NewStart CGSL MAIN 6.06 : python3_11 Vulnerability (NS-SA-2025-0241)

The remote NewStart CGSL host, running version MAIN 6.06, has python311 packages installed that are affected by a vulnerability: - The ipaddress module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as globally reachable or private. This affected the...

python3.12 security update

3.12.12-4.0.1 - Remove upstream URL reference 3.12.12-4 - Release bump to correct the build for wrong release Related: RHEL-141026 3.12.12-3 - Security fix for CVE-2025-13836 Resolves: RHEL-141026 3.12.12-2 - Security fix for CVE-2025-12084 Resolves: RHEL-135399...

aiohttp: AIOHTTP HTTP Request/Response Smuggling

A request smuggling flaw was found in the aiohttp python library. If a pure Python version of aiohttp is installed, without the usual C extensions, for example, or if AIOHTTPNOEXTENSIONS is enabled, an attacker can execute a request smuggling attack to bypass certain firewalls or proxy protection...

ALSA-2026:1088 Important: python3.12-urllib3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

[SECURITY] Fedora 42 Update: python3.9-3.9.25-3.fc42

Python 3.9 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.9, see other distributions that support it, such as CentOS or RHEL or older Fedo...

Azure Linux 3.0 Security Update: python3 (CVE-2024-12254)

The version of python3 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-12254 advisory. - Starting in Python 3.12.0, the asyncio.SelectorSocketTransport.writelines method would not pause writing an...

Azure Linux 3.0 Security Update: python3 (CVE-2024-3219)

The version of python3 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-3219 advisory. - The socket module provides a pure-Python fallback to the socket.socketpair function for platforms that don't...

Amazon Linux 2 : python, --advisory ALAS2-2026-3128 (ALAS-2026-3128)

The version of python installed on the remote host is prior to 2.7.18-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3128 advisory. When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorith...

AZL-75041 CVE-2025-15366 affecting package python3 3.9.19-19

The imaplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containing control characters...

[SECURITY] [DLA 4445-1] python3.9 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4445-1 [email protected] https://www.debian.org/lts/security/ Andrej Shadura January 20, 2026 https://wiki.debian.org/LTS -...

MiracleLinux 8 : python3.11-3.11.9-7.el8_10 (AXSA:2024-8834:23)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8834:23 advisory. python: incorrect IPv4 and IPv6 private ranges CVE-2024-4032 cpython: python: email module doesn't properly quotes newlines in email headers, allowi...

MiracleLinux 9 : python3.12-3.12.5-2.el9_5.2 (AXSA:2024-9442:17)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9442:17 advisory. python: Virtual environment venv activation scripts don't quote paths CVE-2024-9287 python: Unbounded memory buffering in...

MiracleLinux 9 : python3.11-3.11.7-1.el9_4.1 (AXSA:2024-8483:16)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8483:16 advisory. python: Path traversal on tempfile.TemporaryDirectory CVE-2023-6597 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 9 : python3.9-3.9.19-8.el9 (AXSA:2024-9269:08)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9269:08 advisory. python: cpython: Iterating over a malicious ZIP file may lead to Denial of Service CVE-2024-8088 Tenable has extracted the preceding description block direct...

MiracleLinux 8 : python3.12-3.12.8-1.el8_10 (AXSA:2024-9392:15)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9392:15 advisory. python: Virtual environment venv activation scripts don't quote paths CVE-2024-9287 python: Unbounded memory buffering in...

MiracleLinux 9 : python3.9-3.9.18-3.el9_4.3 (AXSA:2024-8598:04)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8598:04 advisory. python: incorrect IPv4 and IPv6 private ranges CVE-2024-4032 Tenable has extracted the preceding description block directly from the MiracleLinux security...

DLA-4445-1 python3.9 - security update

Bulletin has no description...

MiracleLinux 9 : python3.12-3.12.1-4.el9_4.4 (AXSA:2024-8949:08)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8949:08 advisory. python: cpython: tarfile: ReDos via excessive backtracking while parsing header values CVE-2024-6232 Tenable has extracted the preceding description block...

MiracleLinux 9 : python3.11-3.11.9-7.el9.1 (AXSA:2024-9350:29)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9350:29 advisory. python: cpython: tarfile: ReDos via excessive backtracking while parsing header values CVE-2024-6232 Tenable has extracted the preceding description block...

MiracleLinux 8 : python27:2.7 (AXSA:2023-6214:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6214:01 advisory. python: urllib.parse url blocklisting bypass CVE-2023-24329 Tenable has extracted the preceding description block directly from the MiracleLinux security...