RockyLinux 9 : python3.12 (RLSA-2025:7107)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:7107 advisory. python: cpython: URL parser allowed square brackets in domain names CVE-2025-0938 Tenable has extracted the preceding description block directly from the RockyLin...

python3.12 security update

An update is available for python3.12. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming...

Important: python3.12-cryptography security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

python3.12 security update

An update is available for python3.12. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming languag...

RHEL 9 : python3.12 (RHSA-2025:15348)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:15348 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic da...

AlmaLinux 8 : python3.12 (ALSA-2025:14546)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:14546 advisory. cpython: Cpython infinite loop when parsing a tarfile CVE-2025-8194 Tenable has extracted the preceding description block directly from the AlmaLinux security...

Oracle Linux 10 : python3.12 (ELSA-2025-14984)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-14984 advisory. - Security fix for CVE-2025-8194 Resolves: RHEL-106370 - Security fixes for CVE-2025-4517, CVE-2025-4330, CVE-2025-4138, CVE-2024-12718, CVE-2025-4435 Tenable...

Moderate: Red Hat Security Advisory: python3.12 security update

An update for python3.12 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Oracle Linux 8 : python3.12 (ELSA-2025-14546)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-14546 advisory. 3.12.11-2 - Security fix for CVE-2025-8194 Resolves: RHEL-106343 Tenable has extracted the preceding description block directly from the Oracle Linux security...

SUSE-SU-2025:02982-1 Security update for python312

This update for python312 fixes the following issues: - CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets bsc1247249...

BIT-LIBPYTHON-2024-12718 Bypass extraction filter to modify file metadata outside extraction directory

Allows modifying some file metadata e.g. last modified with filter="data" or file permissions chmod with filter="tar" of files outside the extraction directory. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall or...

Important: python3.9

Issue Overview: Allows modifying some file metadata e.g. last modified with filter="data" or file permissions chmod with filter="tar" of files outside the extraction directory. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using...

DEBIAN-CVE-2024-12718

Allows modifying some file metadata e.g. last modified with filter="data" or file permissions chmod with filter="tar" of files outside the extraction directory. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall or...

UBUNTU-CVE-2024-12718

Allows modifying some file metadata e.g. last modified with filter="data" or file permissions chmod with filter="tar" of files outside the extraction directory. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall or...

python3.12-psycopg2 bug fix and enhancement update

An update is available for python3.12-psycopg2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rock...

python3.12-iniconfig bug fix and enhancement update

An update is available for python3.12-iniconfig. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Roc...

Medium: python3.12

Issue Overview: The Python standard library functions urllib.parse.urlsplit and urlparse accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could...

RLSA-2024:9190 Moderate: python3.12 security update

Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.12 package provides the "python3.12" executable:...

Use of Weak Hash

Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Use of Weak Hash due to the use of a predictable constant value in the Python 3.12 built-in hash function. An attacker can interfere with subsequent...

OPENSUSE-SU-2024:14581-1 python312-3.12.8-1.1 on GA media

These are all security issues fixed in the python312-3.12.8-1.1 package on the GA media of openSUSE Tumbleweed...