AlmaLinux 9 : python3.12 (ALSA-2025:23323)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23323 advisory. cpython: python: Python zipfile End of Central Directory EOCD Locator record offset not checked CVE-2025-8291 Tenable has extracted the preceding description bloc...

OPENSUSE-SU-2025:15839-1 python310-3.10.19-3.1 on GA media

These are all security issues fixed in the python310-3.10.19-3.1 package on the GA media of openSUSE Tumbleweed...

Security update 5.0.6 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439...

Security update 5.0.6 for Multi-Linux Manager Client Tools

This update fixes the following issues: dracut-saltboot: Update to version 1.0.0 Reboot on salt key timeout bsc1237495 Fixed parsing files with space in the name bsc1252100 grafana was updated from version 11.5.5 to 11.5.10: Security issues fixed: CVE-2025-47911: Fix parsing HTML documents...

python3.9 security update

3.9.25-2.0.1 - Remove upstream URL reference 3.9.25-2 - Move sysconfigdatadlinux.py to the debug subpackage 3.9.25-1 - Update to Python 3.9.25 3.9.24-1 - Update to Python 3.9.24...

openSUSE 15 Security Update : python39 (SUSE-SU-2025:4433-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:4433-1 advisory. Update to 3.9.25: - Security - gh-137836: Add support of the plaintext element, RAWTEXT elements xmp, iframe, noembed and noframes, and optionally RAWTEXT...

ProbeSuite

text...

ALSA-2025:23323 Moderate: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

RHEL 10 : python3.12 (RHSA-2025:14984)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:14984 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic...

Amazon Linux 2023 : python3.13, python3.13-devel, python3.13-freethreading (ALAS2023-2025-1308)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1308 advisory. If the value passed to os.path.expandvars is user-controlled aperformance degradation is possible when expanding environmentvariables. CVE-2025-6075 Tenable has extracted the preceding description bloc...

Amazon Linux 2023 : python3.12, python3.12-devel, python3.12-idle (ALAS2023-2025-1294)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1294 advisory. If the value passed to os.path.expandvars is user-controlled aperformance degradation is possible when expanding environmentvariables. CVE-2025-6075 Tenable has extracted the preceding description bloc...

Amazon Linux 2 : python3, --advisory ALAS2-2025-3084 (ALAS-2025-3084)

The version of python3 installed on the remote host is prior to 3.7.16-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3084 advisory. If the value passed to os.path.expandvars is user-controlled aperformance degradation is possible when expanding...

SUSE SLED15 / SLES15 Security Update : python313 (SUSE-SU-2025:4277-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4277-1 advisory. Update to 3.13.9: - CVE-2025-6075: Fixed simple quadratic complexity vulnerabilities of os.path.expandvars...

OPENSUSE-SU-2025:15792-1 python39-3.9.24-2.1 on GA media

These are all security issues fixed in the python39-3.9.24-2.1 package on the GA media of openSUSE Tumbleweed...

openSUSE 15 Security Update : python39 (SUSE-SU-2025:4221-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4221-1 advisory. Updated to 3.9.24: - CVE-2025-6075: Fixed simple quadratic complexity vulnerabilities of os.path.expandvars bsc1252974 - CVE-2025-8291: Fixed validit...

Security update for python39

This update for python39 fixes the following issues: Updated to 3.9.24: CVE-2025-6075: Fixed simple quadratic complexity vulnerabilities of os.path.expandvars bsc1252974 CVE-2025-8291: Fixed validity of the ZIP64 End of Central Directory EOCD not checked by the 'zipfile' module bsc1251305 Patch...

OPENSUSE-SU-2025:15713-1 python315-3.15.0~a1-1.1 on GA media

These are all security issues fixed in the python315-3.15.0a1-1.1 package on the GA media of openSUSE Tumbleweed...

Directory Traversal

Overview keras is a Keras is a high-level neural networks API for Python.. Affected versions of this package are vulnerable to Directory Traversal via the keras.utils.getfile API when the extract=True option is used for tar archives. An attacker can write arbitrary files to any location on the...

Amazon Linux 2 : python3, --advisory ALAS2-2025-3041 (ALAS-2025-3041)

The version of python3 installed on the remote host is prior to 3.7.16-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3041 advisory. The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not...

Medium: python3.11

Issue Overview: The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be...