28 matches found
Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2026-1376)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2026-1256)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-5642 vulnerabilities
Vulnerabilities for packages: python...
RockyLinux 9 : python3.9 (RLSA-2025:23342)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:23342 advisory. python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used CVE-2024-5642 cpython: Python HTMLParser quadratic complexity...
RHEL 8 : python39:3.9 (RHSA-2025:23530)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23530 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...
RHEL 9 : python3.9 (RHSA-2025:23342)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23342 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...
OESA-2025-2638 python3 security update
Security Fixes: CPython 3.9 and earlier doesn't disallow configuring an empty list "" for SSLContext.setnpnprotocols which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used see CVE-2024-5535 for OpenSSL. This vulnerability is of low severity d...
SUSE: Security Advisory (SUSE-SU-2024:2982-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Linux Distros Unpatched Vulnerability : CVE-2024-5642
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CPython 3.9 and earlier doesn't disallow configuring an empty list for SSLContext.setnpnprotocols which is an invalid value for the underlying OpenSSL API. This...
Medium: python3
Issue Overview: CPython 3.9 and earlier doesn't disallow configuring an empty list for SSLContext.setnpnprotocols which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used see CVE-2024-5535 for OpenSSL. This vulnerability is of low severity due ...
Medium: python
Issue Overview: CPython 3.9 and earlier doesn't disallow configuring an empty list for SSLContext.setnpnprotocols which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used see CVE-2024-5535 for OpenSSL. This vulnerability is of low severity due ...
openSUSE Security Advisory (SUSE-SU-2024:3470-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2024:3470-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:3470-1 Security update for python3
This update for python3 fixes the following issues: - CVE-2024-6923: Fixed uncontrolled CPU resource consumption when in http.cookies module bsc1228780. - CVE-2024-5642: Fixed buffer overread when NPN is used and invalid values are sent to the OpenSSL API bsc1227233. - CVE-2024-7592: Fixed Email...
SUSE: Security Advisory (SUSE-SU-2024:3353-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12: libpython3_6m1_0 / libpython3_6m1_0-32bit / python36 / etc (SUSE-SU-2024:3353-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3353-1 advisory. - CVE-2024-5642: Fixed invalid value sent to underlying OpenSSL API may cause a buffer overread when NPN is used bsc1227233 Tenable has...
SUSE-SU-2024:3353-1 Security update for python36
This update for python36 fixes the following issues: - CVE-2024-5642: Fixed invalid value sent to underlying OpenSSL API may cause a buffer overread when NPN is used bsc1227233...
SUSE-SU-2024:3351-1 Security update for python3
This update for python3 fixes the following issues: - CVE-2024-5642: buffer overread when NPN is used and invalid values are sent to the OpenSSL API. bsc1227233...
openSUSE Security Advisory (SUSE-SU-2024:3076-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15: libpython3_9-1_0 / libpython3_9-1_0-32bit / python39 / etc (SUSE-SU-2024:3076-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3076-1 advisory. Security issues fixed: - CVE-2024-6923: Fixed email header injection due to unquoted newlines bsc1228780 -...