SUSE SLED15 / SLES15 Security Update : python311 (SUSE-SU-2026:2298-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2298-1 advisory. - CVE-2026-3446: Base64 decoding stops at first padded quad by default bsc1261970. Tenable has extracted the preceding...

CVE-2026-11816

Keras versions prior to 3.14.0 are vulnerable to a path traversal issue in the archive extraction utilities located in keras/src/utils/fileutils.py. The functions filtersafetarinfos and filtersafezipinfos validate archive member paths against the process current working directory CWD instead of t...

CVE-2026-11816

CVE-2026-11816 affects Keras

Security update for python311

This update for python311 fixes the following issues: CVE-2026-3446: Base64 decoding stops at first padded quad by default bsc1261970. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run...

SUSE-SU-2026:2257-1 Security update for salt

This update for salt fixes the following issue: Security issues fixed: - CVE-2026-31958: python-tornado: parsing large multipart bodies with many parts can cause a denial of service bsc1259554. Other updates and bugfixes: - Use non vendored Tornado with Python 3.11 bsc1257583, bsc1259700 - Harden...

Security update for salt

This update for salt fixes the following issue: Security issues fixed: CVE-2026-31958: python-tornado: parsing large multipart bodies with many parts can cause a denial of service bsc1259554. Other updates and bugfixes: Use non vendored Tornado with Python 3.11 bsc1257583, bsc1259700 Harden Torna...

SUSE-SU-2026:2256-1 Security update for salt

This update for salt fixes the following issue: Security issues fixed: - CVE-2026-31958: python-tornado: parsing large multipart bodies with many parts can cause a denial of service bsc1259554. Other updates and bugfixes: - Use non vendored Tornado with Python 3.11 bsc1257583, bsc1259700 - Harden...

SUSE-SU-2026:2255-1 Security update 5.0.8 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: - Security issues fixed: - CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 - CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer...

Security update 5.0.8 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow...

RHSA-2026:19175 Red Hat Security Advisory: python3.11 security update

Bulletin has no description...

RHSA-2026:18957 Red Hat Security Advisory: python3.11 security update

Bulletin has no description...

Astra Linux - уязвимость в python3.11

When using http.cookies.Morsel, user-controlled cookie values and parameters may allow the injection of HTTP headers into messages. The patch rejects all control characters within cookie names, values, and parameters...

Astra Linux - уязвимость в python3.11, python3.7

The email module, specifically the “BytesGenerator” class, did not properly quote newlines for email headers when serializing an email message. This issue occurs only when using “LiteralHeader” to write headers that do not follow email folding rules. The new behavior will reject incorrectly folde...

Astra Linux - уязвимость в python3.11

It allows the extraction filter to be ignored, enabling symlink targets to point outside the destination directory, and modifying some file metadata. This vulnerability affects users who use the TarFile module to extract untrusted tar archives using TarFile.extractall or TarFile.extract, with the...

CLSA-2026-1778613560 python3.11: Fix of 2 CVEs

CVE-2025-15282: reject control characters in data: URL mediatypes - CVE-2025-11468: preserve parens when folding email comments to prevent header injection...

RHSA-2026:14652 Red Hat Security Advisory: python3.11 security update

Bulletin has no description...

RHSA-2026:14653 Red Hat Security Advisory: python3.11 security update

Bulletin has no description...

RHEL 9 : python3.11 (RHSA-2026:14653)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:14653 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

OPENSUSE-SU-2026:10708-1 python311-Django4-4.2.30-2.1 on GA media

These are all security issues fixed in the python311-Django4-4.2.30-2.1 package on the GA media of openSUSE Tumbleweed...

RHEL 9 : python3.11 (RHSA-2026:13692)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13692 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...