Linux Distros Unpatched Vulnerability : CVE-2024-8946

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in MicroPython 1.23.0. It has been classified as critical. Affected is the function mpvfsumount of the file extmod/vfs.c of the...

Linux Distros Unpatched Vulnerability : CVE-2024-8947

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in MicroPython 1.22.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file...

Fedora 42 : micropython (2025-90c7a763fe)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-90c7a763fe advisory. Update to 1.25.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested f...

Fedora 43 : micropython (2025-4f95f160be)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-4f95f160be advisory. Automatic update for micropython-1.25.0-1.fc43. Changelog Fri May 9 2025 Charalampos Stratakis - 1.25.0-1 - Update to 1.25.0 - Security fixes for...

Fedora: Security Advisory (FEDORA-2025-36c626e871)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-81b8dc2197)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-9f2a705459)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-90c7a763fe)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 41 Update: micropython-1.25.0-1.fc41

Implementation of Python 3 with very low memory footprint...

[SECURITY] Fedora 42 Update: micropython-1.25.0-1.fc42

Implementation of Python 3 with very low memory footprint...

Fedora 41 : micropython (2025-36c626e871)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-36c626e871 advisory. Update to 1.25.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested f...

Ubuntu: Security Advisory (USN-7472-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7472-1 micropython vulnerabilities

Junwha Hong and Wonil Jang discovered that Micropython incorrectly handled the length of a buffer in mpvfsumount, leading to a heap-based buffer overflow vulnerability. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to...

USN-7472-1: Micropython vulnerabilities

Junwha Hong and Wonil Jang discovered that Micropython incorrectly handled the length of a buffer in mpvfsumount, leading to a heap-based buffer overflow vulnerability. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to...

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : Micropython vulnerabilities (USN-7472-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7472-1 advisory. Junwha Hong and Wonil Jang discovered that Micropython incorrectly handled the length of a buffer in mpvfsumount, leading...

Fedora 41 : micropython (2024-cd5c1dfa94)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-cd5c1dfa94 advisory. Update to 1.23.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested f...

Fedora 41 : micropython (2024-9f2a705459)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-9f2a705459 advisory. Automatic update for micropython-1.22.2-1.fc41. Changelog Fri Mar 22 2024 Charalampos Stratakis - 1.22.2-1 - Update to 1.22.2 - Security fixes for...

Use After Free

MicroPython is vulnerable to a Use-After-Free. The vulnerability is due to improper memory handling in the objarray component, where resizing a bytes object and copying it into itself can result in references to freed memory, potentially allowing remote exploitation...

Heap-Based Buffer Overflow

MicroPython is vulnerable to a Heap-based buffer overflow. The vulnerability is due to improper string length comparison during the VFS unmount process in the mpvfsumount function, which allows a remote attacker to trigger a heap buffer overflow read by supplying a crafted unmount path...

Heap-Based Buffer Overflow

MicroPython is vulnerable to a heap-based buffer overflow. The vulnerability is due to improper handling in the mpzasbytes function of the objint component when converting a zero integer to bytes, which allows an attacker to trigger a heap buffer overflow write and potentially execute malicious...