GHSA-73H3-MF4W-8647 Poetry has Path Traversal in tar extraction on Python 3.10.0 - 3.10.12 and 3.11.0 - 3.11.4

Summary The extractall function in src/poetry/utils/helpers.py:410-426 extracts sdist tarballs without path traversal protection on Python versions where tarfile.datafilter is unavailable. Considering only Python versions which are still supported by Poetry, these are 3.10.0 - 3.10.12 and 3.11.0 ...

RHSA-2026:9591 Red Hat Security Advisory: python3.11 security update

Bulletin has no description...

RHSA-2026:9260 Red Hat Security Advisory: python3.11 security update

Bulletin has no description...

Important: Red Hat Security Advisory: python3.11 security update

An update for python3.11 is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHSA-2026:9042 Red Hat Security Advisory: python3.11 security update

Bulletin has no description...

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: python3.11: python3.11-3.11.15-4.hum1 aarch64, x8664 python3.11-debug-3.11.15-4.hum1 aarch64, x8664 python3.11-devel-3.11.15-4.hum1 aarch64, x8664 python3.11-idle-3.11.15-4.hum1 aarch64, x8664...

python311-Django-5.2.13-1.1 on GA media (moderate)

python311-Django-5.2.13-1.1 on GA media Announcement ID: openSUSE-SU-2026:10567-1 Rating: moderate Cross-References: CVE-2026-33033 CVE-2026-33034 CVE-2026-3902 CVE-2026-4277 CVE-2026-4292 CVSS scores: CVE-2026-33033 SUSE : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2026-33033 SUSE : 6....

RockyLinux 8 : python3.11 (RLSA-2026:6281)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:6281 advisory. python: Python: Command-line option injection in webbrowser.open via crafted URLs CVE-2026-4519 Tenable has extracted the preceding description block directly fro...

RHSA-2026:6286 Red Hat Security Advisory: python3.11 security update

Bulletin has no description...

Oracle Linux 9 : python3.11 (ELSA-2026-6286)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-6286 advisory. 3.11.13-5.2.0.1 - Remove upstream URL reference Orabug: 36073032 3.11.13-5.2 - Security fix for CVE-2026-4519 Resolves: RHEL-158050 Tenable has extracted the...

SUSE-SU-2026:20951-1 Security update for python311

This update for python311 fixes the following issues: - CVE-2026-1299: header injection when an email is serialized due to improper newline quoting bsc1257181. - CVE-2026-2297: validation bypass via incorrectly handled hook in FileLoader bsc1259240...

python3.11 security update

3.11.13-6.0.1 - Update rpm-macros description Orabug: 36024572 3.11.13-6 - Security fix for CVE-2026-4519 Resolves: RHEL-158028...

ALSA-2026:6286 Important: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: python3.11: python3.11-3.11.15-2.hum1 aarch64, x8664 python3.11-debug-3.11.15-2.hum1 aarch64, x8664 python3.11-devel-3.11.15-2.hum1 aarch64, x8664 python3.11-idle-3.11.15-2.hum1 aarch64, x8664...

Fedora: Security Advisory (FEDORA-2026-a0b1d4b9fa)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 44 : python3.11 (2026-5e63b7a761)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-5e63b7a761 advisory. Security fix for CVE-2026-4519. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Moderate: Red Hat Security Advisory: python3.11 security update

An update for python3.11 is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring...

Fedora 43 : python3.11 (2026-29658d2f4b)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-29658d2f4b advisory. Update to 3.11.15 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...

AlmaLinux 9 : python3.11 (ALSA-2026:4216)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:4216 advisory. cpython: IMAP command injection in user-controlled commands CVE-2025-15366 cpython: POP3 command injection in user-controlled commands CVE-2025-15367...

RockyLinux 8 : python3.11 (RLSA-2026:4473)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:4473 advisory. cpython: wsgiref.headers.Headers allows header newline injection in Python CVE-2026-0865 cpython: IMAP command injection in user-controlled commands...