CVE-2025-4516 vulnerabilities

Vulnerabilities for packages: python...

GHSA-J8R3-CGHJ-9JHG vulnerabilities

Vulnerabilities for packages: python...

CVE-2025-4516 vulnerabilities

Vulnerabilities for packages: python...

GHSA-J8R3-CGHJ-9JHG vulnerabilities

Vulnerabilities for packages: python...

[SECURITY] Fedora 41 Update: maturin-1.8.6-1.fc41

Build and publish crates with pyo3, rust-cpython and cffi bindings as well as rust binaries as python packages...

[SECURITY] Fedora 42 Update: maturin-1.8.6-1.fc42

Build and publish crates with pyo3, rust-cpython and cffi bindings as well as rust binaries as python packages...

academic-chatgpt (>=0.3.0 <=0.4.1), ace-step (=0.1.0) +351 more potentially affected by CVE-2025-48889 via gradio (>=1.7.7 <=5.29.1)

gradio PYPI version =1.7.7, =0.3.0, =0.2.1, =0.1.5, =0.0.6, =0.0.1, =0.1.0, =0.8.11, =0.4.0, =0.0.4, =0.1.1, =0.7.0.dev134, =0.7.0.dev143 and more Source cves: CVE-2025-48889 Source advisory: OSV:GHSA-8JW3-6X8J-V96G...

Fedora: Security Advisory (FEDORA-2024-05dedb1a53)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-e911f71d99)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

alaas (>=0.1.6 <=0.2.1), annlite (>=0.3.14 <=0.4.0) +68 more potentially affected by CVE-2025-5150 via docarray (>=0.12.9 <=0.41.0)

docarray PYPI version =0.12.9, =0.1.6, =0.3.14, =0.0.3, =0.1.0, =0.1.0, =0.1.7, =0.3.9, =0.3.9, =0.5.2, =0.3.9, =0.3.9, =0.5.2, =0.3.9, =0.3.7, =0.3.7.post0 and more Source cves: CVE-2025-5150 Source advisory: SNYK:PYTHON-DOCARRAY-10246594...

CVE-2022-42043

The d8s-xml package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-html package. The affected version is 0.1.0...

Attackers Abuse TikTok and Instagram APIs

It must be the season for API security incidents. Hot on the heels of a developer leaking an API key for private Tesla and SpaceX LLMs, researchers have now discovered a set of tools for validating account information via API abuse, leveraging undocumented TikTok and Instagram APIs. The tools, an...

aaiopay (>=0.2.1 <=0.2.2), abc-xml-converter (>=1.0.0 <=1.0.1) +4009 more potentially affected by CVE-2025-47273 via setuptools (>=15.2.0 <=78.1.0)

setuptools PYPI version =15.2.0, =0.2.1, =1.0.0, =0.0.1, =0.1.18, =0.0.1, =0.1.0, =0.1.0, =0.2.6, =0.0.1, =1.6.0, =3.0.1 and more Source cves: CVE-2025-47273 Source advisory: OSV:PYSEC-2025-49...

AZL-62438 CVE-2025-47273 affecting package setuptool 1.19.11-23

setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. A path traversal vulnerability in PackageIndex is present in setuptools prior to version 78.1.1. An attacker would be allowed to write files to arbitrary locations on the filesystem with...

abi-ds-utils (=1.0.1), acceldata-o2a (=1.0.0) +132 more potentially affected by CVE-2025-32962 via flask-appbuilder (>=4.1.2 <=4.5.4)

flask-appbuilder PYPI version =4.1.2, =0.9.5.1rc1, =1.4.0.3.post4, =1.4.0.3.post3, =0.2.1, =0.4.0, =0.1.0a1, =0.8.2, =0.1.1, =0.1.1, =1.10.6 - airflow-cyberark-secrets-backend =0.1.0 and more Source cves: CVE-2025-32962 Source advisory: SNYK:PYTHON-FLASKAPPBUILDER-10182215...

2vyper (=0.3.0), ape-dasy (=0.1.0) +30 more potentially affected by CVE-2025-47774 via vyper (>=0.1.0b12 <=0.4.1)

vyper PYPI version =0.1.0b12, =0.7.1, =0.1.0, =0.0.0, =0.0.0, =0.0.5, =0.1.0, =0.1.0, =0.7.2, =0.1.10.0, =1.0.1, =0.1.0, =1.4.0, =1.21.0 and more Source cves: CVE-2025-47774 Source advisory: OSV:GHSA-3VCG-J39X-CWFM...

ape-dasy (=0.1.0), avotes-parser-cli (>=0.5.5.post5 <=0.5.6) +7 more potentially affected by CVE-2025-47285 via vyper (>=0.3.9 <=0.4.1)

vyper PYPI version =0.3.9, =0.5.5.post5, =0.5.5.post4, =1.20.7, =0.0.1, =0.3.4, =0.8.31, =0.0.9, =3.4.7, =4.6.1 Source cves: CVE-2025-47285 Source advisory: SNYK:PYTHON-VYPER-10183408...

Oracle Linux 8 : python39:3.9 (ELSA-2025-4791)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-4791 advisory. modwsgi 4.7.1-7.1 - Resolves: RHEL-87514 - CVE-2022-2255 python39:3.9/modwsgi: Trusted Proxy Headers Removing Bypass numpy python39 python3x-pip...

RHEL 8 : python39:3.9 (RHSA-2025:4791)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:4791 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

python27:2.7 security update

An update is available for module.python-sqlalchemy, python-markupsafe, PyYAML, pytz, module.python-setuptoolsscm, python-docutils, python2, module.python-ipaddress, scipy, module.python-docutils, module.python-urllib3, python-mock, numpy, module.python-py, module.python-backports, python-chardet...