+89bc7e79', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-more-itertools-7.2.0-5.module+el8.4.0+8888+89bc7e79', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-packaging-19.2-3.module+el8.4.0+8888+89bc7e79', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pluggy-0.13.0-3.module+el8.4.0+8888+89bc7e79', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-py-1.8.0-8.module+el8.4.0+8888+89bc7e79', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pyparsing-2.4.5-3.module+el8.4.0+8888+89bc7e79', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pytest-4.6.6-3.module+el8.4.0+8888+89bc7e79', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-wcwidth-0.1.7-16.module+el8.4.0+8888+89bc7e79', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'python38-atomicwrites-1.3.0-8.module+el8.4.0+8888+89bc7e79', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-attrs-19.3.0-3.module+el8.4.0+8888+89bc7e79', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-more-itertools-7.2.0-5.module+el8.4.0+8888+89bc7e79', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-packaging-19.2-3.module+el8.4.0+8888+89bc7e79', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pluggy-0.13.0-3.module+el8.4.0+8888+89bc7e79', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-py-1.8.0-8.module+el8.4.0+8888+89bc7e79', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pyparsing-2.4.5-3.module+el8.4.0+8888+89bc7e79', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pytest-4.6.6-3.module+el8.4.0+8888+89bc7e79', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-wcwidth-0.1.7-16.module+el8.4.0+8888+89bc7e79', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n ]\n};\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:appstreams, appstreams:TRUE);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var module_array ( appstreams[module] ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(module_array['repo_relative_urls'])) repo_relative_urls = module_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var package_array ( module_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp']) && !enterprise_linux_flag) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module python38-devel:3.8 / python38:3.8');\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python38 / python38-Cython / python38-PyMySQL / python38-asn1crypto / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:36:14", "description": "The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-4162 advisory.\n\n - The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter. (CVE-2021-23336)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none. (CVE-2021-20095)\n\n - psutil (aka python-psutil) through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object. (CVE-2019-18874)\n\n - Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing serialized Python objects) via directory traversal, leading to code execution. (CVE-2021-42771)\n\n - A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issue to install a different revision on a repository. The highest threat from this vulnerability is to data integrity. This is fixed in python-pip version 21.1. (CVE-2021-3572)\n\n - This affects the package jinja2 from 0.0.0 and before 2.11.3. The ReDoS vulnerability is mainly due to the `_punctuation_re regex` operator and its use of multiple wildcards. The last wildcard is the most exploitable as it searches for trailing punctuation. This issue can be mitigated by Markdown to format user content instead of the urlize filter, or by implementing request timeouts and limiting process memory. (CVE-2020-28493)\n\n - An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safe_attrs_only and forms arguments, the Cleaner class does not remove the formaction attribute allowing for JS to bypass the sanitizer. A remote attacker could exploit this flaw to run arbitrary JS code on users who interact with incorrectly sanitized HTML. This issue is patched in lxml 4.6.3.\n (CVE-2021-28957)\n\n - In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This (in some situations) allows attackers to bypass access control that is based on IP addresses. (CVE-2021-29921)\n\n - There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to access. The highest risk of this flaw is to data confidentiality. This flaw affects Python versions before 3.8.9, Python versions before 3.9.3 and Python versions before 3.10.0a7. (CVE-2021-3426)\n\n - An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component, the authority regular expression exhibits catastrophic backtracking, causing a denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect.\n (CVE-2021-33503)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-12-10T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : python38:3.8 / and / python38-devel:3.8 (ELSA-2021-4162)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-18874", "CVE-2020-28493", "CVE-2021-20095", "CVE-2021-23336", "CVE-2021-28957", "CVE-2021-29921", "CVE-2021-33503", "CVE-2021-3426", "CVE-2021-3572", "CVE-2021-42771"], "modified": "2022-01-26T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:python38", "p-cpe:/a:oracle:linux:python38-cython", "p-cpe:/a:oracle:linux:python38-pymysql", "p-cpe:/a:oracle:linux:python38-asn1crypto", "p-cpe:/a:oracle:linux:python38-atomicwrites", "p-cpe:/a:oracle:linux:python38-attrs", "p-cpe:/a:oracle:linux:python38-babel", "p-cpe:/a:oracle:linux:python38-cffi", "p-cpe:/a:oracle:linux:python38-chardet", "p-cpe:/a:oracle:linux:python38-cryptography", "p-cpe:/a:oracle:linux:python38-debug", "p-cpe:/a:oracle:linux:python38-devel", "p-cpe:/a:oracle:linux:python38-idle", "p-cpe:/a:oracle:linux:python38-idna", "p-cpe:/a:oracle:linux:python38-jinja2", "p-cpe:/a:oracle:linux:python38-libs", "p-cpe:/a:oracle:linux:python38-lxml", "p-cpe:/a:oracle:linux:python38-markupsafe", "p-cpe:/a:oracle:linux:python38-mod_wsgi", "p-cpe:/a:oracle:linux:python38-more-itertools", "p-cpe:/a:oracle:linux:python38-numpy", "p-cpe:/a:oracle:linux:python38-numpy-doc", "p-cpe:/a:oracle:linux:python38-numpy-f2py", "p-cpe:/a:oracle:linux:python38-packaging", "p-cpe:/a:oracle:linux:python38-pip", "p-cpe:/a:oracle:linux:python38-pip-wheel", "p-cpe:/a:oracle:linux:python38-pluggy", "p-cpe:/a:oracle:linux:python38-ply", "p-cpe:/a:oracle:linux:python38-psutil", "p-cpe:/a:oracle:linux:python38-psycopg2", "p-cpe:/a:oracle:linux:python38-psycopg2-doc", "p-cpe:/a:oracle:linux:python38-psycopg2-tests", "p-cpe:/a:oracle:linux:python38-py", "p-cpe:/a:oracle:linux:python38-pycparser", "p-cpe:/a:oracle:linux:python38-pyparsing", "p-cpe:/a:oracle:linux:python38-pysocks", "p-cpe:/a:oracle:linux:python38-pytest", "p-cpe:/a:oracle:linux:python38-pytz", "p-cpe:/a:oracle:linux:python38-pyyaml", "p-cpe:/a:oracle:linux:python38-requests", "p-cpe:/a:oracle:linux:python38-rpm-macros", "p-cpe:/a:oracle:linux:python38-scipy", "p-cpe:/a:oracle:linux:python38-setuptools", "p-cpe:/a:oracle:linux:python38-setuptools-wheel", "p-cpe:/a:oracle:linux:python38-six", "p-cpe:/a:oracle:linux:python38-test", "p-cpe:/a:oracle:linux:python38-tkinter", "p-cpe:/a:oracle:linux:python38-urllib3", "p-cpe:/a:oracle:linux:python38-wcwidth", "p-cpe:/a:oracle:linux:python38-wheel", "p-cpe:/a:oracle:linux:python38-wheel-wheel", "cpe:/o:oracle:linux:8"], "id": "ORACLELINUX_ELSA-2021-4162.NASL", "href": "https://www.tenable.com/plugins/nessus/155969", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2021-4162.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155969);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\n \"CVE-2019-18874\",\n \"CVE-2020-28493\",\n \"CVE-2021-3426\",\n \"CVE-2021-3572\",\n \"CVE-2021-20095\",\n \"CVE-2021-23336\",\n \"CVE-2021-28957\",\n \"CVE-2021-29921\",\n \"CVE-2021-33503\",\n \"CVE-2021-42771\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0263-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0052-S\");\n\n script_name(english:\"Oracle Linux 8 : python38:3.8 / and / python38-devel:3.8 (ELSA-2021-4162)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2021-4162 advisory.\n\n - The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before\n 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and\n urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query\n parameters using a semicolon (;), they can cause a difference in the interpretation of the request between\n the proxy (running with default configuration) and the server. This can result in malicious requests being\n cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and\n therefore would not include it in a cache key of an unkeyed parameter. (CVE-2021-23336)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by\n its CNA. Notes: none. (CVE-2021-20095)\n\n - psutil (aka python-psutil) through 5.6.5 can have a double free. This occurs because of refcount\n mishandling within a while or for loop that converts system data into a Python object. (CVE-2019-18874)\n\n - Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing\n serialized Python objects) via directory traversal, leading to code execution. (CVE-2021-42771)\n\n - A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote\n attacker could possibly use this issue to install a different revision on a repository. The highest threat\n from this vulnerability is to data integrity. This is fixed in python-pip version 21.1. (CVE-2021-3572)\n\n - This affects the package jinja2 from 0.0.0 and before 2.11.3. The ReDoS vulnerability is mainly due to the\n `_punctuation_re regex` operator and its use of multiple wildcards. The last wildcard is the most\n exploitable as it searches for trailing punctuation. This issue can be mitigated by Markdown to format\n user content instead of the urlize filter, or by implementing request timeouts and limiting process\n memory. (CVE-2020-28493)\n\n - An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling\n the safe_attrs_only and forms arguments, the Cleaner class does not remove the formaction attribute\n allowing for JS to bypass the sanitizer. A remote attacker could exploit this flaw to run arbitrary JS\n code on users who interact with incorrectly sanitized HTML. This issue is patched in lxml 4.6.3.\n (CVE-2021-28957)\n\n - In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP\n address string. This (in some situations) allows attackers to bypass access control that is based on IP\n addresses. (CVE-2021-29921)\n\n - There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince\n another local or adjacent user to start a pydoc server could access the server and use it to disclose\n sensitive information belonging to the other user that they would not normally be able to access. The\n highest risk of this flaw is to data confidentiality. This flaw affects Python versions before 3.8.9,\n Python versions before 3.9.3 and Python versions before 3.10.0a7. (CVE-2021-3426)\n\n - An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in\n the authority component, the authority regular expression exhibits catastrophic backtracking, causing a\n denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect.\n (CVE-2021-33503)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2021-4162.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29921\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-Cython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-PyMySQL\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-asn1crypto\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-atomicwrites\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-attrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-babel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-cffi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-chardet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-cryptography\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-idle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-idna\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-jinja2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-lxml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-markupsafe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-mod_wsgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-more-itertools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-numpy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-numpy-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-numpy-f2py\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-packaging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-pip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-pip-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-pluggy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-ply\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-psutil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-psycopg2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-psycopg2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-psycopg2-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-py\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-pycparser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-pyparsing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-pysocks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-pytest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-pytz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-pyyaml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-requests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-rpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-scipy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-setuptools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-setuptools-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-six\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-wcwidth\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python38-wheel-wheel\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/python38');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module python38:3.8');\nif ('3.8' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module python38:' + module_ver);\n\nvar appstreams = {\n 'python38:3.8': [\n {'reference':'python38-3.8.8-4.module+el8.5.0+20371+4f24d723', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-3.8.8-4.module+el8.5.0+20371+4f24d723', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-asn1crypto-1.2.0-3.module+el8.4.0+20068+32a535e2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-atomicwrites-1.3.0-8.module+el8.2.0+5579+085cd3bd', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-attrs-19.3.0-3.module+el8.2.0+5579+085cd3bd', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-babel-2.7.0-11.module+el8.5.0+20371+4f24d723', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-cffi-1.13.2-3.module+el8.4.0+20068+32a535e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-cffi-1.13.2-3.module+el8.4.0+20068+32a535e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-chardet-3.0.4-19.module+el8.4.0+20068+32a535e2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-cryptography-2.8-3.module+el8.4.0+20068+32a535e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-cryptography-2.8-3.module+el8.4.0+20068+32a535e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-Cython-0.29.14-4.module+el8.4.0+20068+32a535e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-Cython-0.29.14-4.module+el8.4.0+20068+32a535e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-debug-3.8.8-4.module+el8.5.0+20371+4f24d723', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-debug-3.8.8-4.module+el8.5.0+20371+4f24d723', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-devel-3.8.8-4.module+el8.5.0+20371+4f24d723', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-devel-3.8.8-4.module+el8.5.0+20371+4f24d723', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-idle-3.8.8-4.module+el8.5.0+20371+4f24d723', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-idle-3.8.8-4.module+el8.5.0+20371+4f24d723', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-idna-2.8-6.module+el8.4.0+20068+32a535e2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-jinja2-2.10.3-5.module+el8.5.0+20371+4f24d723', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-libs-3.8.8-4.module+el8.5.0+20371+4f24d723', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-libs-3.8.8-4.module+el8.5.0+20371+4f24d723', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-lxml-4.4.1-6.module+el8.5.0+20371+4f24d723', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-lxml-4.4.1-6.module+el8.5.0+20371+4f24d723', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-markupsafe-1.1.1-6.module+el8.4.0+20068+32a535e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-markupsafe-1.1.1-6.module+el8.4.0+20068+32a535e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-mod_wsgi-4.6.8-3.module+el8.4.0+20068+32a535e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-mod_wsgi-4.6.8-3.module+el8.4.0+20068+32a535e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-more-itertools-7.2.0-5.module+el8.2.0+5579+085cd3bd', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-numpy-1.17.3-6.module+el8.5.0+20371+4f24d723', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-numpy-1.17.3-6.module+el8.5.0+20371+4f24d723', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-numpy-doc-1.17.3-6.module+el8.5.0+20371+4f24d723', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-numpy-f2py-1.17.3-6.module+el8.5.0+20371+4f24d723', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-numpy-f2py-1.17.3-6.module+el8.5.0+20371+4f24d723', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-packaging-19.2-3.module+el8.2.0+5579+085cd3bd', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pip-19.3.1-4.module+el8.5.0+20371+4f24d723', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pip-wheel-19.3.1-4.module+el8.5.0+20371+4f24d723', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pluggy-0.13.0-3.module+el8.2.0+5579+085cd3bd', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-ply-3.11-10.module+el8.4.0+20068+32a535e2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-psutil-5.6.4-4.module+el8.5.0+20371+4f24d723', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-psutil-5.6.4-4.module+el8.5.0+20371+4f24d723', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-psycopg2-2.8.4-4.module+el8.4.0+20068+32a535e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-psycopg2-2.8.4-4.module+el8.4.0+20068+32a535e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-psycopg2-doc-2.8.4-4.module+el8.4.0+20068+32a535e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-psycopg2-doc-2.8.4-4.module+el8.4.0+20068+32a535e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-psycopg2-tests-2.8.4-4.module+el8.4.0+20068+32a535e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-psycopg2-tests-2.8.4-4.module+el8.4.0+20068+32a535e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-py-1.8.0-8.module+el8.2.0+5579+085cd3bd', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pycparser-2.19-3.module+el8.4.0+20068+32a535e2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-PyMySQL-0.10.1-1.module+el8.4.0+20068+32a535e2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pyparsing-2.4.5-3.module+el8.2.0+5579+085cd3bd', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pysocks-1.7.1-4.module+el8.4.0+20068+32a535e2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pytest-4.6.6-3.module+el8.2.0+5579+085cd3bd', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pytz-2019.3-3.module+el8.4.0+20068+32a535e2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pyyaml-5.4.1-1.module+el8.5.0+20371+4f24d723', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-pyyaml-5.4.1-1.module+el8.5.0+20371+4f24d723', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-requests-2.22.0-9.module+el8.4.0+20068+32a535e2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-rpm-macros-3.8.8-4.module+el8.5.0+20371+4f24d723', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-scipy-1.3.1-4.module+el8.4.0+20068+32a535e2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-scipy-1.3.1-4.module+el8.4.0+20068+32a535e2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-setuptools-41.6.0-5.module+el8.5.0+20371+4f24d723', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-setuptools-wheel-41.6.0-5.module+el8.5.0+20371+4f24d723', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-six-1.12.0-10.module+el8.4.0+20068+32a535e2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-test-3.8.8-4.module+el8.5.0+20371+4f24d723', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-test-3.8.8-4.module+el8.5.0+20371+4f24d723', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-tkinter-3.8.8-4.module+el8.5.0+20371+4f24d723', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-tkinter-3.8.8-4.module+el8.5.0+20371+4f24d723', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-urllib3-1.25.7-5.module+el8.5.0+20371+4f24d723', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-wcwidth-0.1.7-16.module+el8.2.0+5579+085cd3bd', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-wheel-0.33.6-6.module+el8.5.0+20371+4f24d723', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python38-wheel-wheel-0.33.6-6.module+el8.5.0+20371+4f24d723', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n};\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var package_array ( appstreams[module] ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module python38:3.8');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python38 / python38-Cython / python38-PyMySQL / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:35:39", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4151 advisory.\n\n - python: Unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)\n\n - python-jinja2: ReDoS vulnerability in the urlize filter (CVE-2020-28493)\n\n - CVE-2021-42771 python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-20095)\n\n - python-pygments: Infinite loop in SML lexer may lead to DoS (CVE-2021-20270)\n\n - python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (CVE-2021-23336)\n\n - python-pygments: ReDoS in multiple lexers (CVE-2021-27291)\n\n - python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS (CVE-2021-28957)\n\n - CVE-2021-20095 python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-42771)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-11T00:00:00", "type": "nessus", "title": "CentOS 8 : python27:2.7 (CESA-2021:4151)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-27619", "CVE-2020-28493", "CVE-2021-20095", "CVE-2021-20270", "CVE-2021-23336", "CVE-2021-27291", "CVE-2021-28957", "CVE-2021-42771"], "modified": "2022-01-26T00:00:00", "cpe": ["cpe:/o:centos:centos:8-stream", "p-cpe:/a:centos:centos:babel", "p-cpe:/a:centos:centos:python-nose-docs", "p-cpe:/a:centos:centos:python-psycopg2-doc", "p-cpe:/a:centos:centos:python-sqlalchemy-doc", "p-cpe:/a:centos:centos:python2", "p-cpe:/a:centos:centos:python2-cython", "p-cpe:/a:centos:centos:python2-pymysql", "p-cpe:/a:centos:centos:python2-attrs", "p-cpe:/a:centos:centos:python2-babel", "p-cpe:/a:centos:centos:python2-backports", "p-cpe:/a:centos:centos:python2-backports-ssl_match_hostname", "p-cpe:/a:centos:centos:python2-bson", "p-cpe:/a:centos:centos:python2-chardet", "p-cpe:/a:centos:centos:python2-coverage", "p-cpe:/a:centos:centos:python2-debug", "p-cpe:/a:centos:centos:python2-devel", "p-cpe:/a:centos:centos:python2-dns", "p-cpe:/a:centos:centos:python2-docs", "p-cpe:/a:centos:centos:python2-docs-info", "p-cpe:/a:centos:centos:python2-docutils", "p-cpe:/a:centos:centos:python2-funcsigs", "p-cpe:/a:centos:centos:python2-idna", "p-cpe:/a:centos:centos:python2-ipaddress", "p-cpe:/a:centos:centos:python2-jinja2", "p-cpe:/a:centos:centos:python2-libs", "p-cpe:/a:centos:centos:python2-lxml", "p-cpe:/a:centos:centos:python2-markupsafe", "p-cpe:/a:centos:centos:python2-mock", "p-cpe:/a:centos:centos:python2-nose", "p-cpe:/a:centos:centos:python2-numpy", "p-cpe:/a:centos:centos:python2-numpy-doc", "p-cpe:/a:centos:centos:python2-numpy-f2py", "p-cpe:/a:centos:centos:python2-pip", "p-cpe:/a:centos:centos:python2-pip-wheel", "p-cpe:/a:centos:centos:python2-pluggy", "p-cpe:/a:centos:centos:python2-psycopg2", "p-cpe:/a:centos:centos:python2-psycopg2-debug", "p-cpe:/a:centos:centos:python2-psycopg2-tests", "p-cpe:/a:centos:centos:python2-py", "p-cpe:/a:centos:centos:python2-pygments", "p-cpe:/a:centos:centos:python2-pymongo", "p-cpe:/a:centos:centos:python2-pymongo-gridfs", "p-cpe:/a:centos:centos:python2-pysocks", "p-cpe:/a:centos:centos:python2-pytest", "p-cpe:/a:centos:centos:python2-pytest-mock", "p-cpe:/a:centos:centos:python2-pytz", "p-cpe:/a:centos:centos:python2-pyyaml", "p-cpe:/a:centos:centos:python2-requests", "p-cpe:/a:centos:centos:python2-rpm-macros", "p-cpe:/a:centos:centos:python2-scipy", "p-cpe:/a:centos:centos:python2-setuptools", "p-cpe:/a:centos:centos:python2-setuptools-wheel", "p-cpe:/a:centos:centos:python2-setuptools_scm", "p-cpe:/a:centos:centos:python2-six", "p-cpe:/a:centos:centos:python2-sqlalchemy", "p-cpe:/a:centos:centos:python2-test", "p-cpe:/a:centos:centos:python2-tkinter", "p-cpe:/a:centos:centos:python2-tools", "p-cpe:/a:centos:centos:python2-urllib3", "p-cpe:/a:centos:centos:python2-virtualenv", "p-cpe:/a:centos:centos:python2-wheel", "p-cpe:/a:centos:centos:python2-wheel-wheel"], "id": "CENTOS8_RHSA-2021-4151.NASL", "href": "https://www.tenable.com/plugins/nessus/155049", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2021:4151. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155049);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\n \"CVE-2020-27619\",\n \"CVE-2020-28493\",\n \"CVE-2021-20095\",\n \"CVE-2021-20270\",\n \"CVE-2021-23336\",\n \"CVE-2021-27291\",\n \"CVE-2021-28957\",\n \"CVE-2021-42771\"\n );\n script_xref(name:\"RHSA\", value:\"2021:4151\");\n script_xref(name:\"IAVA\", value:\"2021-A-0263-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0052-S\");\n\n script_name(english:\"CentOS 8 : python27:2.7 (CESA-2021:4151)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2021:4151 advisory.\n\n - python: Unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)\n\n - python-jinja2: ReDoS vulnerability in the urlize filter (CVE-2020-28493)\n\n - CVE-2021-42771 python-babel: Relative path traversal allows attacker to load arbitrary locale files and\n execute arbitrary code (CVE-2021-20095)\n\n - python-pygments: Infinite loop in SML lexer may lead to DoS (CVE-2021-20270)\n\n - python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in\n query parameters (CVE-2021-23336)\n\n - python-pygments: ReDoS in multiple lexers (CVE-2021-27291)\n\n - python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS (CVE-2021-28957)\n\n - CVE-2021-20095 python-babel: Relative path traversal allows attacker to load arbitrary locale files and\n execute arbitrary code (CVE-2021-42771)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:4151\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27619\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8-stream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:babel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-nose-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-psycopg2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-sqlalchemy-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-Cython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-PyMySQL\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-attrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-babel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-backports\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-backports-ssl_match_hostname\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-bson\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-chardet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-coverage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-dns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-docs-info\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-docutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-funcsigs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-idna\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-ipaddress\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-jinja2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-lxml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-markupsafe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-mock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-nose\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-numpy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-numpy-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-numpy-f2py\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-pip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-pip-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-pluggy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-psycopg2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-psycopg2-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-psycopg2-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-py\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-pygments\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-pymongo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-pymongo-gridfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-pysocks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-pytest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-pytest-mock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-pytz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-pyyaml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-requests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-rpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-scipy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-setuptools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-setuptools-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-setuptools_scm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-six\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-sqlalchemy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-virtualenv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python2-wheel-wheel\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nvar os_ver = os_ver[1];\nif ('CentOS Stream' >!< release) audit(AUDIT_OS_NOT, 'CentOS 8-Stream');\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar pkgs = [\n {'reference':'babel-2.5.1-10.module_el8.5.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'babel-2.5.1-10.module_el8.5.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-nose-docs-1.3.7-31.module_el8.5.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-nose-docs-1.3.7-31.module_el8.5.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-psycopg2-doc-2.7.5-7.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-psycopg2-doc-2.7.5-7.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-sqlalchemy-doc-1.3.2-2.module_el8.3.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-sqlalchemy-doc-1.3.2-2.module_el8.3.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-2.7.18-7.module_el8.5.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-2.7.18-7.module_el8.5.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-attrs-17.4.0-10.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-attrs-17.4.0-10.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-babel-2.5.1-10.module_el8.5.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-babel-2.5.1-10.module_el8.5.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-backports-1.0-16.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-backports-1.0-16.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-backports-ssl_match_hostname-3.5.0.1-12.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-backports-ssl_match_hostname-3.5.0.1-12.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-bson-3.7.0-1.module_el8.5.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-bson-3.7.0-1.module_el8.5.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-chardet-3.0.4-10.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-chardet-3.0.4-10.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-coverage-4.5.1-4.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-coverage-4.5.1-4.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-Cython-0.28.1-7.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-Cython-0.28.1-7.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-debug-2.7.18-7.module_el8.5.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-debug-2.7.18-7.module_el8.5.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-devel-2.7.18-7.module_el8.5.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-devel-2.7.18-7.module_el8.5.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-dns-1.15.0-10.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-dns-1.15.0-10.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-docs-2.7.16-2.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-docs-2.7.16-2.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-docs-info-2.7.16-2.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-docs-info-2.7.16-2.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-docutils-0.14-12.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-docutils-0.14-12.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-funcsigs-1.0.2-13.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-funcsigs-1.0.2-13.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-idna-2.5-7.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-idna-2.5-7.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-ipaddress-1.0.18-6.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-ipaddress-1.0.18-6.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-jinja2-2.10-9.module_el8.5.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-jinja2-2.10-9.module_el8.5.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-libs-2.7.18-7.module_el8.5.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-libs-2.7.18-7.module_el8.5.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-lxml-4.2.3-5.module_el8.5.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-lxml-4.2.3-5.module_el8.5.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-markupsafe-0.23-19.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-markupsafe-0.23-19.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-mock-2.0.0-13.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-mock-2.0.0-13.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-nose-1.3.7-31.module_el8.5.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-nose-1.3.7-31.module_el8.5.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-numpy-1.14.2-16.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-numpy-1.14.2-16.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-numpy-doc-1.14.2-16.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-numpy-doc-1.14.2-16.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-numpy-f2py-1.14.2-16.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-numpy-f2py-1.14.2-16.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pip-9.0.3-18.module_el8.3.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pip-9.0.3-18.module_el8.3.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pip-wheel-9.0.3-18.module_el8.3.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pip-wheel-9.0.3-18.module_el8.3.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pluggy-0.6.0-8.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pluggy-0.6.0-8.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-psycopg2-2.7.5-7.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-psycopg2-2.7.5-7.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-psycopg2-debug-2.7.5-7.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-psycopg2-debug-2.7.5-7.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-psycopg2-tests-2.7.5-7.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-psycopg2-tests-2.7.5-7.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-py-1.5.3-6.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-py-1.5.3-6.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pygments-2.2.0-22.module_el8.5.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pygments-2.2.0-22.module_el8.5.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pymongo-3.7.0-1.module_el8.5.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pymongo-3.7.0-1.module_el8.5.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pymongo-gridfs-3.7.0-1.module_el8.5.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pymongo-gridfs-3.7.0-1.module_el8.5.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-PyMySQL-0.8.0-10.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-PyMySQL-0.8.0-10.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pysocks-1.6.8-6.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pysocks-1.6.8-6.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pytest-3.4.2-13.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pytest-3.4.2-13.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pytest-mock-1.9.0-4.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pytest-mock-1.9.0-4.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pytz-2017.2-12.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pytz-2017.2-12.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pyyaml-3.12-16.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pyyaml-3.12-16.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-requests-2.20.0-3.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-requests-2.20.0-3.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-rpm-macros-3-38.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-rpm-macros-3-38.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-scipy-1.0.0-21.module_el8.5.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-scipy-1.0.0-21.module_el8.5.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-setuptools-39.0.1-13.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-setuptools-39.0.1-13.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-setuptools-wheel-39.0.1-13.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-setuptools-wheel-39.0.1-13.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-setuptools_scm-1.15.7-6.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-setuptools_scm-1.15.7-6.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-six-1.11.0-6.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-six-1.11.0-6.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-sqlalchemy-1.3.2-2.module_el8.3.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-sqlalchemy-1.3.2-2.module_el8.3.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-test-2.7.18-7.module_el8.5.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-test-2.7.18-7.module_el8.5.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-tkinter-2.7.18-7.module_el8.5.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-tkinter-2.7.18-7.module_el8.5.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-tools-2.7.18-7.module_el8.5.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-tools-2.7.18-7.module_el8.5.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-urllib3-1.24.2-3.module_el8.4.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-urllib3-1.24.2-3.module_el8.4.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-virtualenv-15.1.0-21.module_el8.5.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-virtualenv-15.1.0-21.module_el8.5.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-wheel-0.31.1-3.module_el8.5.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python2-wheel-0.31.1-3.module_el8.5.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python2-wheel-wheel-0.31.1-3.module_el8.5.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python2-wheel-wheel-0.31.1-3.module_el8.5.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'babel / python-nose-docs / python-psycopg2-doc / python-sqlalchemy-doc / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:26:28", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4151 advisory.\n\n - python: Unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)\n\n - python-jinja2: ReDoS vulnerability in the urlize filter (CVE-2020-28493)\n\n - CVE-2021-42771 python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-20095)\n\n - python-pygments: Infinite loop in SML lexer may lead to DoS (CVE-2021-20270)\n\n - python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (CVE-2021-23336)\n\n - python-pygments: ReDoS in multiple lexers (CVE-2021-27291)\n\n - python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS (CVE-2021-28957)\n\n - CVE-2021-20095 python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-42771)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-11T00:00:00", "type": "nessus", "title": "RHEL 8 : python27:2.7 (RHSA-2021:4151)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-27619", "CVE-2020-28493", "CVE-2021-20095", "CVE-2021-20270", "CVE-2021-23336", "CVE-2021-27291", "CVE-2021-28957", "CVE-2021-42771"], "modified": "2023-05-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:python2-test", "p-cpe:/a:redhat:enterprise_linux:python2-tkinter", "p-cpe:/a:redhat:enterprise_linux:python2-tools", "p-cpe:/a:redhat:enterprise_linux:python2-urllib3", "p-cpe:/a:redhat:enterprise_linux:python2-virtualenv", "p-cpe:/a:redhat:enterprise_linux:python2-wheel", "p-cpe:/a:redhat:enterprise_linux:python2-wheel-wheel", "cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:babel", "p-cpe:/a:redhat:enterprise_linux:python-nose-docs", "p-cpe:/a:redhat:enterprise_linux:python-psycopg2-doc", "p-cpe:/a:redhat:enterprise_linux:python-sqlalchemy-doc", "p-cpe:/a:redhat:enterprise_linux:python2", "p-cpe:/a:redhat:enterprise_linux:python2-cython", "p-cpe:/a:redhat:enterprise_linux:python2-pymysql", "p-cpe:/a:redhat:enterprise_linux:python2-attrs", "p-cpe:/a:redhat:enterprise_linux:python2-babel", "p-cpe:/a:redhat:enterprise_linux:python2-backports", "p-cpe:/a:redhat:enterprise_linux:python2-backports-ssl_match_hostname", "p-cpe:/a:redhat:enterprise_linux:python2-bson", "p-cpe:/a:redhat:enterprise_linux:python2-chardet", "p-cpe:/a:redhat:enterprise_linux:python2-coverage", "p-cpe:/a:redhat:enterprise_linux:python2-debug", "p-cpe:/a:redhat:enterprise_linux:python2-devel", "p-cpe:/a:redhat:enterprise_linux:python2-dns", "p-cpe:/a:redhat:enterprise_linux:python2-docs", "p-cpe:/a:redhat:enterprise_linux:python2-docs-info", "p-cpe:/a:redhat:enterprise_linux:python2-docutils", "p-cpe:/a:redhat:enterprise_linux:python2-funcsigs", "p-cpe:/a:redhat:enterprise_linux:python2-idna", "p-cpe:/a:redhat:enterprise_linux:python2-ipaddress", "p-cpe:/a:redhat:enterprise_linux:python2-jinja2", "p-cpe:/a:redhat:enterprise_linux:python2-libs", "p-cpe:/a:redhat:enterprise_linux:python2-lxml", "p-cpe:/a:redhat:enterprise_linux:python2-markupsafe", "p-cpe:/a:redhat:enterprise_linux:python2-mock", "p-cpe:/a:redhat:enterprise_linux:python2-nose", "p-cpe:/a:redhat:enterprise_linux:python2-numpy", "p-cpe:/a:redhat:enterprise_linux:python2-numpy-doc", "p-cpe:/a:redhat:enterprise_linux:python2-numpy-f2py", "p-cpe:/a:redhat:enterprise_linux:python2-pip", "p-cpe:/a:redhat:enterprise_linux:python2-pip-wheel", "p-cpe:/a:redhat:enterprise_linux:python2-pluggy", "p-cpe:/a:redhat:enterprise_linux:python2-psycopg2", "p-cpe:/a:redhat:enterprise_linux:python2-psycopg2-debug", "p-cpe:/a:redhat:enterprise_linux:python2-psycopg2-tests", "p-cpe:/a:redhat:enterprise_linux:python2-py", "p-cpe:/a:redhat:enterprise_linux:python2-pygments", "p-cpe:/a:redhat:enterprise_linux:python2-pymongo", "p-cpe:/a:redhat:enterprise_linux:python2-pymongo-gridfs", "p-cpe:/a:redhat:enterprise_linux:python2-pysocks", "p-cpe:/a:redhat:enterprise_linux:python2-pytest", "p-cpe:/a:redhat:enterprise_linux:python2-pytest-mock", "p-cpe:/a:redhat:enterprise_linux:python2-pytz", "p-cpe:/a:redhat:enterprise_linux:python2-pyyaml", "p-cpe:/a:redhat:enterprise_linux:python2-requests", "p-cpe:/a:redhat:enterprise_linux:python2-rpm-macros", "p-cpe:/a:redhat:enterprise_linux:python2-scipy", "p-cpe:/a:redhat:enterprise_linux:python2-setuptools", "p-cpe:/a:redhat:enterprise_linux:python2-setuptools-wheel", "p-cpe:/a:redhat:enterprise_linux:python2-setuptools_scm", "p-cpe:/a:redhat:enterprise_linux:python2-six", "p-cpe:/a:redhat:enterprise_linux:python2-sqlalchemy"], "id": "REDHAT-RHSA-2021-4151.NASL", "href": "https://www.tenable.com/plugins/nessus/155151", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:4151. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155151);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2020-27619\",\n \"CVE-2020-28493\",\n \"CVE-2021-20095\",\n \"CVE-2021-20270\",\n \"CVE-2021-23336\",\n \"CVE-2021-27291\",\n \"CVE-2021-28957\",\n \"CVE-2021-42771\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0052-S\");\n script_xref(name:\"RHSA\", value:\"2021:4151\");\n script_xref(name:\"IAVA\", value:\"2021-A-0263-S\");\n\n script_name(english:\"RHEL 8 : python27:2.7 (RHSA-2021:4151)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:4151 advisory.\n\n - python: Unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)\n\n - python-jinja2: ReDoS vulnerability in the urlize filter (CVE-2020-28493)\n\n - CVE-2021-42771 python-babel: Relative path traversal allows attacker to load arbitrary locale files and\n execute arbitrary code (CVE-2021-20095)\n\n - python-pygments: Infinite loop in SML lexer may lead to DoS (CVE-2021-20270)\n\n - python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in\n query parameters (CVE-2021-23336)\n\n - python-pygments: ReDoS in multiple lexers (CVE-2021-27291)\n\n - python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS (CVE-2021-28957)\n\n - CVE-2021-20095 python-babel: Relative path traversal allows attacker to load arbitrary locale files and\n execute arbitrary code (CVE-2021-42771)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-27619\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-28493\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-20095\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-20270\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23336\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-27291\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-28957\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-42771\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:4151\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1889886\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1922136\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1928707\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1928904\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1940603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1941534\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1955615\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27619\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 22, 79, 95, 400, 444, 835);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:babel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-nose-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-psycopg2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-sqlalchemy-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-Cython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-PyMySQL\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-attrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-babel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-backports\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-backports-ssl_match_hostname\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-bson\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-chardet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-coverage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-dns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-docs-info\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-docutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-funcsigs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-idna\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-ipaddress\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-jinja2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-lxml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-markupsafe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-mock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-nose\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-numpy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-numpy-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-numpy-f2py\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-pip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-pip-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-pluggy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-psycopg2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-psycopg2-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-psycopg2-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-py\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-pygments\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-pymongo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-pymongo-gridfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-pysocks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-pytest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-pytest-mock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-pytz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-pyyaml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-requests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-rpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-scipy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-setuptools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-setuptools-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-setuptools_scm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-six\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-sqlalchemy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-virtualenv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-wheel-wheel\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar appstreams = {\n 'python27:2.7': [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/appstream/debug',\n 'content/eus/rhel8/8.6/s390x/appstream/os',\n 'content/eus/rhel8/8.6/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/baseos/debug',\n 'content/eus/rhel8/8.6/s390x/baseos/os',\n 'content/eus/rhel8/8.6/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/highavailability/debug',\n 'content/eus/rhel8/8.6/s390x/highavailability/os',\n 'content/eus/rhel8/8.6/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/sap/debug',\n 'content/eus/rhel8/8.6/s390x/sap/os',\n 'content/eus/rhel8/8.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/supplementary/debug',\n 'content/eus/rhel8/8.6/s390x/supplementary/os',\n 'content/eus/rhel8/8.6/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'babel-2.5.1-10.module+el8.5.0+11014+88fc0d0b', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-nose-docs-1.3.7-31.module+el8.5.0+12203+77770ab7', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-psycopg2-doc-2.7.5-7.module+el8.1.0+3111+de3f2d8e', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-sqlalchemy-doc-1.3.2-2.module+el8.3.0+6647+8d010749', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-2.7.18-7.module+el8.5.0+12203+77770ab7', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-attrs-17.4.0-10.module+el8.1.0+3111+de3f2d8e', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-babel-2.5.1-10.module+el8.5.0+11014+88fc0d0b', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-backports-1.0-16.module+el8.4.0+9193+f3daf6ef', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-backports-ssl_match_hostname-3.5.0.1-12.module+el8.4.0+9193+f3daf6ef', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-bson-3.7.0-1.module+el8.5.0+10264+e5753a40', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-chardet-3.0.4-10.module+el8.1.0+3111+de3f2d8e', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-coverage-4.5.1-4.module+el8.1.0+3111+de3f2d8e', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-Cython-0.28.1-7.module+el8.1.0+3111+de3f2d8e', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-debug-2.7.18-7.module+el8.5.0+12203+77770ab7', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-devel-2.7.18-7.module+el8.5.0+12203+77770ab7', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-dns-1.15.0-10.module+el8.1.0+3111+de3f2d8e', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-docs-2.7.16-2.module+el8.1.0+3111+de3f2d8e', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-docs-info-2.7.16-2.module+el8.1.0+3111+de3f2d8e', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-docutils-0.14-12.module+el8.1.0+3111+de3f2d8e', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-funcsigs-1.0.2-13.module+el8.1.0+3111+de3f2d8e', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-idna-2.5-7.module+el8.1.0+3111+de3f2d8e', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-ipaddress-1.0.18-6.module+el8.1.0+3111+de3f2d8e', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-jinja2-2.10-9.module+el8.5.0+10541+706bb066', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-libs-2.7.18-7.module+el8.5.0+12203+77770ab7', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-lxml-4.2.3-5.module+el8.5.0+10534+22332931', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-markupsafe-0.23-19.module+el8.1.0+3111+de3f2d8e', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-mock-2.0.0-13.module+el8.1.0+3111+de3f2d8e', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-nose-1.3.7-31.module+el8.5.0+12203+77770ab7', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-numpy-1.14.2-16.module+el8.4.0+9406+221a4565', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python2-numpy-doc-1.14.2-16.module+el8.4.0+9406+221a4565', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python2-numpy-f2py-1.14.2-16.module+el8.4.0+9406+221a4565', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python2-pip-9.0.3-18.module+el8.3.0+7707+eb4bba01', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pip-wheel-9.0.3-18.module+el8.3.0+7707+eb4bba01', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pluggy-0.6.0-8.module+el8.1.0+3111+de3f2d8e', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-psycopg2-2.7.5-7.module+el8.1.0+3111+de3f2d8e', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-psycopg2-debug-2.7.5-7.module+el8.1.0+3111+de3f2d8e', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-psycopg2-tests-2.7.5-7.module+el8.1.0+3111+de3f2d8e', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-py-1.5.3-6.module+el8.1.0+3111+de3f2d8e', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pygments-2.2.0-22.module+el8.5.0+10788+a4cea9e0', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pymongo-3.7.0-1.module+el8.5.0+10264+e5753a40', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pymongo-gridfs-3.7.0-1.module+el8.5.0+10264+e5753a40', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-PyMySQL-0.8.0-10.module+el8.1.0+3111+de3f2d8e', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pysocks-1.6.8-6.module+el8.1.0+3111+de3f2d8e', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pytest-3.4.2-13.module+el8.1.0+3111+de3f2d8e', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pytest-mock-1.9.0-4.module+el8.1.0+3111+de3f2d8e', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pytz-2017.2-12.module+el8.1.0+3111+de3f2d8e', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pyyaml-3.12-16.module+el8.1.0+3111+de3f2d8e', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-requests-2.20.0-3.module+el8.2.0+4577+feefd9b8', 'sp':'6', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-rpm-macros-3-38.module+el8.1.0+3111+de3f2d8e', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-scipy-1.0.0-21.module+el8.5.0+10858+05337455', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-setuptools-39.0.1-13.module+el8.4.0+9442+27d0e81c', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-setuptools-wheel-39.0.1-13.module+el8.4.0+9442+27d0e81c', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-setuptools_scm-1.15.7-6.module+el8.1.0+3111+de3f2d8e', 'sp':'6', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-six-1.11.0-6.module+el8.4.0+9287+299307c7', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-sqlalchemy-1.3.2-2.module+el8.3.0+6647+8d010749', 'sp':'6', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-test-2.7.18-7.module+el8.5.0+12203+77770ab7', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-tkinter-2.7.18-7.module+el8.5.0+12203+77770ab7', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-tools-2.7.18-7.module+el8.5.0+12203+77770ab7', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-urllib3-1.24.2-3.module+el8.4.0+9193+f3daf6ef', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-virtualenv-15.1.0-21.module+el8.5.0+12203+77770ab7', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-wheel-0.31.1-3.module+el8.5.0+12203+77770ab7', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python2-wheel-wheel-0.31.1-3.module+el8.5.0+12203+77770ab7', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'babel-2.5.1-10.module+el8.5.0+11014+88fc0d0b', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-nose-docs-1.3.7-31.module+el8.5.0+12203+77770ab7', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-psycopg2-doc-2.7.5-7.module+el8.1.0+3111+de3f2d8e', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-sqlalchemy-doc-1.3.2-2.module+el8.3.0+6647+8d010749', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-2.7.18-7.module+el8.5.0+12203+77770ab7', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-attrs-17.4.0-10.module+el8.1.0+3111+de3f2d8e', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-babel-2.5.1-10.module+el8.5.0+11014+88fc0d0b', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-backports-1.0-16.module+el8.4.0+9193+f3daf6ef', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-backports-ssl_match_hostname-3.5.0.1-12.module+el8.4.0+9193+f3daf6ef', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-bson-3.7.0-1.module+el8.5.0+10264+e5753a40', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-chardet-3.0.4-10.module+el8.1.0+3111+de3f2d8e', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-coverage-4.5.1-4.module+el8.1.0+3111+de3f2d8e', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-Cython-0.28.1-7.module+el8.1.0+3111+de3f2d8e', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-debug-2.7.18-7.module+el8.5.0+12203+77770ab7', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-devel-2.7.18-7.module+el8.5.0+12203+77770ab7', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-dns-1.15.0-10.module+el8.1.0+3111+de3f2d8e', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-docs-2.7.16-2.module+el8.1.0+3111+de3f2d8e', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-docs-info-2.7.16-2.module+el8.1.0+3111+de3f2d8e', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-docutils-0.14-12.module+el8.1.0+3111+de3f2d8e', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-funcsigs-1.0.2-13.module+el8.1.0+3111+de3f2d8e', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-idna-2.5-7.module+el8.1.0+3111+de3f2d8e', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-ipaddress-1.0.18-6.module+el8.1.0+3111+de3f2d8e', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-jinja2-2.10-9.module+el8.5.0+10541+706bb066', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-libs-2.7.18-7.module+el8.5.0+12203+77770ab7', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-lxml-4.2.3-5.module+el8.5.0+10534+22332931', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-markupsafe-0.23-19.module+el8.1.0+3111+de3f2d8e', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-mock-2.0.0-13.module+el8.1.0+3111+de3f2d8e', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-nose-1.3.7-31.module+el8.5.0+12203+77770ab7', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-numpy-1.14.2-16.module+el8.4.0+9406+221a4565', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python2-numpy-doc-1.14.2-16.module+el8.4.0+9406+221a4565', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python2-numpy-f2py-1.14.2-16.module+el8.4.0+9406+221a4565', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python2-pip-9.0.3-18.module+el8.3.0+7707+eb4bba01', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pip-wheel-9.0.3-18.module+el8.3.0+7707+eb4bba01', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pluggy-0.6.0-8.module+el8.1.0+3111+de3f2d8e', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-psycopg2-2.7.5-7.module+el8.1.0+3111+de3f2d8e', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-psycopg2-debug-2.7.5-7.module+el8.1.0+3111+de3f2d8e', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-psycopg2-tests-2.7.5-7.module+el8.1.0+3111+de3f2d8e', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-py-1.5.3-6.module+el8.1.0+3111+de3f2d8e', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pygments-2.2.0-22.module+el8.5.0+10788+a4cea9e0', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pymongo-3.7.0-1.module+el8.5.0+10264+e5753a40', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pymongo-gridfs-3.7.0-1.module+el8.5.0+10264+e5753a40', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-PyMySQL-0.8.0-10.module+el8.1.0+3111+de3f2d8e', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pysocks-1.6.8-6.module+el8.1.0+3111+de3f2d8e', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pytest-3.4.2-13.module+el8.1.0+3111+de3f2d8e', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pytest-mock-1.9.0-4.module+el8.1.0+3111+de3f2d8e', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pytz-2017.2-12.module+el8.1.0+3111+de3f2d8e', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pyyaml-3.12-16.module+el8.1.0+3111+de3f2d8e', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-requests-2.20.0-3.module+el8.2.0+4577+feefd9b8', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-rpm-macros-3-38.module+el8.1.0+3111+de3f2d8e', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-scipy-1.0.0-21.module+el8.5.0+10858+05337455', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-setuptools-39.0.1-13.module+el8.4.0+9442+27d0e81c', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-setuptools-wheel-39.0.1-13.module+el8.4.0+9442+27d0e81c', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-setuptools_scm-1.15.7-6.module+el8.1.0+3111+de3f2d8e', 'release':'8', 'el_string':'el8.1.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-six-1.11.0-6.module+el8.4.0+9287+299307c7', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-sqlalchemy-1.3.2-2.module+el8.3.0+6647+8d010749', 'release':'8', 'el_string':'el8.3.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-test-2.7.18-7.module+el8.5.0+12203+77770ab7', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-tkinter-2.7.18-7.module+el8.5.0+12203+77770ab7', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-tools-2.7.18-7.module+el8.5.0+12203+77770ab7', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-urllib3-1.24.2-3.module+el8.4.0+9193+f3daf6ef', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-virtualenv-15.1.0-21.module+el8.5.0+12203+77770ab7', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-wheel-0.31.1-3.module+el8.5.0+12203+77770ab7', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python2-wheel-wheel-0.31.1-3.module+el8.5.0+12203+77770ab7', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n }\n ]\n};\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:appstreams, appstreams:TRUE);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/python27');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module python27:2.7');\nif ('2.7' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module python27:' + module_ver);\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var module_array ( appstreams[module] ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(module_array['repo_relative_urls'])) repo_relative_urls = module_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var package_array ( module_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp']) && !enterprise_linux_flag) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module python27:2.7');\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'babel / python-nose-docs / python-psycopg2-doc / python-sqlalchemy-doc / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T15:17:51", "description": "The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-4151 advisory.\n\n - In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP. (CVE-2020-27619)\n\n - The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter. (CVE-2021-23336)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none. (CVE-2021-20095)\n\n - An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the exception keyword. (CVE-2021-20270)\n\n - In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS. By crafting malicious input, an attacker can cause a denial of service.\n (CVE-2021-27291)\n\n - An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safe_attrs_only and forms arguments, the Cleaner class does not remove the formaction attribute allowing for JS to bypass the sanitizer. A remote attacker could exploit this flaw to run arbitrary JS code on users who interact with incorrectly sanitized HTML. This issue is patched in lxml 4.6.3.\n (CVE-2021-28957)\n\n - Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing serialized Python objects) via directory traversal, leading to code execution. (CVE-2021-42771)\n\n - This affects the package jinja2 from 0.0.0 and before 2.11.3. The ReDoS vulnerability is mainly due to the `_punctuation_re regex` operator and its use of multiple wildcards. The last wildcard is the most exploitable as it searches for trailing punctuation. This issue can be mitigated by Markdown to format user content instead of the urlize filter, or by implementing request timeouts and limiting process memory. (CVE-2020-28493)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-12-10T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : python27:2.7 (ELSA-2021-4151)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-27619", "CVE-2020-28493", "CVE-2021-20095", "CVE-2021-20270", "CVE-2021-23336", "CVE-2021-27291", "CVE-2021-28957", "CVE-2021-42771"], "modified": "2022-01-26T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:babel", "p-cpe:/a:oracle:linux:python-nose-docs", "p-cpe:/a:oracle:linux:python-psycopg2-doc", "p-cpe:/a:oracle:linux:python-sqlalchemy-doc", "p-cpe:/a:oracle:linux:python2", "p-cpe:/a:oracle:linux:python2-cython", "p-cpe:/a:oracle:linux:python2-pymysql", "p-cpe:/a:oracle:linux:python2-attrs", "p-cpe:/a:oracle:linux:python2-babel", "p-cpe:/a:oracle:linux:python2-backports", "p-cpe:/a:oracle:linux:python2-backports-ssl_match_hostname", "p-cpe:/a:oracle:linux:python2-bson", "p-cpe:/a:oracle:linux:python2-chardet", "p-cpe:/a:oracle:linux:python2-coverage", "p-cpe:/a:oracle:linux:python2-debug", "p-cpe:/a:oracle:linux:python2-devel", "p-cpe:/a:oracle:linux:python2-dns", "p-cpe:/a:oracle:linux:python2-docs", "p-cpe:/a:oracle:linux:python2-docs-info", "p-cpe:/a:oracle:linux:python2-docutils", "p-cpe:/a:oracle:linux:python2-funcsigs", "p-cpe:/a:oracle:linux:python2-idna", "p-cpe:/a:oracle:linux:python2-ipaddress", "p-cpe:/a:oracle:linux:python2-jinja2", "p-cpe:/a:oracle:linux:python2-libs", "p-cpe:/a:oracle:linux:python2-lxml", "p-cpe:/a:oracle:linux:python2-markupsafe", "p-cpe:/a:oracle:linux:python2-mock", "p-cpe:/a:oracle:linux:python2-nose", "p-cpe:/a:oracle:linux:python2-numpy", "p-cpe:/a:oracle:linux:python2-numpy-doc", "p-cpe:/a:oracle:linux:python2-numpy-f2py", "p-cpe:/a:oracle:linux:python2-pip", "p-cpe:/a:oracle:linux:python2-pip-wheel", "p-cpe:/a:oracle:linux:python2-pluggy", "p-cpe:/a:oracle:linux:python2-psycopg2", "p-cpe:/a:oracle:linux:python2-psycopg2-debug", "p-cpe:/a:oracle:linux:python2-psycopg2-tests", "p-cpe:/a:oracle:linux:python2-py", "p-cpe:/a:oracle:linux:python2-pygments", "p-cpe:/a:oracle:linux:python2-pymongo", "p-cpe:/a:oracle:linux:python2-pymongo-gridfs", "p-cpe:/a:oracle:linux:python2-pysocks", "p-cpe:/a:oracle:linux:python2-pytest", "p-cpe:/a:oracle:linux:python2-pytest-mock", "p-cpe:/a:oracle:linux:python2-pytz", "p-cpe:/a:oracle:linux:python2-pyyaml", "p-cpe:/a:oracle:linux:python2-requests", "p-cpe:/a:oracle:linux:python2-rpm-macros", "p-cpe:/a:oracle:linux:python2-scipy", "p-cpe:/a:oracle:linux:python2-setuptools", "p-cpe:/a:oracle:linux:python2-setuptools-wheel", "p-cpe:/a:oracle:linux:python2-setuptools_scm", "p-cpe:/a:oracle:linux:python2-six", "p-cpe:/a:oracle:linux:python2-sqlalchemy", "p-cpe:/a:oracle:linux:python2-test", "p-cpe:/a:oracle:linux:python2-tkinter", "p-cpe:/a:oracle:linux:python2-tools", "p-cpe:/a:oracle:linux:python2-urllib3", "p-cpe:/a:oracle:linux:python2-virtualenv", "p-cpe:/a:oracle:linux:python2-wheel", "p-cpe:/a:oracle:linux:python2-wheel-wheel"], "id": "ORACLELINUX_ELSA-2021-4151.NASL", "href": "https://www.tenable.com/plugins/nessus/155987", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2021-4151.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155987);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\n \"CVE-2020-27619\",\n \"CVE-2020-28493\",\n \"CVE-2021-20095\",\n \"CVE-2021-20270\",\n \"CVE-2021-23336\",\n \"CVE-2021-27291\",\n \"CVE-2021-28957\",\n \"CVE-2021-42771\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0263-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0052-S\");\n\n script_name(english:\"Oracle Linux 8 : python27:2.7 (ELSA-2021-4151)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2021-4151 advisory.\n\n - In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content\n retrieved via HTTP. (CVE-2020-27619)\n\n - The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before\n 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and\n urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query\n parameters using a semicolon (;), they can cause a difference in the interpretation of the request between\n the proxy (running with default configuration) and the server. This can result in malicious requests being\n cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and\n therefore would not include it in a cache key of an unkeyed parameter. (CVE-2021-23336)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by\n its CNA. Notes: none. (CVE-2021-20095)\n\n - An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when\n performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only\n contains the exception keyword. (CVE-2021-20270)\n\n - In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular\n expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are\n vulnerable to ReDoS. By crafting malicious input, an attacker can cause a denial of service.\n (CVE-2021-27291)\n\n - An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling\n the safe_attrs_only and forms arguments, the Cleaner class does not remove the formaction attribute\n allowing for JS to bypass the sanitizer. A remote attacker could exploit this flaw to run arbitrary JS\n code on users who interact with incorrectly sanitized HTML. This issue is patched in lxml 4.6.3.\n (CVE-2021-28957)\n\n - Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing\n serialized Python objects) via directory traversal, leading to code execution. (CVE-2021-42771)\n\n - This affects the package jinja2 from 0.0.0 and before 2.11.3. The ReDoS vulnerability is mainly due to the\n `_punctuation_re regex` operator and its use of multiple wildcards. The last wildcard is the most\n exploitable as it searches for trailing punctuation. This issue can be mitigated by Markdown to format\n user content instead of the urlize filter, or by implementing request timeouts and limiting process\n memory. (CVE-2020-28493)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2021-4151.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-27619\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:babel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-nose-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-psycopg2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-sqlalchemy-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-Cython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-PyMySQL\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-attrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-babel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-backports\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-backports-ssl_match_hostname\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-bson\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-chardet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-coverage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-dns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-docs-info\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-docutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-funcsigs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-idna\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-ipaddress\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-jinja2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-lxml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-markupsafe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-mock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-nose\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-numpy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-numpy-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-numpy-f2py\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-pip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-pip-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-pluggy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-psycopg2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-psycopg2-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-psycopg2-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-py\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-pygments\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-pymongo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-pymongo-gridfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-pysocks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-pytest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-pytest-mock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-pytz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-pyyaml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-requests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-rpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-scipy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-setuptools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-setuptools-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-setuptools_scm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-six\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-sqlalchemy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-virtualenv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python2-wheel-wheel\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/python27');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module python27:2.7');\nif ('2.7' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module python27:' + module_ver);\n\nvar appstreams = {\n 'python27:2.7': [\n {'reference':'babel-2.5.1-10.module+el8.5.0+20361+8a9d3d27', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-nose-docs-1.3.7-31.module+el8.5.0+20361+8a9d3d27', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-psycopg2-doc-2.7.5-7.module+el8.3.0+7833+4aaf98ce', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-psycopg2-doc-2.7.5-7.module+el8.3.0+7833+4aaf98ce', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-sqlalchemy-doc-1.3.2-2.module+el8.3.0+7833+4aaf98ce', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-2.7.18-7.0.1.module+el8.5.0+20361+8a9d3d27', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-2.7.18-7.0.1.module+el8.5.0+20361+8a9d3d27', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-attrs-17.4.0-10.module+el8.3.0+7833+4aaf98ce', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-babel-2.5.1-10.module+el8.5.0+20361+8a9d3d27', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-backports-1.0-16.module+el8.4.0+20050+79c7b4ee', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-backports-1.0-16.module+el8.4.0+20050+79c7b4ee', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-backports-ssl_match_hostname-3.5.0.1-12.module+el8.4.0+20050+79c7b4ee', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-bson-3.7.0-1.module+el8.5.0+20361+8a9d3d27', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-bson-3.7.0-1.module+el8.5.0+20361+8a9d3d27', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-chardet-3.0.4-10.module+el8.3.0+7833+4aaf98ce', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-coverage-4.5.1-4.module+el8.3.0+7833+4aaf98ce', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-coverage-4.5.1-4.module+el8.3.0+7833+4aaf98ce', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-Cython-0.28.1-7.module+el8.3.0+7833+4aaf98ce', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-Cython-0.28.1-7.module+el8.3.0+7833+4aaf98ce', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-debug-2.7.18-7.0.1.module+el8.5.0+20361+8a9d3d27', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-debug-2.7.18-7.0.1.module+el8.5.0+20361+8a9d3d27', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-devel-2.7.18-7.0.1.module+el8.5.0+20361+8a9d3d27', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-devel-2.7.18-7.0.1.module+el8.5.0+20361+8a9d3d27', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-dns-1.15.0-10.module+el8.3.0+7833+4aaf98ce', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-docs-2.7.16-2.module+el8.3.0+7833+4aaf98ce', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-docs-info-2.7.16-2.module+el8.3.0+7833+4aaf98ce', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-docutils-0.14-12.module+el8.3.0+7833+4aaf98ce', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-funcsigs-1.0.2-13.module+el8.3.0+7833+4aaf98ce', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-idna-2.5-7.module+el8.3.0+7833+4aaf98ce', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-ipaddress-1.0.18-6.module+el8.3.0+7833+4aaf98ce', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-jinja2-2.10-9.module+el8.5.0+20361+8a9d3d27', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-libs-2.7.18-7.0.1.module+el8.5.0+20361+8a9d3d27', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-libs-2.7.18-7.0.1.module+el8.5.0+20361+8a9d3d27', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-lxml-4.2.3-5.module+el8.5.0+20361+8a9d3d27', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-lxml-4.2.3-5.module+el8.5.0+20361+8a9d3d27', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-markupsafe-0.23-19.module+el8.3.0+7833+4aaf98ce', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-markupsafe-0.23-19.module+el8.3.0+7833+4aaf98ce', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-mock-2.0.0-13.module+el8.3.0+7833+4aaf98ce', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-nose-1.3.7-31.module+el8.5.0+20361+8a9d3d27', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-numpy-1.14.2-16.module+el8.4.0+20050+79c7b4ee', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python2-numpy-1.14.2-16.module+el8.4.0+20050+79c7b4ee', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python2-numpy-doc-1.14.2-16.module+el8.4.0+20050+79c7b4ee', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python2-numpy-f2py-1.14.2-16.module+el8.4.0+20050+79c7b4ee', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python2-numpy-f2py-1.14.2-16.module+el8.4.0+20050+79c7b4ee', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python2-pip-9.0.3-18.module+el8.3.0+7833+4aaf98ce', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pip-wheel-9.0.3-18.module+el8.3.0+7833+4aaf98ce', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pluggy-0.6.0-8.module+el8.3.0+7833+4aaf98ce', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-psycopg2-2.7.5-7.module+el8.3.0+7833+4aaf98ce', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-psycopg2-2.7.5-7.module+el8.3.0+7833+4aaf98ce', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-psycopg2-debug-2.7.5-7.module+el8.3.0+7833+4aaf98ce', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-psycopg2-debug-2.7.5-7.module+el8.3.0+7833+4aaf98ce', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-psycopg2-tests-2.7.5-7.module+el8.3.0+7833+4aaf98ce', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-psycopg2-tests-2.7.5-7.module+el8.3.0+7833+4aaf98ce', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-py-1.5.3-6.module+el8.3.0+7833+4aaf98ce', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pygments-2.2.0-22.module+el8.5.0+20361+8a9d3d27', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pymongo-3.7.0-1.module+el8.5.0+20361+8a9d3d27', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pymongo-3.7.0-1.module+el8.5.0+20361+8a9d3d27', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pymongo-gridfs-3.7.0-1.module+el8.5.0+20361+8a9d3d27', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pymongo-gridfs-3.7.0-1.module+el8.5.0+20361+8a9d3d27', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-PyMySQL-0.8.0-10.module+el8.3.0+7833+4aaf98ce', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pysocks-1.6.8-6.module+el8.3.0+7833+4aaf98ce', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pytest-3.4.2-13.module+el8.3.0+7833+4aaf98ce', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pytest-mock-1.9.0-4.module+el8.3.0+7833+4aaf98ce', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pytz-2017.2-12.module+el8.3.0+7833+4aaf98ce', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pyyaml-3.12-16.module+el8.3.0+7833+4aaf98ce', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-pyyaml-3.12-16.module+el8.3.0+7833+4aaf98ce', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-requests-2.20.0-3.module+el8.3.0+7833+4aaf98ce', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-rpm-macros-3-38.module+el8.3.0+7833+4aaf98ce', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-scipy-1.0.0-21.module+el8.5.0+20361+8a9d3d27', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-scipy-1.0.0-21.module+el8.5.0+20361+8a9d3d27', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-setuptools-39.0.1-13.module+el8.4.0+20050+79c7b4ee', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-setuptools-wheel-39.0.1-13.module+el8.4.0+20050+79c7b4ee', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-setuptools_scm-1.15.7-6.module+el8.3.0+7833+4aaf98ce', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-six-1.11.0-6.module+el8.4.0+20050+79c7b4ee', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-sqlalchemy-1.3.2-2.module+el8.3.0+7833+4aaf98ce', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-sqlalchemy-1.3.2-2.module+el8.3.0+7833+4aaf98ce', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-test-2.7.18-7.0.1.module+el8.5.0+20361+8a9d3d27', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-test-2.7.18-7.0.1.module+el8.5.0+20361+8a9d3d27', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-tkinter-2.7.18-7.0.1.module+el8.5.0+20361+8a9d3d27', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-tkinter-2.7.18-7.0.1.module+el8.5.0+20361+8a9d3d27', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-tools-2.7.18-7.0.1.module+el8.5.0+20361+8a9d3d27', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-tools-2.7.18-7.0.1.module+el8.5.0+20361+8a9d3d27', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-urllib3-1.24.2-3.module+el8.4.0+20050+79c7b4ee', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-virtualenv-15.1.0-21.module+el8.5.0+20361+8a9d3d27', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python2-wheel-0.31.1-3.module+el8.5.0+20361+8a9d3d27', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python2-wheel-wheel-0.31.1-3.module+el8.5.0+20361+8a9d3d27', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n};\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var package_array ( appstreams[module] ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module python27:2.7');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'babel / python-nose-docs / python-psycopg2-doc / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T14:30:23", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3254 advisory.\n\n - python-cryptography: Bleichenbacher timing oracle attack against RSA decryption (CVE-2020-25659)\n\n - python: Unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)\n\n - python-lxml: mXSS due to the use of improper parser (CVE-2020-27783)\n\n - python-jinja2: ReDoS vulnerability in the urlize filter (CVE-2020-28493)\n\n - python-cryptography: Large inputs for symmetric encryption can trigger integer overflow leading to buffer overflow (CVE-2020-36242)\n\n - CVE-2021-42771 python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-20095)\n\n - python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (CVE-2021-23336)\n\n - python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS (CVE-2021-28957)\n\n - python-ipaddress: Improper input validation of octal strings (CVE-2021-29921)\n\n - python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c (CVE-2021-3177)\n\n - python-urllib3: ReDoS in the parsing of authority part of URL (CVE-2021-33503)\n\n - python: Information disclosure via pydoc (CVE-2021-3426)\n\n - python-pip: Incorrect handling of unicode separators in git references (CVE-2021-3572)\n\n - python: urllib: Regular expression DoS in AbstractBasicAuthHandler (CVE-2021-3733)\n\n - python: ftplib should not use the host from the PASV response (CVE-2021-4189)\n\n - CVE-2021-20095 python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-42771)\n\n - python: urllib.parse does not sanitize URLs containing ASCII newline and tabs (CVE-2022-0391)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-08-24T00:00:00", "type": "nessus", "title": "RHEL 7 : rh-python38 (RHSA-2021:3254)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-25659", "CVE-2020-27619", "CVE-2020-27783", "CVE-2020-28493", "CVE-2020-36242", "CVE-2021-20095", "CVE-2021-23336", "CVE-2021-28957", "CVE-2021-29921", "CVE-2021-3177", "CVE-2021-33503", "CVE-2021-3426", "CVE-2021-3572", "CVE-2021-3733", "CVE-2021-4189", "CVE-2021-42771", "CVE-2022-0391"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:rh-python38-python", "p-cpe:/a:redhat:enterprise_linux:rh-python38-python-babel", "p-cpe:/a:redhat:enterprise_linux:rh-python38-python-cryptography", "p-cpe:/a:redhat:enterprise_linux:rh-python38-python-debug", "p-cpe:/a:redhat:enterprise_linux:rh-python38-python-devel", "p-cpe:/a:redhat:enterprise_linux:rh-python38-python-idle", "p-cpe:/a:redhat:enterprise_linux:rh-python38-python-jinja2", "p-cpe:/a:redhat:enterprise_linux:rh-python38-python-libs", "p-cpe:/a:redhat:enterprise_linux:rh-python38-python-lxml", "p-cpe:/a:redhat:enterprise_linux:rh-python38-python-pip", "p-cpe:/a:redhat:enterprise_linux:rh-python38-python-pip-wheel", "p-cpe:/a:redhat:enterprise_linux:rh-python38-python-rpm-macros", "p-cpe:/a:redhat:enterprise_linux:rh-python38-python-srpm-macros", "p-cpe:/a:redhat:enterprise_linux:rh-python38-python-test", "p-cpe:/a:redhat:enterprise_linux:rh-python38-python-tkinter", "p-cpe:/a:redhat:enterprise_linux:rh-python38-python-urllib3"], "id": "REDHAT-RHSA-2021-3254.NASL", "href": "https://www.tenable.com/plugins/nessus/152781", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:3254. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152781);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2020-25659\",\n \"CVE-2020-27619\",\n \"CVE-2020-27783\",\n \"CVE-2020-28493\",\n \"CVE-2020-36242\",\n \"CVE-2021-3177\",\n \"CVE-2021-3426\",\n \"CVE-2021-3572\",\n \"CVE-2021-20095\",\n \"CVE-2021-23336\",\n \"CVE-2021-28957\",\n \"CVE-2021-29921\",\n \"CVE-2021-33503\"\n );\n script_xref(name:\"RHSA\", value:\"2021:3254\");\n script_xref(name:\"IAVA\", value:\"2021-A-0052-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0263-S\");\n\n script_name(english:\"RHEL 7 : rh-python38 (RHSA-2021:3254)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:3254 advisory.\n\n - python-cryptography: Bleichenbacher timing oracle attack against RSA decryption (CVE-2020-25659)\n\n - python: Unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)\n\n - python-lxml: mXSS due to the use of improper parser (CVE-2020-27783)\n\n - python-jinja2: ReDoS vulnerability in the urlize filter (CVE-2020-28493)\n\n - python-cryptography: Large inputs for symmetric encryption can trigger integer overflow leading to buffer\n overflow (CVE-2020-36242)\n\n - CVE-2021-42771 python-babel: Relative path traversal allows attacker to load arbitrary locale files and\n execute arbitrary code (CVE-2021-20095)\n\n - python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in\n query parameters (CVE-2021-23336)\n\n - python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS (CVE-2021-28957)\n\n - python-ipaddress: Improper input validation of octal strings (CVE-2021-29921)\n\n - python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c (CVE-2021-3177)\n\n - python-urllib3: ReDoS in the parsing of authority part of URL (CVE-2021-33503)\n\n - python: Information disclosure via pydoc (CVE-2021-3426)\n\n - python-pip: Incorrect handling of unicode separators in git references (CVE-2021-3572)\n\n - python: urllib: Regular expression DoS in AbstractBasicAuthHandler (CVE-2021-3733)\n\n - python: ftplib should not use the host from the PASV response (CVE-2021-4189)\n\n - CVE-2021-20095 python-babel: Relative path traversal allows attacker to load arbitrary locale files and\n execute arbitrary code (CVE-2021-42771)\n\n - python: urllib.parse does not sanitize URLs containing ASCII newline and tabs (CVE-2022-0391)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-25659\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-27619\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-27783\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-28493\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-36242\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3177\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3426\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3572\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3733\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-4189\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-20095\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23336\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-28957\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-29921\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-33503\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-42771\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-0391\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:3254\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1889886\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1889988\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1901633\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1918168\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1926226\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1928707\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1928904\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1935913\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1941534\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1955615\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1957458\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1962856\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1968074\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1995234\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2036020\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2047376\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3177\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 22, 74, 79, 95, 119, 120, 190, 200, 385, 400, 444, 835);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/08/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-python38-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-python38-python-babel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-python38-python-cryptography\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-python38-python-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-python38-python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-python38-python-idle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-python38-python-jinja2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-python38-python-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-python38-python-lxml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-python38-python-pip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-python38-python-pip-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-python38-python-rpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-python38-python-srpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-python38-python-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-python38-python-tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-python38-python-urllib3\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/os',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'rh-python38-python-3.8.11-2.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-3.8.11-2.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-3.8.11-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-babel-2.7.0-12.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-cryptography-2.8-5.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-cryptography-2.8-5.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-cryptography-2.8-5.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-debug-3.8.11-2.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-debug-3.8.11-2.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-debug-3.8.11-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-devel-3.8.11-2.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-devel-3.8.11-2.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-devel-3.8.11-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-idle-3.8.11-2.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-idle-3.8.11-2.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-idle-3.8.11-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-jinja2-2.10.3-6.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-libs-3.8.11-2.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-libs-3.8.11-2.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-libs-3.8.11-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-lxml-4.4.1-7.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-lxml-4.4.1-7.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-lxml-4.4.1-7.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-pip-19.3.1-2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-pip-wheel-19.3.1-2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-rpm-macros-3.8.11-2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-srpm-macros-3.8.11-2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-test-3.8.11-2.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-test-3.8.11-2.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-test-3.8.11-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-tkinter-3.8.11-2.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-tkinter-3.8.11-2.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-tkinter-3.8.11-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-python38-python-urllib3-1.25.7-7.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'rh-python38-python / rh-python38-python-babel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:26:29", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4160 advisory.\n\n - python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS (CVE-2021-28957)\n\n - python-ipaddress: Improper input validation of octal strings (CVE-2021-29921)\n\n - python-urllib3: ReDoS in the parsing of authority part of URL (CVE-2021-33503)\n\n - python: Information disclosure via pydoc (CVE-2021-3426)\n\n - python-pip: Incorrect handling of unicode separators in git references (CVE-2021-3572)\n\n - python: urllib: Regular expression DoS in AbstractBasicAuthHandler (CVE-2021-3733)\n\n - A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability. (CVE-2021-3737)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-11T00:00:00", "type": "nessus", "title": "RHEL 8 : python39:3.9 and python39-devel:3.9 (RHSA-2021:4160)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-28957", "CVE-2021-29921", "CVE-2021-33503", "CVE-2021-3426", "CVE-2021-3572", "CVE-2021-3733", "CVE-2021-3737"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:python39", "p-cpe:/a:redhat:enterprise_linux:python39-cython", "p-cpe:/a:redhat:enterprise_linux:python39-pymysql", "p-cpe:/a:redhat:enterprise_linux:python39-attrs", "p-cpe:/a:redhat:enterprise_linux:python39-cffi", "p-cpe:/a:redhat:enterprise_linux:python39-chardet", "p-cpe:/a:redhat:enterprise_linux:python39-cryptography", "p-cpe:/a:redhat:enterprise_linux:python39-debug", "p-cpe:/a:redhat:enterprise_linux:python39-devel", "p-cpe:/a:redhat:enterprise_linux:python39-idle", "p-cpe:/a:redhat:enterprise_linux:python39-idna", "p-cpe:/a:redhat:enterprise_linux:python39-iniconfig", "p-cpe:/a:redhat:enterprise_linux:python39-libs", "p-cpe:/a:redhat:enterprise_linux:python39-lxml", "p-cpe:/a:redhat:enterprise_linux:python39-mod_wsgi", "p-cpe:/a:redhat:enterprise_linux:python39-more-itertools", "p-cpe:/a:redhat:enterprise_linux:python39-numpy", "p-cpe:/a:redhat:enterprise_linux:python39-numpy-doc", "p-cpe:/a:redhat:enterprise_linux:python39-numpy-f2py", "p-cpe:/a:redhat:enterprise_linux:python39-packaging", "p-cpe:/a:redhat:enterprise_linux:python39-pip", "p-cpe:/a:redhat:enterprise_linux:python39-pip-wheel", "p-cpe:/a:redhat:enterprise_linux:python39-pluggy", "p-cpe:/a:redhat:enterprise_linux:python39-ply", "p-cpe:/a:redhat:enterprise_linux:python39-psutil", "p-cpe:/a:redhat:enterprise_linux:python39-psycopg2", "p-cpe:/a:redhat:enterprise_linux:python39-psycopg2-doc", "p-cpe:/a:redhat:enterprise_linux:python39-psycopg2-tests", "p-cpe:/a:redhat:enterprise_linux:python39-py", "p-cpe:/a:redhat:enterprise_linux:python39-pybind11", "p-cpe:/a:redhat:enterprise_linux:python39-pybind11-devel", "p-cpe:/a:redhat:enterprise_linux:python39-pycparser", "p-cpe:/a:redhat:enterprise_linux:python39-pyparsing", "p-cpe:/a:redhat:enterprise_linux:python39-pysocks", "p-cpe:/a:redhat:enterprise_linux:python39-pytest", "p-cpe:/a:redhat:enterprise_linux:python39-pyyaml", "p-cpe:/a:redhat:enterprise_linux:python39-requests", "p-cpe:/a:redhat:enterprise_linux:python39-rpm-macros", "p-cpe:/a:redhat:enterprise_linux:python39-scipy", "p-cpe:/a:redhat:enterprise_linux:python39-setuptools", "p-cpe:/a:redhat:enterprise_linux:python39-setuptools-wheel", "p-cpe:/a:redhat:enterprise_linux:python39-six", "p-cpe:/a:redhat:enterprise_linux:python39-test", "p-cpe:/a:redhat:enterprise_linux:python39-tkinter", "p-cpe:/a:redhat:enterprise_linux:python39-toml", "p-cpe:/a:redhat:enterprise_linux:python39-urllib3", "p-cpe:/a:redhat:enterprise_linux:python39-wcwidth", "p-cpe:/a:redhat:enterprise_linux:python39-wheel", "p-cpe:/a:redhat:enterprise_linux:python39-wheel-wheel"], "id": "REDHAT-RHSA-2021-4160.NASL", "href": "https://www.tenable.com/plugins/nessus/155200", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:4160. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155200);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2021-3426\",\n \"CVE-2021-3572\",\n \"CVE-2021-3733\",\n \"CVE-2021-3737\",\n \"CVE-2021-28957\",\n \"CVE-2021-29921\",\n \"CVE-2021-33503\"\n );\n script_xref(name:\"RHSA\", value:\"2021:4160\");\n script_xref(name:\"IAVA\", value:\"2021-A-0263-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0497-S\");\n\n script_name(english:\"RHEL 8 : python39:3.9 and python39-devel:3.9 (RHSA-2021:4160)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:4160 advisory.\n\n - python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS (CVE-2021-28957)\n\n - python-ipaddress: Improper input validation of octal strings (CVE-2021-29921)\n\n - python-urllib3: ReDoS in the parsing of authority part of URL (CVE-2021-33503)\n\n - python: Information disclosure via pydoc (CVE-2021-3426)\n\n - python-pip: Incorrect handling of unicode separators in git references (CVE-2021-3572)\n\n - python: urllib: Regular expression DoS in AbstractBasicAuthHandler (CVE-2021-3733)\n\n - A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may\n allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop,\n consuming CPU time. The highest threat from this vulnerability is to system availability. (CVE-2021-3737)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3426\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3572\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3733\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3737\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-28957\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-29921\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-33503\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:4160\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1935913\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1941534\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1957458\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1962856\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1968074\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1995234\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29921\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 79, 200, 400, 835);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-Cython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-PyMySQL\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-attrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-cffi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-chardet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-cryptography\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-idle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-idna\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-iniconfig\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-lxml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-mod_wsgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-more-itertools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-numpy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-numpy-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-numpy-f2py\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-packaging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-pip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-pip-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-pluggy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-ply\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-psutil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-psycopg2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-psycopg2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-psycopg2-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-py\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-pybind11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-pybind11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-pycparser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-pyparsing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-pysocks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-pytest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-pyyaml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-requests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-rpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-scipy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-setuptools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-setuptools-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-six\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-toml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-wcwidth\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python39-wheel-wheel\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar appstreams = {\n 'python39:3.9': [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/appstream/debug',\n 'content/eus/rhel8/8.6/s390x/appstream/os',\n 'content/eus/rhel8/8.6/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/baseos/debug',\n 'content/eus/rhel8/8.6/s390x/baseos/os',\n 'content/eus/rhel8/8.6/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/highavailability/debug',\n 'content/eus/rhel8/8.6/s390x/highavailability/os',\n 'content/eus/rhel8/8.6/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/sap/debug',\n 'content/eus/rhel8/8.6/s390x/sap/os',\n 'content/eus/rhel8/8.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/supplementary/debug',\n 'content/eus/rhel8/8.6/s390x/supplementary/os',\n 'content/eus/rhel8/8.6/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'python39-3.9.6-2.module+el8.5.0+12204+54860423', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-cffi-1.14.3-2.module+el8.4.0+9822+20bf1249', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-chardet-3.0.4-19.module+el8.4.0+9822+20bf1249', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-cryptography-3.3.1-2.module+el8.4.0+9822+20bf1249', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-devel-3.9.6-2.module+el8.5.0+12204+54860423', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-idle-3.9.6-2.module+el8.5.0+12204+54860423', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-idna-2.10-3.module+el8.4.0+9822+20bf1249', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-libs-3.9.6-2.module+el8.5.0+12204+54860423', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-lxml-4.6.2-3.module+el8.5.0+10536+a233b742', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-mod_wsgi-4.7.1-4.module+el8.4.0+9822+20bf1249', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-numpy-1.19.4-3.module+el8.5.0+12204+54860423', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-numpy-doc-1.19.4-3.module+el8.5.0+12204+54860423', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-numpy-f2py-1.19.4-3.module+el8.5.0+12204+54860423', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pip-20.2.4-6.module+el8.5.0+12204+54860423', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pip-wheel-20.2.4-6.module+el8.5.0+12204+54860423', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-ply-3.11-10.module+el8.4.0+9822+20bf1249', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-psutil-5.8.0-4.module+el8.4.0+9822+20bf1249', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-psycopg2-2.8.6-2.module+el8.4.0+9822+20bf1249', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-psycopg2-doc-2.8.6-2.module+el8.4.0+9822+20bf1249', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-psycopg2-tests-2.8.6-2.module+el8.4.0+9822+20bf1249', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pycparser-2.20-3.module+el8.4.0+9822+20bf1249', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-PyMySQL-0.10.1-2.module+el8.4.0+9822+20bf1249', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pysocks-1.7.1-4.module+el8.4.0+9822+20bf1249', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pyyaml-5.4.1-1.module+el8.5.0+10613+59a13ec4', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-requests-2.25.0-2.module+el8.4.0+9822+20bf1249', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-rpm-macros-3.9.6-2.module+el8.5.0+12204+54860423', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-scipy-1.5.4-3.module+el8.4.0+9822+20bf1249', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-setuptools-50.3.2-4.module+el8.5.0+12204+54860423', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-setuptools-wheel-50.3.2-4.module+el8.5.0+12204+54860423', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-six-1.15.0-3.module+el8.4.0+9822+20bf1249', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-test-3.9.6-2.module+el8.5.0+12204+54860423', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-tkinter-3.9.6-2.module+el8.5.0+12204+54860423', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-toml-0.10.1-5.module+el8.4.0+9822+20bf1249', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-urllib3-1.25.10-4.module+el8.5.0+11712+ea2d2be1', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-wheel-0.35.1-4.module+el8.5.0+12204+54860423', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python39-wheel-wheel-0.35.1-4.module+el8.5.0+12204+54860423', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'python39-3.9.6-2.module+el8.5.0+12204+54860423', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-cffi-1.14.3-2.module+el8.4.0+9822+20bf1249', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-chardet-3.0.4-19.module+el8.4.0+9822+20bf1249', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-cryptography-3.3.1-2.module+el8.4.0+9822+20bf1249', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-devel-3.9.6-2.module+el8.5.0+12204+54860423', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-idle-3.9.6-2.module+el8.5.0+12204+54860423', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-idna-2.10-3.module+el8.4.0+9822+20bf1249', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-libs-3.9.6-2.module+el8.5.0+12204+54860423', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-lxml-4.6.2-3.module+el8.5.0+10536+a233b742', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-mod_wsgi-4.7.1-4.module+el8.4.0+9822+20bf1249', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-numpy-1.19.4-3.module+el8.5.0+12204+54860423', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-numpy-doc-1.19.4-3.module+el8.5.0+12204+54860423', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-numpy-f2py-1.19.4-3.module+el8.5.0+12204+54860423', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pip-20.2.4-6.module+el8.5.0+12204+54860423', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pip-wheel-20.2.4-6.module+el8.5.0+12204+54860423', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-ply-3.11-10.module+el8.4.0+9822+20bf1249', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-psutil-5.8.0-4.module+el8.4.0+9822+20bf1249', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-psycopg2-2.8.6-2.module+el8.4.0+9822+20bf1249', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-psycopg2-doc-2.8.6-2.module+el8.4.0+9822+20bf1249', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-psycopg2-tests-2.8.6-2.module+el8.4.0+9822+20bf1249', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pycparser-2.20-3.module+el8.4.0+9822+20bf1249', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-PyMySQL-0.10.1-2.module+el8.4.0+9822+20bf1249', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pysocks-1.7.1-4.module+el8.4.0+9822+20bf1249', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pyyaml-5.4.1-1.module+el8.5.0+10613+59a13ec4', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-requests-2.25.0-2.module+el8.4.0+9822+20bf1249', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-rpm-macros-3.9.6-2.module+el8.5.0+12204+54860423', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-scipy-1.5.4-3.module+el8.4.0+9822+20bf1249', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-setuptools-50.3.2-4.module+el8.5.0+12204+54860423', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-setuptools-wheel-50.3.2-4.module+el8.5.0+12204+54860423', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-six-1.15.0-3.module+el8.4.0+9822+20bf1249', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-test-3.9.6-2.module+el8.5.0+12204+54860423', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-tkinter-3.9.6-2.module+el8.5.0+12204+54860423', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-toml-0.10.1-5.module+el8.4.0+9822+20bf1249', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-urllib3-1.25.10-4.module+el8.5.0+11712+ea2d2be1', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-wheel-0.35.1-4.module+el8.5.0+12204+54860423', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python39-wheel-wheel-0.35.1-4.module+el8.5.0+12204+54860423', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n }\n ],\n 'python39-devel:3.9': [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/appstream/debug',\n 'content/eus/rhel8/8.6/s390x/appstream/os',\n 'content/eus/rhel8/8.6/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/baseos/debug',\n 'content/eus/rhel8/8.6/s390x/baseos/os',\n 'content/eus/rhel8/8.6/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/highavailability/debug',\n 'content/eus/rhel8/8.6/s390x/highavailability/os',\n 'content/eus/rhel8/8.6/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/sap/debug',\n 'content/eus/rhel8/8.6/s390x/sap/os',\n 'content/eus/rhel8/8.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/supplementary/debug',\n 'content/eus/rhel8/8.6/s390x/supplementary/os',\n 'content/eus/rhel8/8.6/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'python39-attrs-20.3.0-2.module+el8.4.0+9822+20bf1249', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-Cython-0.29.21-5.module+el8.4.0+9822+20bf1249', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-debug-3.9.6-2.module+el8.5.0+12204+54860423', 'sp':'6', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-iniconfig-1.1.1-2.module+el8.4.0+9822+20bf1249', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-more-itertools-8.5.0-2.module+el8.4.0+9822+20bf1249', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-packaging-20.4-4.module+el8.4.0+9822+20bf1249', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pluggy-0.13.1-3.module+el8.4.0+9822+20bf1249', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-py-1.10.0-1.module+el8.4.0+9822+20bf1249', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pybind11-2.6.1-2.module+el8.4.0+9822+20bf1249', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pybind11-devel-2.6.1-2.module+el8.4.0+9822+20bf1249', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pyparsing-2.4.7-5.module+el8.4.0+9822+20bf1249', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pytest-6.0.2-2.module+el8.4.0+9822+20bf1249', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-wcwidth-0.2.5-3.module+el8.4.0+9822+20bf1249', 'sp':'6', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'python39-attrs-20.3.0-2.module+el8.4.0+9822+20bf1249', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-Cython-0.29.21-5.module+el8.4.0+9822+20bf1249', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-debug-3.9.6-2.module+el8.5.0+12204+54860423', 'release':'8', 'el_string':'el8.5.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-iniconfig-1.1.1-2.module+el8.4.0+9822+20bf1249', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-more-itertools-8.5.0-2.module+el8.4.0+9822+20bf1249', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-packaging-20.4-4.module+el8.4.0+9822+20bf1249', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pluggy-0.13.1-3.module+el8.4.0+9822+20bf1249', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-py-1.10.0-1.module+el8.4.0+9822+20bf1249', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pybind11-2.6.1-2.module+el8.4.0+9822+20bf1249', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pybind11-devel-2.6.1-2.module+el8.4.0+9822+20bf1249', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pyparsing-2.4.7-5.module+el8.4.0+9822+20bf1249', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pytest-6.0.2-2.module+el8.4.0+9822+20bf1249', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-wcwidth-0.2.5-3.module+el8.4.0+9822+20bf1249', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n ]\n};\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:appstreams, appstreams:TRUE);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var module_array ( appstreams[module] ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(module_array['repo_relative_urls'])) repo_relative_urls = module_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var package_array ( module_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp']) && !enterprise_linux_flag) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module python39-devel:3.9 / python39:3.9');\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python39 / python39-Cython / python39-PyMySQL / python39-attrs / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:35:54", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4160 advisory.\n\n - python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS (CVE-2021-28957)\n\n - python-ipaddress: Improper input validation of octal strings (CVE-2021-29921)\n\n - python-urllib3: ReDoS in the parsing of authority part of URL (CVE-2021-33503)\n\n - python: Information disclosure via pydoc (CVE-2021-3426)\n\n - python-pip: Incorrect handling of unicode separators in git references (CVE-2021-3572)\n\n - python: urllib: Regular expression DoS in AbstractBasicAuthHandler (CVE-2021-3733)\n\n - python: urllib: HTTP client possible infinite loop on a 100 Continue response (CVE-2021-3737)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-11T00:00:00", "type": "nessus", "title": "CentOS 8 : python39:3.9 and python39-devel:3.9 (CESA-2021:4160)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-28957", "CVE-2021-29921", "CVE-2021-33503", "CVE-2021-3426", "CVE-2021-3572", "CVE-2021-3733", "CVE-2021-3737"], "modified": "2023-02-08T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:python39", "p-cpe:/a:centos:centos:python39-cython", "p-cpe:/a:centos:centos:python39-pymysql", "p-cpe:/a:centos:centos:python39-attrs", "p-cpe:/a:centos:centos:python39-cffi", "p-cpe:/a:centos:centos:python39-psycopg2-tests", "p-cpe:/a:centos:centos:python39-chardet", "p-cpe:/a:centos:centos:python39-cryptography", "p-cpe:/a:centos:centos:python39-py", "p-cpe:/a:centos:centos:python39-pybind11", "p-cpe:/a:centos:centos:python39-pybind11-devel", "p-cpe:/a:centos:centos:python39-pycparser", "p-cpe:/a:centos:centos:python39-pyparsing", "p-cpe:/a:centos:centos:python39-debug", "p-cpe:/a:centos:centos:python39-pysocks", "p-cpe:/a:centos:centos:python39-pytest", "p-cpe:/a:centos:centos:python39-devel", "p-cpe:/a:centos:centos:python39-pyyaml", "p-cpe:/a:centos:centos:python39-requests", "p-cpe:/a:centos:centos:python39-idle", "p-cpe:/a:centos:centos:python39-rpm-macros", "p-cpe:/a:centos:centos:python39-scipy", "p-cpe:/a:centos:centos:python39-idna", "p-cpe:/a:centos:centos:python39-setuptools", "p-cpe:/a:centos:centos:python39-iniconfig", "p-cpe:/a:centos:centos:python39-setuptools-wheel", "p-cpe:/a:centos:centos:python39-six", "p-cpe:/a:centos:centos:python39-libs", "p-cpe:/a:centos:centos:python39-test", "p-cpe:/a:centos:centos:python39-lxml", "p-cpe:/a:centos:centos:python39-tkinter", "p-cpe:/a:centos:centos:python39-mod_wsgi", "p-cpe:/a:centos:centos:python39-toml", "p-cpe:/a:centos:centos:python39-more-itertools", "p-cpe:/a:centos:centos:python39-urllib3", "p-cpe:/a:centos:centos:python39-wcwidth", "p-cpe:/a:centos:centos:python39-numpy", "p-cpe:/a:centos:centos:python39-wheel", "p-cpe:/a:centos:centos:python39-wheel-wheel", "p-cpe:/a:centos:centos:python39-numpy-doc", "p-cpe:/a:centos:centos:python39-numpy-f2py", "p-cpe:/a:centos:centos:python39-packaging", "p-cpe:/a:centos:centos:python39-pip", "p-cpe:/a:centos:centos:python39-pip-wheel", "p-cpe:/a:centos:centos:python39-pluggy", "p-cpe:/a:centos:centos:python39-ply", "p-cpe:/a:centos:centos:python39-psutil", "p-cpe:/a:centos:centos:python39-psycopg2", "p-cpe:/a:centos:centos:python39-psycopg2-doc"], "id": "CENTOS8_RHSA-2021-4160.NASL", "href": "https://www.tenable.com/plugins/nessus/155040", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2021:4160. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155040);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/08\");\n\n script_cve_id(\n \"CVE-2021-3426\",\n \"CVE-2021-3572\",\n \"CVE-2021-3733\",\n \"CVE-2021-3737\",\n \"CVE-2021-28957\",\n \"CVE-2021-29921\",\n \"CVE-2021-33503\"\n );\n script_xref(name:\"RHSA\", value:\"2021:4160\");\n script_xref(name:\"IAVA\", value:\"2021-A-0263-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0497-S\");\n\n script_name(english:\"CentOS 8 : python39:3.9 and python39-devel:3.9 (CESA-2021:4160)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2021:4160 advisory.\n\n - python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS (CVE-2021-28957)\n\n - python-ipaddress: Improper input validation of octal strings (CVE-2021-29921)\n\n - python-urllib3: ReDoS in the parsing of authority part of URL (CVE-2021-33503)\n\n - python: Information disclosure via pydoc (CVE-2021-3426)\n\n - python-pip: Incorrect handling of unicode separators in git references (CVE-2021-3572)\n\n - python: urllib: Regular expression DoS in AbstractBasicAuthHandler (CVE-2021-3733)\n\n - python: urllib: HTTP client possible infinite loop on a 100 Continue response (CVE-2021-3737)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:4160\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29921\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-Cython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-PyMySQL\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-attrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-cffi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-chardet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-cryptography\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-idle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-idna\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-iniconfig\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-lxml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-mod_wsgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-more-itertools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-numpy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-numpy-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-numpy-f2py\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-packaging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-pip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-pip-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-pluggy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-ply\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-psutil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-psycopg2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-psycopg2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-psycopg2-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-py\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-pybind11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-pybind11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-pycparser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-pyparsing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-pysocks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-pytest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-pyyaml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-requests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-rpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-scipy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-setuptools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-setuptools-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-six\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-toml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-wcwidth\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python39-wheel-wheel\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/CentOS/release');\nif (isnull(os_release) || 'CentOS' >!< os_release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< os_release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/python39-devel');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module python39-devel:3.9');\nif ('3.9' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module python39-devel:' + module_ver);\n\nvar appstreams = {\n 'python39-devel:3.9': [\n {'reference':'python39-3.9.6-2.module_el8.5.0+897+68c4c210', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-3.9.6-2.module_el8.5.0+897+68c4c210', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-attrs-20.3.0-2.module_el8.4.0+680+7b309a77', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-attrs-20.3.0-2.module_el8.4.0+680+7b309a77', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-cffi-1.14.3-2.module_el8.4.0+680+7b309a77', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-cffi-1.14.3-2.module_el8.4.0+680+7b309a77', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-chardet-3.0.4-19.module_el8.4.0+680+7b309a77', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-chardet-3.0.4-19.module_el8.4.0+680+7b309a77', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-cryptography-3.3.1-2.module_el8.4.0+680+7b309a77', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-cryptography-3.3.1-2.module_el8.4.0+680+7b309a77', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-Cython-0.29.21-5.module_el8.4.0+680+7b309a77', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-Cython-0.29.21-5.module_el8.4.0+680+7b309a77', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-debug-3.9.6-2.module_el8.5.0+897+68c4c210', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-debug-3.9.6-2.module_el8.5.0+897+68c4c210', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-devel-3.9.6-2.module_el8.5.0+897+68c4c210', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-devel-3.9.6-2.module_el8.5.0+897+68c4c210', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-idle-3.9.6-2.module_el8.5.0+897+68c4c210', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-idle-3.9.6-2.module_el8.5.0+897+68c4c210', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-idna-2.10-3.module_el8.4.0+680+7b309a77', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-idna-2.10-3.module_el8.4.0+680+7b309a77', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-iniconfig-1.1.1-2.module_el8.4.0+680+7b309a77', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-iniconfig-1.1.1-2.module_el8.4.0+680+7b309a77', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-libs-3.9.6-2.module_el8.5.0+897+68c4c210', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-libs-3.9.6-2.module_el8.5.0+897+68c4c210', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-lxml-4.6.2-3.module_el8.5.0+740+addbb4c1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-lxml-4.6.2-3.module_el8.5.0+740+addbb4c1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-mod_wsgi-4.7.1-4.module_el8.4.0+680+7b309a77', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-mod_wsgi-4.7.1-4.module_el8.4.0+680+7b309a77', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-more-itertools-8.5.0-2.module_el8.4.0+680+7b309a77', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-more-itertools-8.5.0-2.module_el8.4.0+680+7b309a77', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-numpy-1.19.4-3.module_el8.5.0+897+68c4c210', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-numpy-1.19.4-3.module_el8.5.0+897+68c4c210', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-numpy-doc-1.19.4-3.module_el8.5.0+897+68c4c210', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-numpy-doc-1.19.4-3.module_el8.5.0+897+68c4c210', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-numpy-f2py-1.19.4-3.module_el8.5.0+897+68c4c210', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-numpy-f2py-1.19.4-3.module_el8.5.0+897+68c4c210', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-packaging-20.4-4.module_el8.4.0+680+7b309a77', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-packaging-20.4-4.module_el8.4.0+680+7b309a77', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pip-20.2.4-6.module_el8.5.0+897+68c4c210', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pip-20.2.4-6.module_el8.5.0+897+68c4c210', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pip-wheel-20.2.4-6.module_el8.5.0+897+68c4c210', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pip-wheel-20.2.4-6.module_el8.5.0+897+68c4c210', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pluggy-0.13.1-3.module_el8.4.0+680+7b309a77', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pluggy-0.13.1-3.module_el8.4.0+680+7b309a77', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-ply-3.11-10.module_el8.4.0+680+7b309a77', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-ply-3.11-10.module_el8.4.0+680+7b309a77', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-psutil-5.8.0-4.module_el8.4.0+680+7b309a77', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-psutil-5.8.0-4.module_el8.4.0+680+7b309a77', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-psycopg2-2.8.6-2.module_el8.4.0+680+7b309a77', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-psycopg2-2.8.6-2.module_el8.4.0+680+7b309a77', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-psycopg2-doc-2.8.6-2.module_el8.4.0+680+7b309a77', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-psycopg2-doc-2.8.6-2.module_el8.4.0+680+7b309a77', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-psycopg2-tests-2.8.6-2.module_el8.4.0+680+7b309a77', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-psycopg2-tests-2.8.6-2.module_el8.4.0+680+7b309a77', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-py-1.10.0-1.module_el8.4.0+680+7b309a77', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-py-1.10.0-1.module_el8.4.0+680+7b309a77', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pybind11-2.6.1-2.module_el8.4.0+680+7b309a77', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pybind11-2.6.1-2.module_el8.4.0+680+7b309a77', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pybind11-devel-2.6.1-2.module_el8.4.0+680+7b309a77', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pybind11-devel-2.6.1-2.module_el8.4.0+680+7b309a77', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pycparser-2.20-3.module_el8.4.0+680+7b309a77', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pycparser-2.20-3.module_el8.4.0+680+7b309a77', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-PyMySQL-0.10.1-2.module_el8.4.0+680+7b309a77', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-PyMySQL-0.10.1-2.module_el8.4.0+680+7b309a77', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pyparsing-2.4.7-5.module_el8.4.0+680+7b309a77', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pyparsing-2.4.7-5.module_el8.4.0+680+7b309a77', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pysocks-1.7.1-4.module_el8.4.0+680+7b309a77', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pysocks-1.7.1-4.module_el8.4.0+680+7b309a77', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pytest-6.0.2-2.module_el8.4.0+680+7b309a77', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pytest-6.0.2-2.module_el8.4.0+680+7b309a77', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pyyaml-5.4.1-1.module_el8.5.0+759+d10172d4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pyyaml-5.4.1-1.module_el8.5.0+759+d10172d4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-requests-2.25.0-2.module_el8.4.0+680+7b309a77', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-requests-2.25.0-2.module_el8.4.0+680+7b309a77', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-rpm-macros-3.9.6-2.module_el8.5.0+897+68c4c210', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-rpm-macros-3.9.6-2.module_el8.5.0+897+68c4c210', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-scipy-1.5.4-3.module_el8.4.0+680+7b309a77', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-scipy-1.5.4-3.module_el8.4.0+680+7b309a77', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-setuptools-50.3.2-4.module_el8.5.0+897+68c4c210', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-setuptools-50.3.2-4.module_el8.5.0+897+68c4c210', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-setuptools-wheel-50.3.2-4.module_el8.5.0+897+68c4c210', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-setuptools-wheel-50.3.2-4.module_el8.5.0+897+68c4c210', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-six-1.15.0-3.module_el8.4.0+680+7b309a77', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-six-1.15.0-3.module_el8.4.0+680+7b309a77', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-test-3.9.6-2.module_el8.5.0+897+68c4c210', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-test-3.9.6-2.module_el8.5.0+897+68c4c210', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-tkinter-3.9.6-2.module_el8.5.0+897+68c4c210', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-tkinter-3.9.6-2.module_el8.5.0+897+68c4c210', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-toml-0.10.1-5.module_el8.4.0+680+7b309a77', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-toml-0.10.1-5.module_el8.4.0+680+7b309a77', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-urllib3-1.25.10-4.module_el8.5.0+859+e98e3670', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-urllib3-1.25.10-4.module_el8.5.0+859+e98e3670', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-wcwidth-0.2.5-3.module_el8.4.0+680+7b309a77', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-wcwidth-0.2.5-3.module_el8.4.0+680+7b309a77', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-wheel-0.35.1-4.module_el8.5.0+897+68c4c210', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python39-wheel-0.35.1-4.module_el8.5.0+897+68c4c210', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python39-wheel-wheel-0.35.1-4.module_el8.5.0+897+68c4c210', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python39-wheel-wheel-0.35.1-4.module_el8.5.0+897+68c4c210', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n};\n\nvar flag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && _release) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module python39-devel:3.9');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python39 / python39-Cython / python39-PyMySQL / python39-attrs / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:36:14", "description": "The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-4160 advisory.\n\n - python: urllib: Regular expression DoS in AbstractBasicAuthHandler (CVE-2021-3733)\n\n - A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issue to install a different revision on a repository. The highest threat from this vulnerability is to data integrity. This is fixed in python-pip version 21.1. (CVE-2021-3572)\n\n - There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to access. The highest risk of this flaw is to data confidentiality. This flaw affects Python versions before 3.8.9, Python versions before 3.9.3 and Python versions before 3.10.0a7. (CVE-2021-3426)\n\n - An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safe_attrs_only and forms arguments, the Cleaner class does not remove the formaction attribute allowing for JS to bypass the sanitizer. A remote attacker could exploit this flaw to run arbitrary JS code on users who interact with incorrectly sanitized HTML. This issue is patched in lxml 4.6.3.\n (CVE-2021-28957)\n\n - An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component, the authority regular expression exhibits catastrophic backtracking, causing a denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect.\n (CVE-2021-33503)\n\n - python: urllib: HTTP client possible infinite loop on a 100 Continue response (CVE-2021-3737)\n\n - In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This (in some situations) allows attackers to bypass access control that is based on IP addresses. (CVE-2021-29921)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-12-10T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : python39:3.9 / and / python39-devel:3.9 (ELSA-2021-4160)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-28957", "CVE-2021-29921", "CVE-2021-33503", "CVE-2021-3426", "CVE-2021-3572", "CVE-2021-3733", "CVE-2021-3737"], "modified": "2022-11-28T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:python39", "p-cpe:/a:oracle:linux:python39-cython", "p-cpe:/a:oracle:linux:python39-pymysql", "p-cpe:/a:oracle:linux:python39-attrs", "p-cpe:/a:oracle:linux:python39-cffi", "p-cpe:/a:oracle:linux:python39-chardet", "p-cpe:/a:oracle:linux:python39-cryptography", "p-cpe:/a:oracle:linux:python39-debug", "p-cpe:/a:oracle:linux:python39-devel", "p-cpe:/a:oracle:linux:python39-idle", "p-cpe:/a:oracle:linux:python39-idna", "p-cpe:/a:oracle:linux:python39-iniconfig", "p-cpe:/a:oracle:linux:python39-libs", "p-cpe:/a:oracle:linux:python39-lxml", "p-cpe:/a:oracle:linux:python39-mod_wsgi", "p-cpe:/a:oracle:linux:python39-more-itertools", "p-cpe:/a:oracle:linux:python39-numpy", "p-cpe:/a:oracle:linux:python39-numpy-doc", "p-cpe:/a:oracle:linux:python39-numpy-f2py", "p-cpe:/a:oracle:linux:python39-packaging", "p-cpe:/a:oracle:linux:python39-pip", "p-cpe:/a:oracle:linux:python39-pip-wheel", "p-cpe:/a:oracle:linux:python39-pluggy", "p-cpe:/a:oracle:linux:python39-ply", "p-cpe:/a:oracle:linux:python39-psutil", "p-cpe:/a:oracle:linux:python39-psycopg2", "p-cpe:/a:oracle:linux:python39-psycopg2-doc", "p-cpe:/a:oracle:linux:python39-psycopg2-tests", "p-cpe:/a:oracle:linux:python39-py", "p-cpe:/a:oracle:linux:python39-pybind11", "p-cpe:/a:oracle:linux:python39-pybind11-devel", "p-cpe:/a:oracle:linux:python39-pycparser", "p-cpe:/a:oracle:linux:python39-pyparsing", "p-cpe:/a:oracle:linux:python39-pysocks", "p-cpe:/a:oracle:linux:python39-pytest", "p-cpe:/a:oracle:linux:python39-pyyaml", "p-cpe:/a:oracle:linux:python39-requests", "p-cpe:/a:oracle:linux:python39-rpm-macros", "p-cpe:/a:oracle:linux:python39-scipy", "p-cpe:/a:oracle:linux:python39-setuptools", "p-cpe:/a:oracle:linux:python39-setuptools-wheel", "p-cpe:/a:oracle:linux:python39-six", "p-cpe:/a:oracle:linux:python39-test", "p-cpe:/a:oracle:linux:python39-tkinter", "p-cpe:/a:oracle:linux:python39-toml", "p-cpe:/a:oracle:linux:python39-urllib3", "p-cpe:/a:oracle:linux:python39-wcwidth", "p-cpe:/a:oracle:linux:python39-wheel", "p-cpe:/a:oracle:linux:python39-wheel-wheel"], "id": "ORACLELINUX_ELSA-2021-4160.NASL", "href": "https://www.tenable.com/plugins/nessus/155967", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2021-4160.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155967);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/28\");\n\n script_cve_id(\n \"CVE-2021-3426\",\n \"CVE-2021-3572\",\n \"CVE-2021-3733\",\n \"CVE-2021-3737\",\n \"CVE-2021-28957\",\n \"CVE-2021-29921\",\n \"CVE-2021-33503\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0263-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0497-S\");\n\n script_name(english:\"Oracle Linux 8 : python39:3.9 / and / python39-devel:3.9 (ELSA-2021-4160)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2021-4160 advisory.\n\n - python: urllib: Regular expression DoS in AbstractBasicAuthHandler (CVE-2021-3733)\n\n - A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote\n attacker could possibly use this issue to install a different revision on a repository. The highest threat\n from this vulnerability is to data integrity. This is fixed in python-pip version 21.1. (CVE-2021-3572)\n\n - There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince\n another local or adjacent user to start a pydoc server could access the server and use it to disclose\n sensitive information belonging to the other user that they would not normally be able to access. The\n highest risk of this flaw is to data confidentiality. This flaw affects Python versions before 3.8.9,\n Python versions before 3.9.3 and Python versions before 3.10.0a7. (CVE-2021-3426)\n\n - An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling\n the safe_attrs_only and forms arguments, the Cleaner class does not remove the formaction attribute\n allowing for JS to bypass the sanitizer. A remote attacker could exploit this flaw to run arbitrary JS\n code on users who interact with incorrectly sanitized HTML. This issue is patched in lxml 4.6.3.\n (CVE-2021-28957)\n\n - An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in\n the authority component, the authority regular expression exhibits catastrophic backtracking, causing a\n denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect.\n (CVE-2021-33503)\n\n - python: urllib: HTTP client possible infinite loop on a 100 Continue response (CVE-2021-3737)\n\n - In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP\n address string. This (in some situations) allows attackers to bypass access control that is based on IP\n addresses. (CVE-2021-29921)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2021-4160.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29921\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-Cython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-PyMySQL\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-attrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-cffi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-chardet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-cryptography\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-idle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-idna\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-iniconfig\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-lxml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-mod_wsgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-more-itertools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-numpy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-numpy-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-numpy-f2py\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-packaging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-pip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-pip-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-pluggy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-ply\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-psutil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-psycopg2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-psycopg2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-psycopg2-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-py\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-pybind11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-pybind11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-pycparser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-pyparsing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-pysocks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-pytest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-pyyaml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-requests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-rpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-scipy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-setuptools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-setuptools-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-six\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-toml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-wcwidth\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python39-wheel-wheel\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/python39');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module python39:3.9');\nif ('3.9' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module python39:' + module_ver);\n\nvar appstreams = {\n 'python39:3.9': [\n {'reference':'python39-3.9.6-2.module+el8.5.0+20364+c7fe1181', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-3.9.6-2.module+el8.5.0+20364+c7fe1181', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-attrs-20.3.0-2.module+el8.4.0+20109+b7b1db01', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-cffi-1.14.3-2.module+el8.4.0+20109+b7b1db01', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-cffi-1.14.3-2.module+el8.4.0+20109+b7b1db01', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-chardet-3.0.4-19.module+el8.4.0+20109+b7b1db01', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-cryptography-3.3.1-2.module+el8.4.0+20109+b7b1db01', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-cryptography-3.3.1-2.module+el8.4.0+20109+b7b1db01', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-Cython-0.29.21-5.module+el8.4.0+20109+b7b1db01', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-Cython-0.29.21-5.module+el8.4.0+20109+b7b1db01', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-debug-3.9.6-2.module+el8.5.0+20364+c7fe1181', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-debug-3.9.6-2.module+el8.5.0+20364+c7fe1181', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-devel-3.9.6-2.module+el8.5.0+20364+c7fe1181', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-devel-3.9.6-2.module+el8.5.0+20364+c7fe1181', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-idle-3.9.6-2.module+el8.5.0+20364+c7fe1181', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-idle-3.9.6-2.module+el8.5.0+20364+c7fe1181', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-idna-2.10-3.module+el8.4.0+20109+b7b1db01', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-iniconfig-1.1.1-2.module+el8.4.0+20109+b7b1db01', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-libs-3.9.6-2.module+el8.5.0+20364+c7fe1181', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-libs-3.9.6-2.module+el8.5.0+20364+c7fe1181', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-lxml-4.6.2-3.module+el8.5.0+20364+c7fe1181', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-lxml-4.6.2-3.module+el8.5.0+20364+c7fe1181', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-mod_wsgi-4.7.1-4.module+el8.4.0+20109+b7b1db01', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-mod_wsgi-4.7.1-4.module+el8.4.0+20109+b7b1db01', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-more-itertools-8.5.0-2.module+el8.4.0+20109+b7b1db01', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-numpy-1.19.4-3.module+el8.5.0+20364+c7fe1181', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-numpy-1.19.4-3.module+el8.5.0+20364+c7fe1181', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-numpy-doc-1.19.4-3.module+el8.5.0+20364+c7fe1181', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-numpy-f2py-1.19.4-3.module+el8.5.0+20364+c7fe1181', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-numpy-f2py-1.19.4-3.module+el8.5.0+20364+c7fe1181', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-packaging-20.4-4.module+el8.4.0+20109+b7b1db01', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pip-20.2.4-6.module+el8.5.0+20364+c7fe1181', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pip-wheel-20.2.4-6.module+el8.5.0+20364+c7fe1181', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pluggy-0.13.1-3.module+el8.4.0+20109+b7b1db01', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-ply-3.11-10.module+el8.4.0+20109+b7b1db01', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-psutil-5.8.0-4.module+el8.4.0+20109+b7b1db01', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-psutil-5.8.0-4.module+el8.4.0+20109+b7b1db01', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-psycopg2-2.8.6-2.module+el8.4.0+20109+b7b1db01', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-psycopg2-2.8.6-2.module+el8.4.0+20109+b7b1db01', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-psycopg2-doc-2.8.6-2.module+el8.4.0+20109+b7b1db01', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-psycopg2-doc-2.8.6-2.module+el8.4.0+20109+b7b1db01', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-psycopg2-tests-2.8.6-2.module+el8.4.0+20109+b7b1db01', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-psycopg2-tests-2.8.6-2.module+el8.4.0+20109+b7b1db01', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-py-1.10.0-1.module+el8.4.0+20109+b7b1db01', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pybind11-2.6.1-2.module+el8.4.0+20109+b7b1db01', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pybind11-2.6.1-2.module+el8.4.0+20109+b7b1db01', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pybind11-devel-2.6.1-2.module+el8.4.0+20109+b7b1db01', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pybind11-devel-2.6.1-2.module+el8.4.0+20109+b7b1db01', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pycparser-2.20-3.module+el8.4.0+20109+b7b1db01', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-PyMySQL-0.10.1-2.module+el8.4.0+20109+b7b1db01', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pyparsing-2.4.7-5.module+el8.4.0+20109+b7b1db01', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pysocks-1.7.1-4.module+el8.4.0+20109+b7b1db01', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pytest-6.0.2-2.module+el8.4.0+20109+b7b1db01', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pyyaml-5.4.1-1.module+el8.5.0+20364+c7fe1181', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-pyyaml-5.4.1-1.module+el8.5.0+20364+c7fe1181', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-requests-2.25.0-2.module+el8.4.0+20109+b7b1db01', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-rpm-macros-3.9.6-2.module+el8.5.0+20364+c7fe1181', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-scipy-1.5.4-3.module+el8.4.0+20109+b7b1db01', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-scipy-1.5.4-3.module+el8.4.0+20109+b7b1db01', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-setuptools-50.3.2-4.module+el8.5.0+20364+c7fe1181', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-setuptools-wheel-50.3.2-4.module+el8.5.0+20364+c7fe1181', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-six-1.15.0-3.module+el8.4.0+20109+b7b1db01', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-test-3.9.6-2.module+el8.5.0+20364+c7fe1181', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-test-3.9.6-2.module+el8.5.0+20364+c7fe1181', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-tkinter-3.9.6-2.module+el8.5.0+20364+c7fe1181', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-tkinter-3.9.6-2.module+el8.5.0+20364+c7fe1181', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-toml-0.10.1-5.module+el8.4.0+20109+b7b1db01', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-urllib3-1.25.10-4.module+el8.5.0+20364+c7fe1181', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-wcwidth-0.2.5-3.module+el8.4.0+20109+b7b1db01', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python39-wheel-0.35.1-4.module+el8.5.0+20364+c7fe1181', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'python39-wheel-wheel-0.35.1-4.module+el8.5.0+20364+c7fe1181', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n};\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var package_array ( appstreams[module] ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module python39:3.9');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python39 / python39-Cython / python39-PyMySQL / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T14:29:28", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3252 advisory.\n\n - python: Unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)\n\n - python-jinja2: ReDoS vulnerability in the urlize filter (CVE-2020-28493)\n\n - CVE-2021-42771 python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-20095)\n\n - python-pygments: Infinite loop in SML lexer may lead to DoS (CVE-2021-20270)\n\n - python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (CVE-2021-23336)\n\n - python-pygments: ReDoS in multiple lexers (CVE-2021-27291)\n\n - python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c (CVE-2021-3177)\n\n - CVE-2021-20095 python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-42771)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-08-24T00:00:00", "type": "nessus", "title": "RHEL 7 : python27 (RHSA-2021:3252)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-27619", "CVE-2020-28493", "CVE-2021-20095", "CVE-2021-20270", "CVE-2021-23336", "CVE-2021-27291", "CVE-2021-3177", "CVE-2021-42771"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:python27-babel", "p-cpe:/a:redhat:enterprise_linux:python27-python", "p-cpe:/a:redhat:enterprise_linux:python27-python-babel", "p-cpe:/a:redhat:enterprise_linux:python27-python-debug", "p-cpe:/a:redhat:enterprise_linux:python27-python-devel", "p-cpe:/a:redhat:enterprise_linux:python27-python-jinja2", "p-cpe:/a:redhat:enterprise_linux:python27-python-libs", "p-cpe:/a:redhat:enterprise_linux:python27-python-pygments", "p-cpe:/a:redhat:enterprise_linux:python27-python-test", "p-cpe:/a:redhat:enterprise_linux:python27-python-tools", "p-cpe:/a:redhat:enterprise_linux:python27-tkinter"], "id": "REDHAT-RHSA-2021-3252.NASL", "href": "https://www.tenable.com/plugins/nessus/152778", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:3252. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152778);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2020-27619\",\n \"CVE-2020-28493\",\n \"CVE-2021-3177\",\n \"CVE-2021-20095\",\n \"CVE-2021-20270\",\n \"CVE-2021-23336\",\n \"CVE-2021-27291\"\n );\n script_xref(name:\"RHSA\", value:\"2021:3252\");\n script_xref(name:\"IAVA\", value:\"2021-A-0052-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0263-S\");\n\n script_name(english:\"RHEL 7 : python27 (RHSA-2021:3252)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:3252 advisory.\n\n - python: Unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)\n\n - python-jinja2: ReDoS vulnerability in the urlize filter (CVE-2020-28493)\n\n - CVE-2021-42771 python-babel: Relative path traversal allows attacker to load arbitrary locale files and\n execute arbitrary code (CVE-2021-20095)\n\n - python-pygments: Infinite loop in SML lexer may lead to DoS (CVE-2021-20270)\n\n - python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in\n query parameters (CVE-2021-23336)\n\n - python-pygments: ReDoS in multiple lexers (CVE-2021-27291)\n\n - python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c (CVE-2021-3177)\n\n - CVE-2021-20095 python-babel: Relative path traversal allows attacker to load arbitrary locale files and\n execute arbitrary code (CVE-2021-42771)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-27619\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-28493\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3177\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-20095\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-20270\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23336\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-27291\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-42771\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:3252\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1889886\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1918168\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1922136\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1928707\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1928904\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1940603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1955615\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3177\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 22, 95, 120, 400, 444, 835);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/08/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python27-babel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python27-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python27-python-babel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python27-python-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python27-python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python27-python-jinja2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python27-python-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python27-python-pygments\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python27-python-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python27-python-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python27-tkinter\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/os',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'python27-babel-0.9.6-10.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python27-python-2.7.18-3.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python27-python-2.7.18-3.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python27-python-2.7.18-3.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python27-python-babel-0.9.6-10.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python27-python-debug-2.7.18-3.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python27-python-debug-2.7.18-3.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python27-python-debug-2.7.18-3.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python27-python-devel-2.7.18-3.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python27-python-devel-2.7.18-3.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python27-python-devel-2.7.18-3.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python27-python-jinja2-2.6-16.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python27-python-libs-2.7.18-3.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python27-python-libs-2.7.18-3.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python27-python-libs-2.7.18-3.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python27-python-pygments-1.5-5.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python27-python-test-2.7.18-3.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python27-python-test-2.7.18-3.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python27-python-test-2.7.18-3.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python27-python-tools-2.7.18-3.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python27-python-tools-2.7.18-3.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python27-python-tools-2.7.18-3.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python27-tkinter-2.7.18-3.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python27-tkinter-2.7.18-3.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python27-tkinter-2.7.18-3.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python27-babel / python27-python / python27-python-babel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:35:22", "description": "The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-4201 advisory.\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none. (CVE-2021-20095)\n\n - Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing serialized Python objects) via directory traversal, leading to code execution. (CVE-2021-42771)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-17T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : babel (ELSA-2021-4201)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-20095", "CVE-2021-42771"], "modified": "2021-11-17T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:python3-babel"], "id": "ORACLELINUX_ELSA-2021-4201.NASL", "href": "https://www.tenable.com/plugins/nessus/155390", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2021-4201.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155390);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/17\");\n\n script_cve_id(\"CVE-2021-20095\", \"CVE-2021-42771\");\n\n script_name(english:\"Oracle Linux 8 : babel (ELSA-2021-4201)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nELSA-2021-4201 advisory.\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by\n its CNA. Notes: none. (CVE-2021-20095)\n\n - Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing\n serialized Python objects) via directory traversal, leading to code execution. (CVE-2021-42771)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2021-4201.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python3-babel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-42771\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/04/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-babel\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar pkgs = [\n {'reference':'python3-babel-2.5.1-7.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python3-babel');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:25:54", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:4201 advisory.\n\n - CVE-2021-42771 python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-20095)\n\n - CVE-2021-20095 python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-42771)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-11T00:00:00", "type": "nessus", "title": "RHEL 8 : babel (RHSA-2021:4201)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-20095", "CVE-2021-42771"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:python3-babel"], "id": "REDHAT-RHSA-2021-4201.NASL", "href": "https://www.tenable.com/plugins/nessus/155152", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:4201. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155152);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\"CVE-2021-20095\", \"CVE-2021-42771\");\n script_xref(name:\"RHSA\", value:\"2021:4201\");\n\n script_name(english:\"RHEL 8 : babel (RHSA-2021:4201)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:4201 advisory.\n\n - CVE-2021-42771 python-babel: Relative path traversal allows attacker to load arbitrary locale files and\n execute arbitrary code (CVE-2021-20095)\n\n - CVE-2021-20095 python-babel: Relative path traversal allows attacker to load arbitrary locale files and\n execute arbitrary code (CVE-2021-42771)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-20095\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-42771\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:4201\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1955615\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python3-babel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-42771\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(22);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-babel\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/appstream/debug',\n 'content/eus/rhel8/8.6/s390x/appstream/os',\n 'content/eus/rhel8/8.6/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/baseos/debug',\n 'content/eus/rhel8/8.6/s390x/baseos/os',\n 'content/eus/rhel8/8.6/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/highavailability/debug',\n 'content/eus/rhel8/8.6/s390x/highavailability/os',\n 'content/eus/rhel8/8.6/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/sap/debug',\n 'content/eus/rhel8/8.6/s390x/sap/os',\n 'content/eus/rhel8/8.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/supplementary/debug',\n 'content/eus/rhel8/8.6/s390x/supplementary/os',\n 'content/eus/rhel8/8.6/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'python3-babel-2.5.1-7.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'python3-babel-2.5.1-7.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python3-babel');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:35:21", "description": "The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:4201 advisory.\n\n - CVE-2021-42771 python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-20095)\n\n - CVE-2021-20095 python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-42771)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-11T00:00:00", "type": "nessus", "title": "CentOS 8 : babel (CESA-2021:4201)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-20095", "CVE-2021-42771"], "modified": "2021-11-11T00:00:00", "cpe": ["cpe:/o:centos:centos:8-stream", "p-cpe:/a:centos:centos:python3-babel"], "id": "CENTOS8_RHSA-2021-4201.NASL", "href": "https://www.tenable.com/plugins/nessus/155195", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2021:4201. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155195);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/11\");\n\n script_cve_id(\"CVE-2021-20095\", \"CVE-2021-42771\");\n script_xref(name:\"RHSA\", value:\"2021:4201\");\n\n script_name(english:\"CentOS 8 : babel (CESA-2021:4201)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nCESA-2021:4201 advisory.\n\n - CVE-2021-42771 python-babel: Relative path traversal allows attacker to load arbitrary locale files and\n execute arbitrary code (CVE-2021-20095)\n\n - CVE-2021-20095 python-babel: Relative path traversal allows attacker to load arbitrary locale files and\n execute arbitrary code (CVE-2021-42771)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:4201\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python3-babel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-42771\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/04/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8-stream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-babel\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nvar os_ver = os_ver[1];\nif ('CentOS Stream' >!< release) audit(AUDIT_OS_NOT, 'CentOS 8-Stream');\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar pkgs = [\n {'reference':'python3-babel-2.5.1-7.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python3-babel');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:34:11", "description": "The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2790 advisory.\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none. (CVE-2021-20095)\n\n - Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing serialized Python objects) via directory traversal, leading to code execution. (CVE-2021-42771)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-10-21T00:00:00", "type": "nessus", "title": "Debian DLA-2790-1 : python-babel - LTS security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-20095", "CVE-2021-42771"], "modified": "2022-01-20T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:python-babel", "p-cpe:/a:debian:debian_linux:python-babel-doc", "p-cpe:/a:debian:debian_linux:python-babel-localedata", "p-cpe:/a:debian:debian_linux:python3-babel", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2790.NASL", "href": "https://www.tenable.com/plugins/nessus/154330", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-2790. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154330);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/20\");\n\n script_cve_id(\"CVE-2021-20095\", \"CVE-2021-42771\");\n\n script_name(english:\"Debian DLA-2790-1 : python-babel - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndla-2790 advisory.\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by\n its CNA. Notes: none. (CVE-2021-20095)\n\n - Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing\n serialized Python objects) via directory traversal, leading to code execution. (CVE-2021-42771)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987824\");\n # https://security-tracker.debian.org/tracker/source-package/python-babel\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?cbd0729b\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2021/dla-2790\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-20095\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-42771\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/stretch/python-babel\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the python-babel packages.\n\nFor Debian 9 stretch, this problem has been fixed in version 2.3.4+dfsg.1-2+deb9u1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-42771\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/04/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-babel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-babel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-babel-localedata\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3-babel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(9)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 9.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '9.0', 'prefix': 'python-babel', 'reference': '2.3.4+dfsg.1-2+deb9u1'},\n {'release': '9.0', 'prefix': 'python-babel-doc', 'reference': '2.3.4+dfsg.1-2+deb9u1'},\n {'release': '9.0', 'prefix': 'python-babel-localedata', 'reference': '2.3.4+dfsg.1-2+deb9u1'},\n {'release': '9.0', 'prefix': 'python3-babel', 'reference': '2.3.4+dfsg.1-2+deb9u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python-babel / python-babel-doc / python-babel-localedata / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:41:46", "description": "The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2021:4201 advisory.\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none. (CVE-2021-20095)\n\n - Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing serialized Python objects) via directory traversal, leading to code execution. (CVE-2021-42771)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-09T00:00:00", "type": "nessus", "title": "AlmaLinux 8 : babel (ALSA-2021:4201)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-20095", "CVE-2021-42771"], "modified": "2022-02-14T00:00:00", "cpe": ["p-cpe:/a:alma:linux:python3-babel", "cpe:/o:alma:linux:8"], "id": "ALMA_LINUX_ALSA-2021-4201.NASL", "href": "https://www.tenable.com/plugins/nessus/157512", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2021:4201.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157512);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/14\");\n\n script_cve_id(\"CVE-2021-20095\", \"CVE-2021-42771\");\n script_xref(name:\"ALSA\", value:\"2021:4201\");\n\n script_name(english:\"AlmaLinux 8 : babel (ALSA-2021:4201)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nALSA-2021:4201 advisory.\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by\n its CNA. Notes: none. (CVE-2021-20095)\n\n - Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing\n serialized Python objects) via directory traversal, leading to code execution. (CVE-2021-42771)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2021-4201.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python3-babel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-42771\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/04/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:python3-babel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(release) || 'AlmaLinux' >!< release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar pkgs = [\n {'reference':'python3-babel-2.5.1-7.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python3-babel');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-24T15:56:36", "description": "The version of python34 installed on the remote host is prior to 3.4.10-1.55. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1504 advisory.\n\n - The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter. (CVE-2021-23336)\n\n - There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to access. The highest risk of this flaw is to data confidentiality. This flaw affects Python versions before 3.8.9, Python versions before 3.9.3 and Python versions before 3.10.0a7. (CVE-2021-3426)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-05-24T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : python34 (ALAS-2021-1504)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23336", "CVE-2021-3426"], "modified": "2021-05-24T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:python34", "p-cpe:/a:amazon:linux:python34-debuginfo", "p-cpe:/a:amazon:linux:python34-devel", "p-cpe:/a:amazon:linux:python34-libs", "p-cpe:/a:amazon:linux:python34-test", "p-cpe:/a:amazon:linux:python34-tools", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2021-1504.NASL", "href": "https://www.tenable.com/plugins/nessus/149868", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2021-1504.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149868);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/05/24\");\n\n script_cve_id(\"CVE-2021-3426\", \"CVE-2021-23336\");\n script_xref(name:\"ALAS\", value:\"2021-1504\");\n\n script_name(english:\"Amazon Linux AMI : python34 (ALAS-2021-1504)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux AMI host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of python34 installed on the remote host is prior to 3.4.10-1.55. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS-2021-1504 advisory.\n\n - The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before\n 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and\n urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query\n parameters using a semicolon (;), they can cause a difference in the interpretation of the request between\n the proxy (running with default configuration) and the server. This can result in malicious requests being\n cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and\n therefore would not include it in a cache key of an unkeyed parameter. (CVE-2021-23336)\n\n - There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince\n another local or adjacent user to start a pydoc server could access the server and use it to disclose\n sensitive information belonging to the other user that they would not normally be able to access. The\n highest risk of this flaw is to data confidentiality. This flaw affects Python versions before 3.8.9,\n Python versions before 3.9.3 and Python versions before 3.10.0a7. (CVE-2021-3426)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/ALAS-2021-1504.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23336\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3426\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update python34' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23336\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/01/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python34\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python34-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python34-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python34-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python34-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python34-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\npkgs = [\n {'reference':'python34-3.4.10-1.55.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python34-3.4.10-1.55.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python34-debuginfo-3.4.10-1.55.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python34-debuginfo-3.4.10-1.55.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python34-devel-3.4.10-1.55.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python34-devel-3.4.10-1.55.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python34-libs-3.4.10-1.55.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python34-libs-3.4.10-1.55.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python34-test-3.4.10-1.55.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python34-test-3.4.10-1.55.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python34-tools-3.4.10-1.55.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python34-tools-3.4.10-1.55.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python34 / python34-debuginfo / python34-devel / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-24T15:58:13", "description": "The version of python3 installed on the remote host is prior to 3.7.9-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1640 advisory.\n\n - The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter. (CVE-2021-23336)\n\n - There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to access. The highest risk of this flaw is to data confidentiality. This flaw affects Python versions before 3.8.9, Python versions before 3.9.3 and Python versions before 3.10.0a7. (CVE-2021-3426)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-05-24T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : python3 (ALAS-2021-1640)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23336", "CVE-2021-3426"], "modified": "2021-05-24T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:python3", "p-cpe:/a:amazon:linux:python3-debug", "p-cpe:/a:amazon:linux:python3-debuginfo", "p-cpe:/a:amazon:linux:python3-devel", "p-cpe:/a:amazon:linux:python3-libs", "p-cpe:/a:amazon:linux:python3-test", "p-cpe:/a:amazon:linux:python3-tkinter", "p-cpe:/a:amazon:linux:python3-tools", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2021-1640.NASL", "href": "https://www.tenable.com/plugins/nessus/149865", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2021-1640.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149865);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/05/24\");\n\n script_cve_id(\"CVE-2021-3426\", \"CVE-2021-23336\");\n script_xref(name:\"ALAS\", value:\"2021-1640\");\n\n script_name(english:\"Amazon Linux 2 : python3 (ALAS-2021-1640)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of python3 installed on the remote host is prior to 3.7.9-1. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS2-2021-1640 advisory.\n\n - The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before\n 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and\n urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query\n parameters using a semicolon (;), they can cause a difference in the interpretation of the request between\n the proxy (running with default configuration) and the server. This can result in malicious requests being\n cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and\n therefore would not include it in a cache key of an unkeyed parameter. (CVE-2021-23336)\n\n - There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince\n another local or adjacent user to start a pydoc server could access the server and use it to disclose\n sensitive information belonging to the other user that they would not normally be able to access. The\n highest risk of this flaw is to data confidentiality. This flaw affects Python versions before 3.8.9,\n Python versions before 3.9.3 and Python versions before 3.10.0a7. (CVE-2021-3426)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALAS-2021-1640.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23336\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3426\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update python3' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23336\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/01/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3-tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\npkgs = [\n {'reference':'python3-3.7.9-1.amzn2.0.3', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-3.7.9-1.amzn2.0.3', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-3.7.9-1.amzn2.0.3', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-debug-3.7.9-1.amzn2.0.3', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-debug-3.7.9-1.amzn2.0.3', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-debug-3.7.9-1.amzn2.0.3', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-debuginfo-3.7.9-1.amzn2.0.3', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-debuginfo-3.7.9-1.amzn2.0.3', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-debuginfo-3.7.9-1.amzn2.0.3', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-devel-3.7.9-1.amzn2.0.3', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-devel-3.7.9-1.amzn2.0.3', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-devel-3.7.9-1.amzn2.0.3', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libs-3.7.9-1.amzn2.0.3', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libs-3.7.9-1.amzn2.0.3', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libs-3.7.9-1.amzn2.0.3', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-test-3.7.9-1.amzn2.0.3', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-test-3.7.9-1.amzn2.0.3', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-test-3.7.9-1.amzn2.0.3', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-tkinter-3.7.9-1.amzn2.0.3', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-tkinter-3.7.9-1.amzn2.0.3', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-tkinter-3.7.9-1.amzn2.0.3', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-tools-3.7.9-1.amzn2.0.3', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-tools-3.7.9-1.amzn2.0.3', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-tools-3.7.9-1.amzn2.0.3', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python3 / python3-debug / python3-debuginfo / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-24T15:56:35", "description": "The version of python36 installed on the remote host is prior to 3.6.12-1.21. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1500 advisory.\n\n - The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter. (CVE-2021-23336)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-05-19T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : python36 (ALAS-2021-1500)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23336", "CVE-2021-3426"], "modified": "2021-05-25T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:python36", "p-cpe:/a:amazon:linux:python36-debug", "p-cpe:/a:amazon:linux:python36-debuginfo", "p-cpe:/a:amazon:linux:python36-devel", "p-cpe:/a:amazon:linux:python36-libs", "p-cpe:/a:amazon:linux:python36-test", "p-cpe:/a:amazon:linux:python36-tools", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2021-1500.NASL", "href": "https://www.tenable.com/plugins/nessus/149784", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2021-1500.\n##\n\ninclude('deprecated_nasl_level.inc');\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149784);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/05/25\");\n\n script_cve_id(\"CVE-2021-3426\", \"CVE-2021-23336\");\n script_xref(name:\"ALAS\", value:\"2021-1500\");\n\n script_name(english:\"Amazon Linux AMI : python36 (ALAS-2021-1500)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux AMI host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of python36 installed on the remote host is prior to 3.6.12-1.21. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS-2021-1500 advisory.\n\n - The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before\n 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and\n urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query\n parameters using a semicolon (;), they can cause a difference in the interpretation of the request between\n the proxy (running with default configuration) and the server. This can result in malicious requests being\n cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and\n therefore would not include it in a cache key of an unkeyed parameter. (CVE-2021-23336)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/ALAS-2021-1500.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23336\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3426\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update python36' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23336\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/01/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python36\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python36-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python36-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python36-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python36-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python36-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python36-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\npkgs = [\n {'reference':'python36-3.6.12-1.21.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python36-3.6.12-1.21.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python36-debug-3.6.12-1.21.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python36-debug-3.6.12-1.21.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python36-debuginfo-3.6.12-1.21.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python36-debuginfo-3.6.12-1.21.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python36-devel-3.6.12-1.21.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python36-devel-3.6.12-1.21.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python36-libs-3.6.12-1.21.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python36-libs-3.6.12-1.21.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python36-test-3.6.12-1.21.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python36-test-3.6.12-1.21.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python36-tools-3.6.12-1.21.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python36-tools-3.6.12-1.21.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python36 / python36-debug / python36-debuginfo / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-24T15:58:50", "description": "The remote host is affected by the vulnerability described in GLSA-202104-04 (Python: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Python. Please review the CVE identifiers referenced below for details.\n Impact :\n\n Please review the referenced CVE identifiers for details.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2021-05-03T00:00:00", "type": "nessus", "title": "GLSA-202104-04 : Python: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23336", "CVE-2021-3426"], "modified": "2021-05-26T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:python", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202104-04.NASL", "href": "https://www.tenable.com/plugins/nessus/149220", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202104-04.\n#\n# The advisory text is Copyright (C) 2001-2021 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(149220);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/05/26\");\n\n script_cve_id(\"CVE-2021-23336\", \"CVE-2021-3426\");\n script_xref(name:\"GLSA\", value:\"202104-04\");\n\n script_name(english:\"GLSA-202104-04 : Python: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is affected by the vulnerability described in GLSA-202104-04\n(Python: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Python. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n Please review the referenced CVE identifiers for details.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/202104-04\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"All Python 2.7 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/python-2.7.18_p8'\n All Python 3.6 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/python-3.6.13_p1'\n All Python 3.7 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/python-3.7.10_p1'\n All Python 3.8 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/python-3.8.8_p1'\n All Python 3.9 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/python-3.9.2_p1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23336\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-lang/python\", unaffected:make_list(\"ge 2.7.18_p8\", \"ge 3.6.13_p1\", \"ge 3.7.10_p1\", \"ge 3.8.8_p1\", \"ge 3.9.2_p1\"), vulnerable:make_list(\"lt 3.9.2_p1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Python\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-25T14:53:28", "description": "The version of python35 installed on the remote host is prior to 3.5.10-1.30. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1498 advisory.\n\n - The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter. (CVE-2021-23336)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-05-12T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : python35 (ALAS-2021-1498)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23336", "CVE-2021-3426"], "modified": "2021-05-25T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:python35", "p-cpe:/a:amazon:linux:python35-debuginfo", "p-cpe:/a:amazon:linux:python35-devel", "p-cpe:/a:amazon:linux:python35-libs", "p-cpe:/a:amazon:linux:python35-test", "p-cpe:/a:amazon:linux:python35-tools", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2021-1498.NASL", "href": "https://www.tenable.com/plugins/nessus/149432", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2021-1498.\n##\n\ninclude('deprecated_nasl_level.inc');\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149432);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/05/25\");\n\n script_cve_id(\"CVE-2021-3426\", \"CVE-2021-23336\");\n script_xref(name:\"ALAS\", value:\"2021-1498\");\n\n script_name(english:\"Amazon Linux AMI : python35 (ALAS-2021-1498)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux AMI host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of python35 installed on the remote host is prior to 3.5.10-1.30. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS-2021-1498 advisory.\n\n - The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before\n 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and\n urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query\n parameters using a semicolon (;), they can cause a difference in the interpretation of the request between\n the proxy (running with default configuration) and the server. This can result in malicious requests being\n cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and\n therefore would not include it in a cache key of an unkeyed parameter. (CVE-2021-23336)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/ALAS-2021-1498.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23336\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3426\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update python35' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23336\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python35\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python35-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python35-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python35-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python35-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python35-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\npkgs = [\n {'reference':'python35-3.5.10-1.30.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python35-3.5.10-1.30.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python35-debuginfo-3.5.10-1.30.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python35-debuginfo-3.5.10-1.30.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python35-devel-3.5.10-1.30.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python35-devel-3.5.10-1.30.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python35-libs-3.5.10-1.30.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python35-libs-3.5.10-1.30.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python35-test-3.5.10-1.30.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python35-test-3.5.10-1.30.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python35-tools-3.5.10-1.30.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python35-tools-3.5.10-1.30.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python35 / python35-debuginfo / python35-devel / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-08T20:31:34", "description": "According to the versions of the python-pip packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created. This is fixed in: v3.5.10, v3.5.10rc1; v3.6.12;\n v3.7.9; v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1; v3.9.0, v3.9.0b4, v3.9.0b5, v3.9.0rc1, v3.9.0rc2.\n (CVE-2020-14422)\n\n - In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This (in some situations) allows attackers to bypass access control that is based on IP addresses. (CVE-2021-29921)\n\n - An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component, the authority regular expression exhibits catastrophic backtracking, causing a denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect.\n (CVE-2021-33503)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2023-01-10T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.10.1 : python-pip (EulerOS-SA-2023-1152)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-14422", "CVE-2021-29921", "CVE-2021-33503"], "modified": "2023-09-08T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:python-pip-wheel", "p-cpe:/a:huawei:euleros:python3-pip", "cpe:/o:huawei:euleros:uvp:2.10.1"], "id": "EULEROS_SA-2023-1152.NASL", "href": "https://www.tenable.com/plugins/nessus/169798", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169798);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/08\");\n\n script_cve_id(\"CVE-2020-14422\", \"CVE-2021-29921\", \"CVE-2021-33503\");\n\n script_name(english:\"EulerOS Virtualization 2.10.1 : python-pip (EulerOS-SA-2023-1152)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the python-pip packages installed, the EulerOS Virtualization installation on the remote\nhost is affected by the following vulnerabilities :\n\n - Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and\n IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application\n is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this\n attacker can cause many dictionary entries to be created. This is fixed in: v3.5.10, v3.5.10rc1; v3.6.12;\n v3.7.9; v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1; v3.9.0, v3.9.0b4, v3.9.0b5, v3.9.0rc1, v3.9.0rc2.\n (CVE-2020-14422)\n\n - In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP\n address string. This (in some situations) allows attackers to bypass access control that is based on IP\n addresses. (CVE-2021-29921)\n\n - An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in\n the authority component, the authority regular expression exhibits catastrophic backtracking, causing a\n denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect.\n (CVE-2021-33503)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2023-1152\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5db0fd97\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python-pip packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29921\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/06/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-pip-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-pip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.10.1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.10.1\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.10.1\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu && \"x86\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"python-pip-wheel-20.2.2-1.h7.eulerosv2r10\",\n \"python3-pip-20.2.2-1.h7.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-pip\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-12T17:14:41", "description": "According to the versions of the python-pip packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created. This is fixed in: v3.5.10, v3.5.10rc1; v3.6.12;\n v3.7.9; v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1; v3.9.0, v3.9.0b4, v3.9.0b5, v3.9.0rc1, v3.9.0rc2.\n (CVE-2020-14422)\n\n - In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This (in some situations) allows attackers to bypass access control that is based on IP addresses. (CVE-2021-29921)\n\n - An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component, the authority regular expression exhibits catastrophic backtracking, causing a denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect.\n (CVE-2021-33503)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-12-21T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP10 : python-pip (EulerOS-SA-2022-2854)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-14422", "CVE-2021-29921", "CVE-2021-33503"], "modified": "2023-09-12T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:python-pip-wheel", "p-cpe:/a:huawei:euleros:python3-pip", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-2854.NASL", "href": "https://www.tenable.com/plugins/nessus/168963", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(168963);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/12\");\n\n script_cve_id(\"CVE-2020-14422\", \"CVE-2021-29921\", \"CVE-2021-33503\");\n\n script_name(english:\"EulerOS 2.0 SP10 : python-pip (EulerOS-SA-2022-2854)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the python-pip packages installed, the EulerOS installation on the remote host is affected\nby the following vulnerabilities :\n\n - Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and\n IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application\n is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this\n attacker can cause many dictionary entries to be created. This is fixed in: v3.5.10, v3.5.10rc1; v3.6.12;\n v3.7.9; v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1; v3.9.0, v3.9.0b4, v3.9.0b5, v3.9.0rc1, v3.9.0rc2.\n (CVE-2020-14422)\n\n - In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP\n address string. This (in some situations) allows attackers to bypass access control that is based on IP\n addresses. (CVE-2021-29921)\n\n - An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in\n the authority component, the authority regular expression exhibits catastrophic backtracking, causing a\n denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect.\n (CVE-2021-33503)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2854\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?365c960e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python-pip packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29921\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/06/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/12/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/12/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-pip-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-pip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (_release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(10)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"python-pip-wheel-20.2.2-1.h7.eulerosv2r10\",\n \"python3-pip-20.2.2-1.h7.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"10\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-pip\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-12T17:12:15", "description": "According to the versions of the python-pip packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created. This is fixed in: v3.5.10, v3.5.10rc1; v3.6.12;\n v3.7.9; v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1; v3.9.0, v3.9.0b4, v3.9.0b5, v3.9.0rc1, v3.9.0rc2.\n (CVE-2020-14422)\n\n - In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This (in some situations) allows attackers to bypass access control that is based on IP addresses. (CVE-2021-29921)\n\n - An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component, the authority regular expression exhibits catastrophic backtracking, causing a denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect.\n (CVE-2021-33503)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-12-21T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP10 : python-pip (EulerOS-SA-2022-2828)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-14422", "CVE-2021-29921", "CVE-2021-33503"], "modified": "2023-09-12T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:python-pip-wheel", "p-cpe:/a:huawei:euleros:python3-pip", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-2828.NASL", "href": "https://www.tenable.com/plugins/nessus/168985", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(168985);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/12\");\n\n script_cve_id(\"CVE-2020-14422\", \"CVE-2021-29921\", \"CVE-2021-33503\");\n\n script_name(english:\"EulerOS 2.0 SP10 : python-pip (EulerOS-SA-2022-2828)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the python-pip packages installed, the EulerOS installation on the remote host is affected\nby the following vulnerabilities :\n\n - Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and\n IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application\n is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this\n attacker can cause many dictionary entries to be created. This is fixed in: v3.5.10, v3.5.10rc1; v3.6.12;\n v3.7.9; v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1; v3.9.0, v3.9.0b4, v3.9.0b5, v3.9.0rc1, v3.9.0rc2.\n (CVE-2020-14422)\n\n - In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP\n address string. This (in some situations) allows attackers to bypass access control that is based on IP\n addresses. (CVE-2021-29921)\n\n - An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in\n the authority component, the authority regular expression exhibits catastrophic backtracking, causing a\n denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect.\n (CVE-2021-33503)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2828\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?42eee848\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python-pip packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29921\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/06/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/12/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/12/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-pip-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-pip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (_release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(10)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"python-pip-wheel-20.2.2-1.h7.eulerosv2r10\",\n \"python3-pip-20.2.2-1.h7.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"10\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-pip\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-11T17:50:25", "description": "According to the versions of the python-pip packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created. This is fixed in: v3.5.10, v3.5.10rc1; v3.6.12;\n v3.7.9; v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1; v3.9.0, v3.9.0b4, v3.9.0b5, v3.9.0rc1, v3.9.0rc2.\n (CVE-2020-14422)\n\n - In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This (in some situations) allows attackers to bypass access control that is based on IP addresses. (CVE-2021-29921)\n\n - An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component, the authority regular expression exhibits catastrophic backtracking, causing a denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect.\n (CVE-2021-33503)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2023-01-10T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.10.0 : python-pip (EulerOS-SA-2023-1173)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-14422", "CVE-2021-29921", "CVE-2021-33503"], "modified": "2023-09-11T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:python-pip-wheel", "p-cpe:/a:huawei:euleros:python3-pip", "cpe:/o:huawei:euleros:uvp:2.10.0"], "id": "EULEROS_SA-2023-1173.NASL", "href": "https://www.tenable.com/plugins/nessus/169741", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169741);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/11\");\n\n script_cve_id(\"CVE-2020-14422\", \"CVE-2021-29921\", \"CVE-2021-33503\");\n\n script_name(english:\"EulerOS Virtualization 2.10.0 : python-pip (EulerOS-SA-2023-1173)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the python-pip packages installed, the EulerOS Virtualization installation on the remote\nhost is affected by the following vulnerabilities :\n\n - Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and\n IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application\n is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this\n attacker can cause many dictionary entries to be created. This is fixed in: v3.5.10, v3.5.10rc1; v3.6.12;\n v3.7.9; v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1; v3.9.0, v3.9.0b4, v3.9.0b5, v3.9.0rc1, v3.9.0rc2.\n (CVE-2020-14422)\n\n - In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP\n address string. This (in some situations) allows attackers to bypass access control that is based on IP\n addresses. (CVE-2021-29921)\n\n - An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in\n the authority component, the authority regular expression exhibits catastrophic backtracking, causing a\n denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect.\n (CVE-2021-33503)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2023-1173\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?72d2901a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python-pip packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-29921\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/06/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-pip-wheel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-pip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.10.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.10.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.10.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu && \"x86\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"python-pip-wheel-20.2.2-1.h7.eulerosv2r10\",\n \"python3-pip-20.2.2-1.h7.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-pip\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T14:20:45", "description": "Three security issues have been discovered in python3.5 :\n\nCVE-2021-3177\n\nPython 3.x has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input. This occurs because sprintf is used unsafely.\n\nCVE-2021-3426\n\nRunning `pydoc -p` allows other local users to extract arbitrary files. The `/getfile?key=path` URL allows to read arbitrary file on the filesystem.\n\nThe fix removes the 'getfile' feature of the pydoc module which could be abused to read arbitrary files on the disk (directory traversal vulnerability).\n\nCVE-2021-23336\n\nThe Python3.5 vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter.\n\n**Attention, API-change!** Please be sure your software is working properly if it uses `urllib.parse.parse_qs` or `urllib.parse.parse_qsl`, `cgi.parse` or `cgi.parse_multipart`.\n\nEarlier Python versions allowed using both ``;`` and ``&`` as query parameter separators in `urllib.parse.parse_qs` and `urllib.parse.parse_qsl`. Due to security concerns, and to conform with newer W3C recommendations, this has been changed to allow only a single separator key, with ``&`` as the default. This change also affects `cgi.parse` and `cgi.parse_multipart` as they use the affected functions internally. For more details, please see their respective documentation.\n\nFor Debian 9 stretch, these problems have been fixed in version 3.5.3-1+deb9u4.\n\nWe recommend that you upgrade your python3.5 packages.\n\nFor the detailed security status of python3.5 please refer to its security tracker page at:\nhttps://security-tracker.debian.org/tracker/python3.5\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2021-04-06T00:00:00", "type": "nessus", "title": "Debian DLA-2619-1 : python3.5 security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23336", "CVE-2021-3177", "CVE-2021-3426"], "modified": "2021-04-08T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:idle-python3.5", "p-cpe:/a:debian:debian_linux:libpython3.5", "p-cpe:/a:debian:debian_linux:libpython3.5-dbg", "p-cpe:/a:debian:debian_linux:libpython3.5-dev", "p-cpe:/a:debian:debian_linux:libpython3.5-minimal", "p-cpe:/a:debian:debian_linux:libpython3.5-stdlib", "p-cpe:/a:debian:debian_linux:libpython3.5-testsuite", "p-cpe:/a:debian:debian_linux:python3.5", "p-cpe:/a:debian:debian_linux:python3.5-dbg", "p-cpe:/a:debian:debian_linux:python3.5-dev", "p-cpe:/a:debian:debian_linux:python3.5-doc", "p-cpe:/a:debian:debian_linux:python3.5-examples", "p-cpe:/a:debian:debian_linux:python3.5-minimal", "p-cpe:/a:debian:debian_linux:python3.5-venv", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2619.NASL", "href": "https://www.tenable.com/plugins/nessus/148322", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2619-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(148322);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/08\");\n\n script_cve_id(\"CVE-2021-23336\", \"CVE-2021-3177\", \"CVE-2021-3426\");\n\n script_name(english:\"Debian DLA-2619-1 : python3.5 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Three security issues have been discovered in python3.5 :\n\nCVE-2021-3177\n\nPython 3.x has a buffer overflow in PyCArg_repr in _ctypes/callproc.c,\nwhich may lead to remote code execution in certain Python applications\nthat accept floating-point numbers as untrusted input. This occurs\nbecause sprintf is used unsafely.\n\nCVE-2021-3426\n\nRunning `pydoc -p` allows other local users to extract arbitrary\nfiles. The `/getfile?key=path` URL allows to read arbitrary file on\nthe filesystem.\n\nThe fix removes the 'getfile' feature of the pydoc module\nwhich could be abused to read arbitrary files on the disk\n(directory traversal vulnerability).\n\nCVE-2021-23336\n\nThe Python3.5 vulnerable to Web Cache Poisoning via\nurllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector\ncalled parameter cloaking. When the attacker can separate query\nparameters using a semicolon (;), they can cause a difference in the\ninterpretation of the request between the proxy (running with default\nconfiguration) and the server. This can result in malicious requests\nbeing cached as completely safe ones, as the proxy would usually not\nsee the semicolon as a separator, and therefore would not include it\nin a cache key of an unkeyed parameter.\n\n**Attention, API-change!** Please be sure your software is\nworking properly if it uses `urllib.parse.parse_qs` or\n`urllib.parse.parse_qsl`, `cgi.parse` or\n`cgi.parse_multipart`.\n\nEarlier Python versions allowed using both ``;`` and ``&``\nas query parameter separators in `urllib.parse.parse_qs` and\n`urllib.parse.parse_qsl`. Due to security concerns, and to\nconform with newer W3C recommendations, this has been\nchanged to allow only a single separator key, with ``&`` as\nthe default. This change also affects `cgi.parse` and\n`cgi.parse_multipart` as they use the affected functions\ninternally. For more details, please see their respective\ndocumentation.\n\nFor Debian 9 stretch, these problems have been fixed in version\n3.5.3-1+deb9u4.\n\nWe recommend that you upgrade your python3.5 packages.\n\nFor the detailed security status of python3.5 please refer to its\nsecurity tracker page at:\nhttps://security-tracker.debian.org/tracker/python3.5\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/python3.5\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/python3.5\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:idle-python3.5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpython3.5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpython3.5-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpython3.5-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpython3.5-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpython3.5-stdlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpython3.5-testsuite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3.5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3.5-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3.5-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3.5-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3.5-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3.5-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3.5-venv\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/01/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"idle-python3.5\", reference:\"3.5.3-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libpython3.5\", reference:\"3.5.3-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libpython3.5-dbg\", reference:\"3.5.3-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libpython3.5-dev\", reference:\"3.5.3-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libpython3.5-minimal\", reference:\"3.5.3-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libpython3.5-stdlib\", reference:\"3.5.3-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libpython3.5-testsuite\", reference:\"3.5.3-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"python3.5\", reference:\"3.5.3-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"python3.5-dbg\", reference:\"3.5.3-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"python3.5-dev\", reference:\"3.5.3-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"python3.5-doc\", reference:\"3.5.3-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"python3.5-examples\", reference:\"3.5.3-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"python3.5-minimal\", reference:\"3.5.3-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"python3.5-venv\", reference:\"3.5.3-1+deb9u4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T14:22:12", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1633 advisory.\n\n - python: CRLF injection via HTTP request method in httplib/http.client (CVE-2020-26116)\n\n - python: Unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)\n\n - python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (CVE-2021-23336)\n\n - python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c (CVE-2021-3177)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-05-19T00:00:00", "type": "nessus", "title": "RHEL 8 : python3 (RHSA-2021:1633)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-26116", "CVE-2020-27619", "CVE-2021-23336", "CVE-2021-3177"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.4", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:platform-python", "p-cpe:/a:redhat:enterprise_linux:platform-python-debug", "p-cpe:/a:redhat:enterprise_linux:platform-python-devel", "p-cpe:/a:redhat:enterprise_linux:python3-idle", "p-cpe:/a:redhat:enterprise_linux:python3-libs", "p-cpe:/a:redhat:enterprise_linux:python3-test", "p-cpe:/a:redhat:enterprise_linux:python3-tkinter"], "id": "REDHAT-RHSA-2021-1633.NASL", "href": "https://www.tenable.com/plugins/nessus/149712", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:1633. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149712);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2020-26116\",\n \"CVE-2020-27619\",\n \"CVE-2021-3177\",\n \"CVE-2021-23336\"\n );\n script_xref(name:\"IAVA\", value:\"2020-A-0340-S\");\n script_xref(name:\"RHSA\", value:\"2021:1633\");\n script_xref(name:\"IAVA\", value:\"2021-A-0052-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0263-S\");\n\n script_name(english:\"RHEL 8 : python3 (RHSA-2021:1633)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:1633 advisory.\n\n - python: CRLF injection via HTTP request method in httplib/http.client (CVE-2020-26116)\n\n - python: Unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)\n\n - python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in\n query parameters (CVE-2021-23336)\n\n - python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c (CVE-2021-3177)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-26116\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-27619\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3177\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23336\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:1633\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1883014\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1889886\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1918168\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1928904\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3177\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(95, 113, 120, 444);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:platform-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:platform-python-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:platform-python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-idle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-tkinter\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.4/x86_64/appstream/debug',\n 'content/aus/rhel8/8.4/x86_64/appstream/os',\n 'content/aus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.4/x86_64/baseos/debug',\n 'content/aus/rhel8/8.4/x86_64/baseos/os',\n 'content/aus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/aarch64/appstream/debug',\n 'content/e4s/rhel8/8.4/aarch64/appstream/os',\n 'content/e4s/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/aarch64/baseos/debug',\n 'content/e4s/rhel8/8.4/aarch64/baseos/os',\n 'content/e4s/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.4/s390x/appstream/debug',\n 'content/e4s/rhel8/8.4/s390x/appstream/os',\n 'content/e4s/rhel8/8.4/s390x/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/s390x/baseos/debug',\n 'content/e4s/rhel8/8.4/s390x/baseos/os',\n 'content/e4s/rhel8/8.4/s390x/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.4/x86_64/appstream/os',\n 'content/e4s/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.4/x86_64/baseos/os',\n 'content/e4s/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/nfv/debug',\n 'content/e4s/rhel8/8.4/x86_64/nfv/os',\n 'content/e4s/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap/os',\n 'content/e4s/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/appstream/debug',\n 'content/eus/rhel8/8.4/aarch64/appstream/os',\n 'content/eus/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/baseos/debug',\n 'content/eus/rhel8/8.4/aarch64/baseos/os',\n 'content/eus/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.4/aarch64/highavailability/os',\n 'content/eus/rhel8/8.4/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.4/aarch64/supplementary/os',\n 'content/eus/rhel8/8.4/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.4/ppc64le/appstream/os',\n 'content/eus/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.4/ppc64le/baseos/os',\n 'content/eus/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap/os',\n 'content/eus/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/appstream/debug',\n 'content/eus/rhel8/8.4/s390x/appstream/os',\n 'content/eus/rhel8/8.4/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/baseos/debug',\n 'content/eus/rhel8/8.4/s390x/baseos/os',\n 'content/eus/rhel8/8.4/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/highavailability/debug',\n 'content/eus/rhel8/8.4/s390x/highavailability/os',\n 'content/eus/rhel8/8.4/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/sap/debug',\n 'content/eus/rhel8/8.4/s390x/sap/os',\n 'content/eus/rhel8/8.4/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/supplementary/debug',\n 'content/eus/rhel8/8.4/s390x/supplementary/os',\n 'content/eus/rhel8/8.4/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/appstream/debug',\n 'content/eus/rhel8/8.4/x86_64/appstream/os',\n 'content/eus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/baseos/debug',\n 'content/eus/rhel8/8.4/x86_64/baseos/os',\n 'content/eus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.4/x86_64/highavailability/os',\n 'content/eus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap/debug',\n 'content/eus/rhel8/8.4/x86_64/sap/os',\n 'content/eus/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.4/x86_64/supplementary/os',\n 'content/eus/rhel8/8.4/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/appstream/debug',\n 'content/tus/rhel8/8.4/x86_64/appstream/os',\n 'content/tus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/baseos/debug',\n 'content/tus/rhel8/8.4/x86_64/baseos/os',\n 'content/tus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.4/x86_64/highavailability/os',\n 'content/tus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/nfv/debug',\n 'content/tus/rhel8/8.4/x86_64/nfv/os',\n 'content/tus/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/rt/debug',\n 'content/tus/rhel8/8.4/x86_64/rt/os',\n 'content/tus/rhel8/8.4/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'platform-python-3.6.8-37.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'platform-python-debug-3.6.8-37.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'platform-python-devel-3.6.8-37.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-idle-3.6.8-37.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libs-3.6.8-37.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-test-3.6.8-37.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-tkinter-3.6.8-37.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/appstream/debug',\n 'content/eus/rhel8/8.6/s390x/appstream/os',\n 'content/eus/rhel8/8.6/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/baseos/debug',\n 'content/eus/rhel8/8.6/s390x/baseos/os',\n 'content/eus/rhel8/8.6/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/highavailability/debug',\n 'content/eus/rhel8/8.6/s390x/highavailability/os',\n 'content/eus/rhel8/8.6/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/sap/debug',\n 'content/eus/rhel8/8.6/s390x/sap/os',\n 'content/eus/rhel8/8.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/supplementary/debug',\n 'content/eus/rhel8/8.6/s390x/supplementary/os',\n 'content/eus/rhel8/8.6/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'platform-python-3.6.8-37.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'platform-python-debug-3.6.8-37.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'platform-python-devel-3.6.8-37.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-idle-3.6.8-37.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libs-3.6.8-37.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-test-3.6.8-37.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-tkinter-3.6.8-37.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'platform-python-3.6.8-37.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'platform-python-debug-3.6.8-37.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'platform-python-devel-3.6.8-37.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-idle-3.6.8-37.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libs-3.6.8-37.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-test-3.6.8-37.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-tkinter-3.6.8-37.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'platform-python / platform-python-debug / platform-python-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T15:06:57", "description": "The remote NewStart CGSL host, running version MAIN 6.02, has python3 packages installed that are affected by multiple vulnerabilities:\n\n - http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request. (CVE-2020-26116)\n\n - In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP. (CVE-2020-27619)\n\n - The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter. (CVE-2021-23336)\n\n - Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely. (CVE-2021-3177)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-05-09T00:00:00", "type": "nessus", "title": "NewStart CGSL MAIN 6.02 : python3 Multiple Vulnerabilities (NS-SA-2022-0049)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-26116", "CVE-2020-27619", "CVE-2021-23336", "CVE-2021-3177"], "modified": "2022-05-09T00:00:00", "cpe": ["p-cpe:/a:zte:cgsl_main:platform-python", "p-cpe:/a:zte:cgsl_main:platform-python-debug", "p-cpe:/a:zte:cgsl_main:platform-python-devel", "p-cpe:/a:zte:cgsl_main:python3-debuginfo", "p-cpe:/a:zte:cgsl_main:python3-debugsource", "p-cpe:/a:zte:cgsl_main:python3-devel", "p-cpe:/a:zte:cgsl_main:python3-idle", "p-cpe:/a:zte:cgsl_main:python3-libs", "p-cpe:/a:zte:cgsl_main:python3-test", "p-cpe:/a:zte:cgsl_main:python3-tkinter", "cpe:/o:zte:cgsl_main:6"], "id": "NEWSTART_CGSL_NS-SA-2022-0049_PYTHON3.NASL", "href": "https://www.tenable.com/plugins/nessus/160756", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2022-0049. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160756);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2020-26116\",\n \"CVE-2020-27619\",\n \"CVE-2021-3177\",\n \"CVE-2021-23336\"\n );\n script_xref(name:\"IAVA\", value:\"2020-A-0340-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0263-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0052-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0036\");\n\n script_name(english:\"NewStart CGSL MAIN 6.02 : python3 Multiple Vulnerabilities (NS-SA-2022-0049)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote NewStart CGSL host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version MAIN 6.02, has python3 packages installed that are affected by multiple\nvulnerabilities:\n\n - http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5\n allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR\n and LF control characters in the first argument of HTTPConnection.request. (CVE-2020-26116)\n\n - In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content\n retrieved via HTTP. (CVE-2020-27619)\n\n - The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before\n 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and\n urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query\n parameters using a semicolon (;), they can cause a difference in the interpretation of the request between\n the proxy (running with default configuration) and the server. This can result in malicious requests being\n cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and\n therefore would not include it in a cache key of an unkeyed parameter. (CVE-2021-23336)\n\n - Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to\n remote code execution in certain Python applications that accept floating-point numbers as untrusted\n input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used\n unsafely. (CVE-2021-3177)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2022-0049\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2020-26116\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2020-27619\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2021-23336\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2021-3177\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL python3 packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3177\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:platform-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:platform-python-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:platform-python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:python3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:python3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:python3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:python3-idle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:python3-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:python3-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:python3-tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:zte:cgsl_main:6\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL MAIN 6.02\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 6.02');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nvar flag = 0;\n\nvar pkgs = {\n 'CGSL MAIN 6.02': [\n 'platform-python-3.6.8-37.el8',\n 'platform-python-debug-3.6.8-37.el8',\n 'platform-python-devel-3.6.8-37.el8',\n 'python3-debuginfo-3.6.8-37.el8',\n 'python3-debugsource-3.6.8-37.el8',\n 'python3-devel-3.6.8-37.el8',\n 'python3-idle-3.6.8-37.el8',\n 'python3-libs-3.6.8-37.el8',\n 'python3-test-3.6.8-37.el8',\n 'python3-tkinter-3.6.8-37.el8'\n ]\n};\nvar pkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python3');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T14:26:41", "description": "According to the versions of the python packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request.(CVE-2020-26116)\n\n - In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP.(CVE-2020-27619)\n\n - Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.(CVE-2021-3177)\n\n - The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter.(CVE-2021-23336)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2021-07-02T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.2.0 : python (EulerOS-SA-2021-2096)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-26116", "CVE-2020-27619", "CVE-2021-23336", "CVE-2021-3177"], "modified": "2021-07-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:python", "p-cpe:/a:huawei:euleros:python-devel", "p-cpe:/a:huawei:euleros:python-libs", "p-cpe:/a:huawei:euleros:python-tools", "cpe:/o:huawei:euleros:uvp:3.0.2.0"], "id": "EULEROS_SA-2021-2096.NASL", "href": "https://www.tenable.com/plugins/nessus/151340", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151340);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/06\");\n\n script_cve_id(\n \"CVE-2020-26116\",\n \"CVE-2020-27619\",\n \"CVE-2021-23336\",\n \"CVE-2021-3177\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.2.0 : python (EulerOS-SA-2021-2096)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the python packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - http.client in Python 3.x before 3.5.10, 3.6.x before\n 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5\n allows CRLF injection if the attacker controls the HTTP\n request method, as demonstrated by inserting CR and LF\n control characters in the first argument of\n HTTPConnection.request.(CVE-2020-26116)\n\n - In Python 3 through 3.9.0, the\n Lib/test/multibytecodec_support.py CJK codec tests call\n eval() on content retrieved via HTTP.(CVE-2020-27619)\n\n - Python 3.x through 3.9.1 has a buffer overflow in\n PyCArg_repr in _ctypes/callproc.c, which may lead to\n remote code execution in certain Python applications\n that accept floating-point numbers as untrusted input,\n as demonstrated by a 1e300 argument to\n c_double.from_param. This occurs because sprintf is\n used unsafely.(CVE-2021-3177)\n\n - The package python/cpython from 0 and before 3.6.13,\n from 3.7.0 and before 3.7.10, from 3.8.0 and before\n 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to\n Web Cache Poisoning via urllib.parse.parse_qsl and\n urllib.parse.parse_qs by using a vector called\n parameter cloaking. When the attacker can separate\n query parameters using a semicolon (), they can cause a\n difference in the interpretation of the request between\n the proxy (running with default configuration) and the\n server. This can result in malicious requests being\n cached as completely safe ones, as the proxy would\n usually not see the semicolon as a separator, and\n therefore would not include it in a cache key of an\n unkeyed parameter.(CVE-2021-23336)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2096\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4f231fc6\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"python-2.7.5-69.h34\",\n \"python-devel-2.7.5-69.h34\",\n \"python-libs-2.7.5-69.h34\",\n \"python-tools-2.7.5-69.h34\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:31:54", "description": "According to the versions of the python packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request. (CVE-2020-26116)\n\n - In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP. (CVE-2020-27619)\n\n - The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter. (CVE-2021-23336)\n\n - In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.(CVE-2019-20907)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2021-07-06T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.2.2 : python (EulerOS-SA-2021-2159)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-20907", "CVE-2020-26116", "CVE-2020-27619", "CVE-2021-23336"], "modified": "2021-07-08T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:python", "p-cpe:/a:huawei:euleros:python-libs", "cpe:/o:huawei:euleros:uvp:3.0.2.2"], "id": "EULEROS_SA-2021-2159.NASL", "href": "https://www.tenable.com/plugins/nessus/151380", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151380);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/08\");\n\n script_cve_id(\n \"CVE-2019-20907\",\n \"CVE-2020-26116\",\n \"CVE-2020-27619\",\n \"CVE-2021-23336\"\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.2.2 : python (EulerOS-SA-2021-2159)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the python packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - http.client in Python 3.x before 3.5.10, 3.6.x before\n 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5\n allows CRLF injection if the attacker controls the HTTP\n request method, as demonstrated by inserting CR and LF\n control characters in the first argument of\n HTTPConnection.request. (CVE-2020-26116)\n\n - In Python 3 through 3.9.0, the\n Lib/test/multibytecodec_support.py CJK codec tests call\n eval() on content retrieved via HTTP. (CVE-2020-27619)\n\n - The package python/cpython from 0 and before 3.6.13,\n from 3.7.0 and before 3.7.10, from 3.8.0 and before\n 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to\n Web Cache Poisoning via urllib.parse.parse_qsl and\n urllib.parse.parse_qs by using a vector called\n parameter cloaking. When the attacker can separate\n query parameters using a semicolon (), they can cause a\n difference in the interpretation of the request between\n the proxy (running with default configuration) and the\n server. This can result in malicious requests being\n cached as completely safe ones, as the proxy would\n usually not see the semicolon as a separator, and\n therefore would not include it in a cache key of an\n unkeyed parameter. (CVE-2021-23336)\n\n - In Lib/tarfile.py in Python through 3.8.3, an attacker\n is able to craft a TAR archive leading to an infinite\n loop when opened by tarfile.open, because _proc_pax\n lacks header validation.(CVE-2019-20907)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2159\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?520454c1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.2\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.2\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"python-2.7.5-69.h26\",\n \"python-libs-2.7.5-69.h26\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-16T14:44:28", "description": "The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:1633 advisory.\n\n - http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request. (CVE-2020-26116)\n\n - In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP. (CVE-2020-27619)\n\n - Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely. (CVE-2021-3177)\n\n - The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter. (CVE-2021-23336)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-09T00:00:00", "type": "nessus", "title": "AlmaLinux 8 : python3 (ALSA-2021:1633)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-26116", "CVE-2020-27619", "CVE-2021-23336", "CVE-2021-3177"], "modified": "2022-02-14T00:00:00", "cpe": ["p-cpe:/a:alma:linux:platform-python", "p-cpe:/a:alma:linux:python3-libs", "p-cpe:/a:alma:linux:python3-test", "cpe:/o:alma:linux:8"], "id": "ALMA_LINUX_ALSA-2021-1633.NASL", "href": "https://www.tenable.com/plugins/nessus/157680", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2021:1633.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157680);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/14\");\n\n script_cve_id(\n \"CVE-2020-26116\",\n \"CVE-2020-27619\",\n \"CVE-2021-3177\",\n \"CVE-2021-23336\"\n );\n script_xref(name:\"ALSA\", value:\"2021:1633\");\n script_xref(name:\"IAVA\", value:\"2020-A-0340-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0263-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0052-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0036\");\n\n script_name(english:\"AlmaLinux 8 : python3 (ALSA-2021:1633)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nALSA-2021:1633 advisory.\n\n - http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5\n allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR\n and LF control characters in the first argument of HTTPConnection.request. (CVE-2020-26116)\n\n - In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content\n retrieved via HTTP. (CVE-2020-27619)\n\n - Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to\n remote code execution in certain Python applications that accept floating-point numbers as untrusted\n input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used\n unsafely. (CVE-2021-3177)\n\n - The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before\n 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and\n urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query\n parameters using a semicolon (;), they can cause a difference in the interpretation of the request between\n the proxy (running with default configuration) and the server. This can result in malicious requests being\n cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and\n therefore would not include it in a cache key of an unkeyed parameter. (CVE-2021-23336)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2021-1633.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected platform-python, python3-libs and / or python3-test packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3177\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:platform-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:python3-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:python3-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(release) || 'AlmaLinux' >!< release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar pkgs = [\n {'reference':'platform-python-3.6.8-37.el8.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libs-3.6.8-37.el8.alma', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libs-3.6.8-37.el8.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-test-3.6.8-37.el8.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'platform-python / python3-libs / python3-test');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T14:22:24", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:1633 advisory.\n\n - python: CRLF injection via HTTP request method in httplib/http.client (CVE-2020-26116)\n\n - python: Unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)\n\n - python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (CVE-2021-23336)\n\n - python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c (CVE-2021-3177)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-05-19T00:00:00", "type": "nessus", "title": "CentOS 8 : python3 (CESA-2021:1633)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-26116", "CVE-2020-27619", "CVE-2021-23336", "CVE-2021-3177"], "modified": "2021-06-02T00:00:00", "cpe": ["cpe:/o:centos:centos:8-stream", "p-cpe:/a:centos:centos:platform-python", "p-cpe:/a:centos:centos:platform-python-debug", "p-cpe:/a:centos:centos:platform-python-devel", "p-cpe:/a:centos:centos:python3-idle", "p-cpe:/a:centos:centos:python3-libs", "p-cpe:/a:centos:centos:python3-test", "p-cpe:/a:centos:centos:python3-tkinter"], "id": "CENTOS8_RHSA-2021-1633.NASL", "href": "https://www.tenable.com/plugins/nessus/149729", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2021:1633. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149729);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/02\");\n\n script_cve_id(\n \"CVE-2020-26116\",\n \"CVE-2020-27619\",\n \"CVE-2021-3177\",\n \"CVE-2021-23336\"\n );\n script_xref(name:\"RHSA\", value:\"2021:1633\");\n\n script_name(english:\"CentOS 8 : python3 (CESA-2021:1633)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2021:1633 advisory.\n\n - python: CRLF injection via HTTP request method in httplib/http.client (CVE-2020-26116)\n\n - python: Unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)\n\n - python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in\n query parameters (CVE-2021-23336)\n\n - python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c (CVE-2021-3177)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:1633\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3177\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8-stream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:platform-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:platform-python-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:platform-python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-idle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-tkinter\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >!< release) audit(AUDIT_OS_NOT, 'CentOS 8-Stream');\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\npkgs = [\n {'reference':'platform-python-3.6.8-37.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'platform-python-3.6.8-37.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'platform-python-debug-3.6.8-37.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'platform-python-debug-3.6.8-37.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'platform-python-devel-3.6.8-37.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'platform-python-devel-3.6.8-37.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-idle-3.6.8-37.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-idle-3.6.8-37.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libs-3.6.8-37.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libs-3.6.8-37.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-test-3.6.8-37.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-test-3.6.8-37.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-tkinter-3.6.8-37.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-tkinter-3.6.8-37.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'platform-python / platform-python-debug / platform-python-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-15T18:26:20", "description": "The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-1633 advisory.\n\n - http.client in Python 3

python38:3.8 and python38-devel:3.8 security update

Description

Affected Package

Related