118 matches found
Oracle Linux 9 : python3.14 (ELSA-2026-19176)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-19176 advisory. - Security fixes for CVE-2026-1502, CVE-2026-4786, CVE-2026-5713, CVE-2026-6100 Resolves: RHEL-167918, RHEL-168160 - Security fixes for CVE-2026-2297,...
MiracleLinux 8 : python3.12-3.12.13-2.el8_10 (AXSA:2026-523:13)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-523:13 advisory. expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing CVE-2025-593...
Amazon Linux 2023 : python3, python3-devel, python3-idle (ALAS2023-2026-1618)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1618 advisory. The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update, |= operator, and unpickling paths were not patched, allowing control...
AlmaLinux 8 : python3.12 (ALSA-2026:10950)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:10950 advisory. expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing CVE-2025-59375...
Fedora 42 : python3-docs / python3.13 (2026-13c6899032)
The remote Fedora 42 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-13c6899032 advisory. Update to 3.13.13 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...
Fedora 44 : mingw-python3 (2026-3d13d52f58)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-3d13d52f58 advisory. Update to python-3.11.15, backport fixes for CVE-2026-4519, CVE-2026-3644, CVE-2026-4224, CVE-2026-2297 ---- Update to python-3.11.15. Tenable has...
Fedora 42 : python3.11 (2026-dd34c4467b)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-dd34c4467b advisory. Security fixes for CVE-2026-1502, CVE-2026-4786, CVE-2026-6100, CVE-2026-2297, CVE 2026-3644, CVE-2026-4224 Tenable has extracted the preceding...
ROOT-OS-DEBIAN-13-CVE-2026-3644 CVE-2026-3644 in rootio-python3.13 - Patched by Root
Root has patched CVE-2026-3644 in the rootio-python3.13 package for Root:Debian:13. Multiple fixed versions available...
Fedora 45 : python3.12 (2026-2dfcf9d705)
The remote Fedora 45 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-2dfcf9d705 advisory. Automatic update for python3.12-3.12.13-3.fc45. Changelog Thu Apr 16 2026 Charalampos Stratakis - 3.12.13-3 - Security fixes for CVE-2026-1502,...
openSUSE Security Advisory (SUSE-SU-2026:1292-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2026-22d8c9f967)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 43 : mingw-python3 (2026-22d8c9f967)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-22d8c9f967 advisory. Update to python-3.11.15, backport fixes for CVE-2026-4519, CVE-2026-3644, CVE-2026-4224, CVE-2026-2297 ---- Update to python-3.11.15. Tenable has...
CVE-2026-3644 vulnerabilities
Vulnerabilities for packages: python...
BELL-CVE-2026-3644
Bulletin has no description...
SUSE CVE-2026-3644
The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update, |= operator, and unpickling paths were not patched, allowing control characters to bypass input validation. Additionally, BaseCookie.jsoutput lacked the output validation applie...
CVE-2026-3644
creationtimestamp| type| source ---|---|--- 2026-03-17 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0302/ 2026-03-17 13:30:08+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mhb3er3v2c2v 2026-04-02 12:01:00+00:00| seen|...
UBUNTU-CVE-2026-3644
The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update, |= operator, and unpickling paths were not patched, allowing control characters to bypass input validation. Additionally, BaseCookie.jsoutput lacked the output validation applie...
pypdf possibly has long runtimes for malformed FlateDecode streams
Impact An attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires a malformed /FlateDecode stream, where the byte-by-byte decompression is used. Patches This has been fixed in pypdf==6.7.1. Workarounds If you cannot upgrade yet, consider applying the chang...
CVE-2020-3644
creationtimestamp| type| source ---|---|--- 2026-01-20 08:05:01+00:00| seen| https://infosec.exchange/users/certvde/statuses/115926387351405846...
CVE-2025-3644
A flaw was found in Moodle. Additional checks were required to prevent users from deleting course sections they did not have permission to modify...