MiracleLinux 9 : python3.9-3.9.18-1.el9 (AXSA:2023-6804:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6804:05 advisory. python: tarfile module directory traversal CVE-2007-4559 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : python3.11-3.11.9-1.el8_10 (AXSA:2024-8471:15)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8471:15 advisory. python: Path traversal on tempfile.TemporaryDirectory CVE-2023-6597 python: The zipfile module is vulnerable to zip-bombs leading to denial of servi...

MiracleLinux 4 : rh-python34-python-3.4.2-14.AXS4 (AXSA:2016-651:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-651:01 advisory. Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details, especially ho...

MiracleLinux 7 : python-2.7.5-86.0.1.el7.AXS7 (AXSA:2019-4284:05)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4284:05 advisory. python: Missing salt initialization in elementtree.c module CVE-2018-14647 python: NULL pointer dereference using a specially crafted X509 certifica...

RHEL 10 : python3.12 (RHSA-2026:0353)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0353 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic da...

MiracleLinux 9 : python3.9-3.9.21-2.el9_6.1 (AXSA:2025-10620:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10620:02 advisory. cpython: Tarfile extracts filtered members when errorlevel=0 CVE-2025-4435 cpython: Bypass extraction filter to modify file metadata outside...

CVE-2025-12084 affecting package python3 for versions less than 3.12.9-7

CVE-2025-12084 affecting package python3 for versions less than 3.12.9-7. A patched version of the package is available...

CVE-2022-35861

pyenv 1.2.24 through 2.3.2 allows local users to gain privileges via a .python-version file in the current working directory. An attacker can craft a Python version string in .python-version to execute shims under their control. Shims are executables that pass a command along to a specific versio...

CVE-2024-39205

An issue in pyload-ng v0.5.0b3.dev85 running under python3.11 or below allows attackers to execute arbitrary code via a crafted HTTP request...

Photon OS 5.0: Python3 PHSA-2026-5.0-0729

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0729. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

python3.12 security update

An update is available for python3.12. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming languag...

Oracle Linux 8 : python3.12 (ELSA-2026-0123)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0123 advisory. 3.12.12-1 - Update to 3.12.12 - Security fix for CVE-2025-8291 and CVE-2025-12084 Resolves: RHEL-128364, RHEL-135391 Tenable has extracted the precedin...

CVE-2025-14026

Forcepoint One DLP Client, version 23.04.5642 and possibly newer versions, includes a restricted version of Python 2.5.4 that prevents use of the ctypes library. ctypes is a foreign function interface FFI for Python, enabling calls to DLLs/shared libraries, memory allocation, and direct code...

CVE-2025-14026 Vulnerable Python version used in Forcepoint One DLP Client

Forcepoint One DLP Client, version 23.04.5642 and possibly newer versions, includes a restricted version of Python 2.5.4 that prevents use of the ctypes library. ctypes is a foreign function interface FFI for Python, enabling calls to DLLs/shared libraries, memory allocation, and direct code...

CVE-2025-14026 Vulnerable Python version used in Forcepoint One DLP Client

Forcepoint One DLP Client, version 23.04.5642 and possibly newer versions, includes a restricted version of Python 2.5.4 that prevents use of the ctypes library. ctypes is a foreign function interface FFI for Python, enabling calls to DLLs/shared libraries, memory allocation, and direct code...

CVE-2025-14026

Summary (CVE-2025-14026): Forcepoint One DLP Client (version 23.04.5642 and potentially newer) ships with a restricted Python 2.5.4 runtime that blocks ctypes (FFI). The restriction was shown to be bypassable by reintroducing ctypes support, enabling potential arbitrary code execution via DLLs/me...

OPENSUSE-SU-2026:10011-1 python314-3.14.2-1.1 on GA media

These are all security issues fixed in the python314-3.14.2-1.1 package on the GA media of openSUSE Tumbleweed...

PT-2026-1435

Name of the Vulnerable Software and Affected Versions Forcepoint One DLP Client versions 23.04.5642 and later Description The Forcepoint One DLP Client includes a restricted version of Python 2.5.4 that limits the use of the ctypes library. The ctypes library is a foreign function interface FFI f...

Security Bulletin: Vulnerability in pip affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in pip has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerability...

ROS-20251223-7310

Vulnerability in python3.13 related to incorrect validation of a specified index, position or offset in input data. Exploitation of the vulnerability could allow an attacker to cause a denial of service...