Astra Linux – Vulnerability in Python 3.11, Python 3.7

User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL’s media type...

Astra Linux – Vulnerability in Python 3.11, Python 3.7

When loading a plist file, the plistlib module reads data in a size specified by the file itself. This means that a malicious file can cause out-of-memory OOM and denial-of-service DoS issues...

Astra Linux – Vulnerability in Python 3.11, Python 3.7

The poplib module, when a user-controlled command is passed to it, can have additional commands injected using newlines. Mitigation rejects commands that contain control characters...

SUSE CVE-2026-41140

Poetry is a dependency manager for Python. Prior to 2.3.4, the extractall function in src/poetry/utils/helpers.py:410-426 extracts sdist tarballs without path traversal protection on Python versions where tarfile.datafilter is unavailable. Considering only Python versions which are still supporte...

ROOT-OS-DEBIAN-12-CVE-2025-12084 CVE-2025-12084 in rootio-python3.11 - Patched by Root

Root has patched CVE-2025-12084 in the rootio-python3.11 package for Root:Debian:12. Multiple fixed versions available...

ROOT-OS-DEBIAN-12-CVE-2025-6069 CVE-2025-6069 in rootio-python3.11 - Patched by Root

Root has patched CVE-2025-6069 in the rootio-python3.11 package for Root:Debian:12. Multiple fixed versions available...

ROOT-OS-DEBIAN-12-CVE-2025-11468 CVE-2025-11468 in rootio-python3.11 - Patched by Root

Root has patched CVE-2025-11468 in the rootio-python3.11 package for Root:Debian:12. Multiple fixed versions available...

SUSE-SU-2026:21415-1 Security update for python311

This update for python311 fixes the following issue: - CVE-2026-3446: base64 decoding stops at first padded quad by default and ignores other information that could be processed bsc1261970...

RHSA-2026:10774 Red Hat Security Advisory: python3.11 security update

Bulletin has no description...

Low: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: python3.11: python3.11-3.11.15-4.2.hum1 aarch64, x8664 python3.11-debug-3.11.15-4.2.hum1 aarch64, x8664 python3.11-devel-3.11.15-4.2.hum1 aarch64, x8664 python3.11-idle-3.11.15-4.2.hum1 aarch64,...

RockyLinux 9 : python3.11 (RLSA-2026:10774)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:10774 advisory. python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules CVE-2026-6100 python: cpython: Python:...

Oracle Linux 8 : python3.11 (ELSA-2026-11062)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-11062 advisory. 3.11.13-7.0.1 - Update rpm-macros description Orabug: 36024572 3.11.13-7 - Security fixes for CVE-2026-4786, CVE-2026-6100 Resolves: RHEL-168129,...

Oracle Linux 9 : python3.11 (ELSA-2026-10774)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-10774 advisory. 3.11.13-5.3.0.1 - Remove upstream URL reference Orabug: 36073032 3.11.13-5.3 - Security fixes for CVE-2026-4786, CVE-2026-6100 Resolves: RHEL-167913,...

python3.11 security update

3.11.13-5.3.0.1 - Remove upstream URL reference Orabug: 36073032 3.11.13-5.3 - Security fixes for CVE-2026-4786, CVE-2026-6100 Resolves: RHEL-167913, RHEL-168155...

Important: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

CVE-2026-41140 Poetry: Path traversal in tar extraction on Python 3.10.0 - 3.10.12 and 3.11.0 - 3.11.4

Poetry is a dependency manager for Python. Prior to 2.3.4, the extractall function in src/poetry/utils/helpers.py:410-426 extracts sdist tarballs without path traversal protection on Python versions where tarfile.datafilter is unavailable. Considering only Python versions which are still supporte...

SUSE SLES15 Security Update : python311 (SUSE-SU-2026:1530-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1530-1 advisory. - CVE-2025-13462: incorrect parsing of TarInfo header when GNU long name and type AREGTYPE are combined bsc1259611. - CVE-2026-3479...

RHEL 9 : python3.11 (RHSA-2026:9260)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:9260 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

[SECURITY] Fedora 42 Update: python3.11-3.11.15-4.fc42

Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable:...

RHEL 9 : python3.11 (RHSA-2026:9042)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:9042 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...