99 matches found
RockyLinux 8 : python3 (RLSA-2025:14560)
The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:14560 advisory. cpython: Cpython infinite loop when parsing a tarfile CVE-2025-8194 Tenable has extracted the preceding description block directly from the RockyLinux security...
CLSA-2026-1777944042 Fix CVE(s): CVE-2025-8194, CVE-2026-4519, CVE-2026-4786
SECURITY UPDATE: tarfile DoS via negative member offsets - debian/patches/CVE-2025-8194.patch: validate that member offsets are non-negative in Lib/tarfile.py. - CVE-2025-8194 SECURITY UPDATE: webbrowser.open accepts URLs with leading dashes - debian/patches/CVE-2026-4519-CVE-2026-4786.patch:...
Oracle Linux 7 : python3 (ELSA-2026-6464)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-6464 advisory. - Security update CVE-2025-15366, CVE-2025-15367, CVE-2026-1299 Orabug: 39159999 - Security update CVE-2025-12084 Orabug: 38971895 - tarfile now...
Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-10.0.1.5)
The version of AHV installed on the remote host is prior to AHV-10.0.1.5. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-10.0.1.5 advisory. - A vulnerability has been identified in the libarchive library, specifically within the archivereadformatrarseekdata...
CLSA-2026-1772576551 python: Fix of CVE-2025-8194
CVE-2025-8194: tarfile now validates archives to ensure member offsets are non-negative...
SUSE: Security Advisory (SUSE-SU-2026:20125-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MiracleLinux 8 : python3.12-3.12.11-2.el8_10 (AXSA:2025-10803:10)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10803:10 advisory. cpython: Cpython infinite loop when parsing a tarfile CVE-2025-8194 Tenable has extracted the preceding description block directly from the MiracleLinux...
MiracleLinux 8 : python39:3.9 (AXSA:2025-10818:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10818:01 advisory. setuptools: Path Traversal Vulnerability in setuptools PackageIndex CVE-2025-47273 cpython: Cpython infinite loop when parsing a tarfile...
MiracleLinux 7 : python3-3.6.8-21.0.5.0.1.el7.AXS7 (AXSA:2025-11016:07)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11016:07 advisory. Bump package Release to 21.0.5 CVE-2025-8194: tarfile: validate archives to ensure member offsets are non-negative CVEs: CVE-2025-8194 There is a defect in...
MiracleLinux 8 : python3-3.6.8-71.el8_10.ML.1 (AXSA:2025-10807:03)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10807:03 advisory. cpython: Cpython infinite loop when parsing a tarfile CVE-2025-8194 Tenable has extracted the preceding description block directly from the MiracleLinux...
MiracleLinux 8 : python3.11-3.11.13-2.el8_10 (AXSA:2025-10802:08)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10802:08 advisory. cpython: Cpython infinite loop when parsing a tarfile CVE-2025-8194 Tenable has extracted the preceding description block directly from the MiracleLinux...
MiracleLinux 9 : python3.9-3.9.21-2.el9_6.2 (AXSA:2025-10822:03)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10822:03 advisory. cpython: Cpython infinite loop when parsing a tarfile CVE-2025-8194 Tenable has extracted the preceding description block directly from the MiracleLinux...
Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2025-2628)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 10 : python3.12 (RHSA-2025:14984)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:14984 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic...
Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2025-2469)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CLSA-2025-1763033941 python: Fix of CVE-2025-8194
CVE-2025-8194: fix infinite loop and deadlock in TarFile extraction and entry enumeration APIs...
Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2025-2370)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2025-2339)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CLSA-2025-1760982776 python3: Fix of CVE-2025-8194
Bump package Release to 21.0.5 - CVE-2025-8194: tarfile: validate archives to ensure member offsets are non-negative...
Fedora: Security Advisory (FEDORA-2025-72bbdc5a1e)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...