27 matches found
MiracleLinux 9 : python3.11-3.11.13-5.3.el9_7 (AXSA:2026-521:09)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-521:09 advisory. python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules CVE-2026-6100 python: cpython: Python:...
[SECURITY] [DLA 4532-1] python3.9 regression and security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4532-1 [email protected] https://www.debian.org/lts/security/ Arnaud Rebillout April 15, 2026 https://wiki.debian.org/LTS -...
Important: python3.11 security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...
RHEL 9 : python3.9 (RHSA-2026:4168)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4168 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...
[SECURITY] Fedora 43 Update: python3.11-3.11.14-5.fc43
Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable:...
python3.12 security update
3.12.12-4.0.1 - Remove upstream URL reference 3.12.12-4 - Release bump to correct the build for wrong release Related: RHEL-141026 3.12.12-3 - Security fix for CVE-2025-13836 Resolves: RHEL-141026 3.12.12-2 - Security fix for CVE-2025-12084 Resolves: RHEL-135399...
DLA-4445-1 python3.9 - security update
Bulletin has no description...
RHEL 10 : python3.12 (RHSA-2025:14984)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:14984 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic...
SUSE SLED15 / SLES15 Security Update : python313 (SUSE-SU-2025:4277-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4277-1 advisory. Update to 3.13.9: - CVE-2025-6075: Fixed simple quadratic complexity vulnerabilities of os.path.expandvars...
Security update for python39
This update for python39 fixes the following issues: Updated to 3.9.24: CVE-2025-6075: Fixed simple quadratic complexity vulnerabilities of os.path.expandvars bsc1252974 CVE-2025-8291: Fixed validity of the ZIP64 End of Central Directory EOCD not checked by the 'zipfile' module bsc1251305 Patch...
reflected-xss-poc
Reflected XSS PoC Description: This repository contains...
RHEL 8 : python3 (RHSA-2025:16151)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:16151 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic da...
Moderate: Red Hat Security Advisory: python39:3.9 security update
An update for the python39:3.9 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated...
RHEL 8 : python39:3.9 (RHSA-2025:15411)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:15411 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic da...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the tarfile module's extraction process when using the extractall or extract functions with the filter parameter set to "data" or "tar". An attacker can cause files or symlinks to be created outside the intended...
Important: python3.12
Issue Overview: Starting in Python 3.12.0, the asyncio.SelectorSocketTransport.writelines method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the "high-water mark". Because of this, Protocols would not periodically drain the...
PT-2024-23581 · Unknown +1 · Ros Python Version +1
Name of the Vulnerable Software and Affected Versions: ROS2 Robot Operating System 2 versions 2 through 2, ROS PYTHON VERSION 3 Description: An arbitrary file upload issue has been discovered, allowing attackers to execute arbitrary code, cause a denial of service DoS, and obtain sensitive...
PT-2024-23559 · Ros2 · Ros2
Name of the Vulnerable Software and Affected Versions: ROS2 Iron Irwini versions where ROS VERSION is 2 and ROS PYTHON VERSION is 3 Description: A Denial-of-Service DoS issue exists, allowing a malicious user to remotely crash ROS2 nodes, causing a denial of service. The flaw leads to unexpected...
PT-2024-23570 · Ros2 · Ros2
Name of the Vulnerable Software and Affected Versions: ROS2 Galactic Geochelone versions where ROS VERSION is 2 and ROS PYTHON VERSION is 3 Description: An unauthorized node injection issue allows remote attackers to escalate privileges. Recommendations: For ROS2 Galactic Geochelone versions wher...
PT-2024-23565 · Ros2 · Ros2
Name of the Vulnerable Software and Affected Versions: ROS2 Iron Irwini versions ROS VERSION 2 and ROS PYTHON VERSION 3 Description: A buffer overflow issue has been found in the C++ components, allowing attackers to execute arbitrary code or cause a Denial of Service DoS via improper handling of...