Important: Red Hat Security Advisory: Red Hat Quay 3.9.18

Red Hat Quay 3.9.18 is now available with bug fixes. Quay 3.9.18...

MiracleLinux 9 : python3.9-3.9.18-3.el9_4.1 (AXSA:2024-8484:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8484:03 advisory. python: Path traversal on tempfile.TemporaryDirectory CVE-2023-6597 python: The zipfile module is vulnerable to zip-bombs leading to denial of servi...

EUVD-2023-36819

Malicious code in bioql PyPI...

BIT-LIBPYTHON-2023-6597

An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged...

BIT-PYTHON-2023-6597

An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged...

BIT-PYTHON-2024-0450 Quoted zip-bomb protection for zipfile

An issue was found in the CPython zipfile module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is vulnerable to “quoted-overlap” zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython...

python3 security update

3.9.18-3.3 - Security fix for CVE-2024-4032 Resolves: RHEL-44106 3.9.18-3.2 - Enable importing of hash-based .pyc files under FIPS mode Resolves: RHEL-40767...

OPENSUSE-SU-2024:13741-1 python39-3.9.18-5.1 on GA media

These are all security issues fixed in the python39-3.9.18-5.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:13219-1 python39-3.9.18-1.1 on GA media

These are all security issues fixed in the python39-3.9.18-1.1 package on the GA media of openSUSE Tumbleweed...

CentOS 9 : python3.9-3.9.18-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the python3.9-3.9.18-1.el9 build changelog. - An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects...

CVE-2023-6597

An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged...

CVE-2023-6597

An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged...

openSUSE: Security Advisory for python39 (SUSE-SU-2023:3708-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2023-8833 · Python +10 · Cpython +10

Name of the Vulnerable Software and Affected Versions: CPython versions 3.12.1 through 3.12.1 CPython versions 3.11.7 through 3.11.7 CPython versions 3.10.13 through 3.10.13 CPython versions 3.9.18 through 3.9.18 CPython versions 3.8.18 and prior Description: The issue is related to the...

Python < 3.8.18, 3.9.x < 3.9.18, 3.10.x < 3.10.13, 3.11.x < 3.11.5 Security Bypass Vulnerability - Windows

Python is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescription...

Python < 3.8.18, 3.9.x < 3.9.18, 3.10.x < 3.10.13, 3.11.x < 3.11.5 Security Bypass Vulnerability - Linux

Python is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescription...

CVE-2023-32576

Auth. subscriber+ Stored Cross-Site Scripting' vulnerability in Plainware Locatoraid Store Locator plugin = 3.9.18 versions...

CVE-2023-32576 WordPress Locatoraid Store Locator Plugin <= 3.9.18 is vulnerable to Cross Site Scripting (XSS)

Auth. subscriber+ Stored Cross-Site Scripting' vulnerability in Plainware Locatoraid Store Locator plugin = 3.9.18 versions...

CVE-2023-32576 WordPress Locatoraid Store Locator Plugin <= 3.9.18 is vulnerable to Cross Site Scripting (XSS)

Auth. subscriber+ Stored Cross-Site Scripting' vulnerability in Plainware Locatoraid Store Locator plugin = 3.9.18 versions...

WordPress plugin Locatoraid Store Locator 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...