Low: python3.9

Issue Overview: If the value passed to os.path.expandvars is user-controlled a performance degradation is possible when expanding environment variables. CVE-2025-6075 Affected Packages: python3.9 Issue Correction: Run dnf update python3.9 --releasever 2023.9.20251208 or dnf update --advisory...

Low: python3.11

Issue Overview: If the value passed to os.path.expandvars is user-controlled a performance degradation is possible when expanding environment variables. CVE-2025-6075 Affected Packages: python3.11 Issue Correction: Run dnf update python3.11 --releasever 2023.9.20251208 or dnf update --advisory...

[SECURITY] Fedora 42 Update: mingw-python3-3.11.14-3.fc42

MinGW Windows python3...

[SECURITY] Fedora 43 Update: mingw-python3-3.11.14-3.fc43

MinGW Windows python3...

CLSA-2025-1764615456 Update of python3.11-setuptools

CVE:2025-47273: fix path traversal in PackageIndex.download leading to arbitrary file write...

USN-7886-2 python3.13 vulnerabilities

USN-7886-1 fixed vulnerabilities in Python. This update provides the corresponding updates for python3.13 in Ubuntu 25.04 and Ubuntu 25.10. Original advisory details: It was discovered that Python inefficiently handled expanding system environment variables. An attacker could possibly use this...

SUSE-SU-2025:4258-1 Security update for python312

This update for python312 fixes the following issues: Update to 3.12.12: - CVE-2025-6075: Fixed quadratic complexity vulnerabilities of os.path.expandvars bsc1252974 - CVE-2025-8291: Fixed validity of the ZIP64 End of Central Directory EOCD not checked by the 'zipfile' module bsc1251305 Other...

Security update for python311

This update for python311 fixes the following issues: Update to 3.11.14: CVE-2025-6075: Fixed simple quadratic complexity vulnerabilities of os.path.expandvars bsc1252974 CVE-2025-8291: Fixed validity of the ZIP64 End of Central Directory EOCD not checked by the 'zipfile' module bsc1251305 Patch...

Photon OS 5.0: Python3 PHSA-2025-5.0-0688

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0688. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

TencentOS Server 4: python3.12 (TSSA-2025:0625)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0625 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

TencentOS Server 4: python3.12 (TSSA-2025:0530)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0530 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Security Bulletin: IBM Maximo Application Suite - Manage Component uses openjdk 17.0.14 and Python 3.11.11 which is vulnerable to CVEs listed in Summary.

Summary IBM Maximo Application Suite - Manage Component uses openjdk 17.0.14 which is vulnerable to CVE-2025-21587 ,CVE-2025-30698 , CVE-2025-2900 and Python 3.11.11 which is vulnerable to CVE-2025-4435,CVE- 2024-12718,CVE-2025-4330, CVE-2025-45. This bulletin contains information regarding the...

MGASA-2025-0280 Updated python3 packages fix security vulnerabilities

URL parser allowed square brackets in domain names. CVE-2025-0938 Mishandling of comma during folding and unicode-encoding of email headers. CVE-2025-1795 Virtual environment venv activation scripts don't quote paths. CVE-2024-9287 Use-after-free in "unicodeescape" decoder with error handler...

Updated python3 packages fix security vulnerabilities

URL parser allowed square brackets in domain names. CVE-2025-0938 Mishandling of comma during folding and unicode-encoding of email headers. CVE-2025-1795 Virtual environment venv activation scripts don't quote paths. CVE-2024-9287 Use-after-free in "unicodeescape" decoder with error handler...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2025-2339)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP12 : python3 (EulerOS-SA-2025-2339)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some fil...

python315-3.15.0~a1-1.1 on GA media (moderate)

python315-3.15.0a1-1.1 on GA media Announcement ID: openSUSE-SU-2025:15713-1 Rating: moderate Cross-References: CVE-2011-3389 CVE-2011-4944 CVE-2012-0845 CVE-2012-1150 CVE-2013-1752 CVE-2013-4238 CVE-2014-2667 CVE-2014-4650 CVE-2019-20907 CVE-2019-5010 CVE-2019-9947 CVE-2020-10735 CVE-2020-15523...

Fedora: Security Advisory (FEDORA-2025-7f2c510349)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-e0b960f5d0)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Photon OS 5.0: Python3 PHSA-2025-5.0-0657

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0657. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...