TencentOS Server 4: python3.11 (TSSA-2025:0531)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0531 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

AIX/VIOS is affected by arbitrary code execution (CVE-2025-47273 CVE-2025-4330 CVE-2024-12718 CVE-2025-4138 CVE-2025-4517) due to Python

IBM SECURITY ADVISORY First Issued: Wed Aug 20 08:31:06 CDT 2025 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/pythonadvisory16.asc Security Bulletin: AIX is affected by arbitrary code execution CVE-2025-47273, CVE-2025-4330,...

BIT-LIBPYTHON-2023-24329

An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters...

BIT-LIBPYTHON-2022-48565

An XML External Entity XXE issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities...

BIT-LIBPYTHON-2020-14422

Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface...

BIT-LIBPYTHON-2020-10735

A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int"text", a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits float, decimal, int.frombytes, and int for binary bases 2, 4, 8, 16, and 32 are no...

PT-2025-31960 · Undefined · Undefined

📢BREAKING: CVE-2025-02701 Python vuln CVSS 6.8 patched in SUSE. Local privilege escalation risk! 🔐 Patch guide ⚠️ Container impact analysis. 📉 Compliance stats . Read more: 👉 https://t.co/X2STlybkx2 https://t.co/mF9A2QGv6o...

Amazon Linux 2023 : python3, python3-devel, python3-idle (ALAS2023-2025-1090)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1090 advisory. The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified denial-of-service. CVE-2025-6069 Tenable has...

Python DoS Vulnerability (Jul 2025) - Linux

Python is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...

SUSE-SU-2025:02523-1 Security update for python

This update for python fixes the following issues: - CVE-2025-6069: Fixed worst case quadratic complexity that can lead to amplified DoS. bsc1244705...

SUSE SLES15 / openSUSE 15 Security Update : python (SUSE-SU-2025:02460-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02460-1 advisory. - CVE-2025-6069: Fixed worst case quadratic complexity that can lead to amplified DoS. bsc1244705 Tenable has extracted the preceding...

SUSE-SU-2025:02460-1 Security update for python

This update for python fixes the following issues: - CVE-2025-6069: Fixed worst case quadratic complexity that can lead to amplified DoS. bsc1244705...

Azure Linux 3.0 Security Update: python3 (CVE-2024-12718)

The version of python3 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-12718 advisory. - Allows modifying some file metadata e.g. last modified with filter=data or file permissions chmod with...

RHEL 8 : python3.11-setuptools (RHSA-2025:11043)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:11043 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic da...

PT-2025-29336 · Undefined · Undefined

🚨 Urgent Security Alert for SUSE Linux Users! A critical Python 3.6 vulnerability CVE-2025-02297 could allow hackers to take control of your systems. Patch now or risk a breach! Read more: 👉 https://t.co/SQf5nrtP2S CyberSecurity Linux Python https://t.co/KhfXC8zq7o...

OESA-2025-1758 jython security update

Jython is an implementation of the high-level, dynamic, object-oriented language Python seamlessly integrated with the Java platform. The predecessor to Jython, JPython, is certified as 100% Pure Java. Jython is freely available for both commercial and non-commercial use and is distributed with...

BIT-PYTHON-MIN-2025-4138 Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory

Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall or...

Amazon Linux 2 : python (ALAS-2025-2911)

The version of python installed on the remote host is prior to 2.7.18-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2911 advisory. The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially...

Security Bulletin: IBM Maximo Application Suite - Iot Component uses axios 1.7.9 and Python-3.8.17 which is vulnerable to CVE-2023-40217, CVE-2024-6232, CVE-2022-40897, CVE-2024-6345, CVE-2023-5752 and CVE-2025-27152

Summary IBM Maximo Application Suite - Iot Component uses axios 1.7.9 and Python-3.8.17 which is vulnerable to CVE-2023-40217, CVE-2024-6232, CVE-2022-40897, CVE-2024-6345, CVE-2023-5752 and CVE-2025-27152. This bulletin contains information regarding the vulnerability and its fixture...

Security Bulletin: IBM Maximo Application Suite - Iot Component uses axios 1.7.9 and Python-3.8.17 which is vulnerable to CVE-2023-40217, CVE-2024-6232, CVE-2022-40897, CVE-2024-6345, CVE-2023-5752 and CVE-2025-27152

Summary IBM Maximo Application Suite - Iot Component uses axios 1.7.9 and Python-3.8.17 which is vulnerable to CVE-2023-40217, CVE-2024-6232, CVE-2022-40897, CVE-2024-6345, CVE-2023-5752 and CVE-2025-27152. This bulletin contains information regarding the vulnerability and its fixture...