01os (>=0.0.5 <=0.0.13), airbyte-source-azure-blob-storage (>=0.3.3 <=0.6.12) +57 more potentially affected by CVE-2024-46455 via unstructured (>=0.10.10 <=0.14.2)

unstructured PYPI version =0.10.10, =0.0.5, =0.3.3, =0.3.6, =0.0.8, =0.1.5, =0.2.0, =4.5.1, =1.0.0, =0.0.1, =0.1.0, =0.0.1, =1.0.0, =1.1.0 and more Source cves: CVE-2024-46455 Source advisory: SNYK:PYTHON-UNSTRUCTURED-8492724...

CVE-2024-12254

Starting in Python 3.12.0, the asyncio.SelectorSocketTransport.writelines method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the "high-water mark". Because of this, Protocols would not periodically drain the write buffer...

Python 安全漏洞

Python is an open source, object-oriented programming language from the Python Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. A security vulnerability exists in Python 3.12.0 and later, which stems from the fact that the...

RHEL 9 : python3.11-urllib3 (RHSA-2024:9922)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:9922 advisory. The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fixes: urllib3:...

USN-7116-1: Python vulnerability

It was discovered that Python incorrectly handled quoting path names when using the venv module. A local attacker able to control virtual environments could possibly use this issue to execute arbitrary code when the virtual environment is activated...

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : Python vulnerability (USN-7116-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by a vulnerability as referenced in the USN-7116-1 advisory. It was discovered that Python incorrectly handled quoting path names when using the venv module. A local attacker able to control...

Important: python3

Issue Overview: There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives. CVE-2024-6232 Affected Packages: python3 Note: This advisory is...

Fedora 37 : python3.6 (2022-fbf6a320fe)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-fbf6a320fe advisory. Security fix for CVE-2022-45061: CPU denial of service via inefficient IDNA decoder Tenable has extracted the preceding description block directly from the...

Fedora 37 : python3.8 (2022-18b234c18b)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-18b234c18b advisory. Update to 3.8.16 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

PrivateGPT 操作系统命令注入漏洞

PrivateGPT is an AI project open-sourced by Zylon. An operating system command injection vulnerability exists in PrivateGPT version 0.3.0 and earlier, which stems from the presence of a Python command injection vulnerability that could allow an attacker to execute arbitrary commands on the system...

Fedora 40 : python3.6 (2024-c8cc025262)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-c8cc025262 advisory. Security fix for CVE-2024-9287 rhbz2321659 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

Python 代码问题漏洞

Python is an open source, object-oriented programming language from the Python Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. A code issue vulnerability exists in Python that stems from the urllib.parse.urlsplit function and the urlparse...

RHEL 8 : python3.11 (RHSA-2024:8838)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:8838 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

Amazon Linux 2 : python (ALAS-2024-2686)

The version of python installed on the remote host is prior to 2.7.18-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2686 advisory. The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion o...

Amazon Linux 2 : python3 (ALAS-2024-2687)

The version of python3 installed on the remote host is prior to 3.7.16-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2687 advisory. The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion ...

RHEL 7 : python3 (RHSA-2024:8490)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:8490 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

The vulnerability of the mkdtemp function in the Python programming language allows attackers to exploit their privileges.

The vulnerability of the mkdtemp function in the Python programming language is related to the incorrect use of standard resolutions. Exploiting this vulnerability can allow attackers to increase their privileges...

actinia-core (>=4.11.0 <=4.14.1), admetica (>=1.3.0 <=1.4.1) +231 more potentially affected by CVE-2024-49766 via werkzeug (>=3.0.0 <=3.0.4)

werkzeug PYPI version =3.0.0, =4.11.0, =1.3.0, =0.1.1, =0.1.0, =0.0.3.20, =0.9.9, =2024.7.18.1, =0.0.1, =0.0.12, =1.9.0, =3.2.2, =3.4.3 and more Source cves: CVE-2024-49766 Source advisory: SNYK:PYTHON-WERKZEUG-8309091...

ROS-20241017-18

Vulnerability in the 'http.cookies' standard library module of the Python programming language interpreter CPython is related to inefficient regular expression complexity. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

Ubuntu 14.04 LTS : Python vulnerability (USN-7015-4)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7015-4 advisory. USN-7015-1 fixed several vulnerabilities in Python. This update provides the corresponding update for CVE-2023-27043 for python2.7 and python3.5 in Ubuntu 14.04...