634 matches found
Important: python3.12
Issue Overview: Allows modifying some file metadata e.g. last modified with filter="data" or file permissions chmod with filter="tar" of files outside the extraction directory. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using...
Python DoS Vulnerability (Jun 2025) - Linux
Python is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...
Python DoS Vulnerability (Jun 2025) - Windows
Python is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...
CVE-2025-6069
A denial-of-service DoS vulnerability has been discovered in Python's html.parser.HTMLParser class. When processing specially malformed HTML input, the parsing runtime can become quadratic with respect to the input size. This significantly increased processing time can lead to excessive resource...
TencentOS Server 3: python3 (TSSA-2023:0260)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0260 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
TencentOS Server 2: python3 (TSSA-2023:0125)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0125 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...
TencentOS Server 4: python3.12 (TSSA-2025:0173)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0173 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
TencentOS Server 4: python3.12 (TSSA-2025:0006)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0006 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
TencentOS Server 2: python (TSSA-2023:0275)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0275 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...
TencentOS Server 4: python3.11 (TSSA-2024:0589)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0589 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
TencentOS Server 3: python3.11 (TSSA-2023:0212)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0212 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
TencentOS Server 2: python3 (TSSA-2023:0270)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0270 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...
Fedora 41 : python3.11 (2025-56b4c0f4c4)
The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-56b4c0f4c4 advisory. Update to 3.11.13. - gh-135034: CVE 2024-12718 CVE 2025-4138 CVE 2025-4330 CVE 2025-4435 CVE 2025-4517 Fixes multiple issues that allowed tarfile extraction...
Fedora 41 : python3.9 (2025-cebde6a6e3)
The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-cebde6a6e3 advisory. Update to 3.9.23. - gh-135034: CVE 2024-12718 CVE 2025-4138 CVE 2025-4330 CVE 2025-4435 CVE 2025-4517 Fixes multiple issues that allowed tarfile extraction...
Fedora 42 : python3.9 (2025-6efe030226)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-6efe030226 advisory. Update to 3.9.23. - gh-135034: CVE 2024-12718 CVE 2025-4138 CVE 2025-4330 CVE 2025-4435 CVE 2025-4517 Fixes multiple issues that allowed tarfile extraction...
AlmaLinux 8 : python36:3.6 (ALSA-2025:8419)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:8419 advisory. python-pymongo: Out-of-bounds read in bson module CVE-2024-5629 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory...
AZL-62322 CVE-2025-4138 affecting package python3 for versions less than 3.9.19-14
Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall or...
CVE-2024-12718
Allows modifying some file metadata e.g. last modified with filter="data" or file permissions chmod with filter="tar" of files outside the extraction directory. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall or...
CVE-2025-4138
Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall or...
RHEL 8 : python36:3.6 (RHSA-2025:8419)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:8419 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...