Azure Linux 3.0 Security Update: python3 / tensorflow (CVE-2024-8088)

The version of python3 / tensorflow installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-8088 advisory. - There is a HIGH severity vulnerability affecting the CPython zipfile module affecting...

CLSA-2026-1769020780 python3.9: Fix of CVE-2025-12084

CVE-2025-12084: fix denial-of-service by removing quadratic behavior in xml.dom.minidom node ID cache clearing when building deeply nested documents...

AZL-75044 CVE-2026-0672 affecting package python3 for versions less than 3.9.19-18

When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters...

CLSA-2026-1768911433 python3.11: Fix of CVE-2025-12084

CVE-2025-12084: fix denial-of-service by removing quadratic behavior in xml.dom.minidom node ID cache clearing when building deeply nested documents...

MiracleLinux 9 : python3.9-3.9.14-1.el9.2 (AXSA:2023-5191:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5191:01 advisory. Python: CPU denial of service via inefficient IDNA decoder CVE-2022-45061 Tenable has extracted the preceding description block directly from the MiracleLinu...

CentOS 9 : python3.9-3.9.25-3.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the python3.9-3.9.25-3.el9 build changelog. - When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is...

MiracleLinux 8 : python39:3.9 and python39-devel:3.9 (AXSA:2023-6552:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6552:01 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 8 : python36:3.6 (AXSA:2024-9397:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9397:01 advisory. virtualenv: potential command injection via virtual environment activation scripts CVE-2024-53899 Tenable has extracted the preceding description block...

Debian dla-4445 : idle-python3.9 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4445 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4445-1 [email protected]...

MiracleLinux 9 : python3.9-3.9.18-3.el9_4.6 (AXSA:2024-8947:06)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8947:06 advisory. python: cpython: tarfile: ReDos via excessive backtracking while parsing header values CVE-2024-6232 Tenable has extracted the preceding description block...

MiracleLinux 8 : python3.11-3.11.2-2.el8.2 (AXSA:2023-6479:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6479:04 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 9 : python3.11-3.11.11-2.el9_6.2 (AXSA:2025-10821:09)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10821:09 advisory. cpython: Cpython infinite loop when parsing a tarfile CVE-2025-8194 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 9 : python3.11-3.11.2-2.el9.2 (AXSA:2023-6478:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6478:03 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 9 : python3.9-3.9.21-1.el9_5 (AXSA:2024-9439:09)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9439:09 advisory. python: Virtual environment venv activation scripts don't quote paths CVE-2024-9287 python: Improper validation of IPv6 and IPvFuture addresses...

MiracleLinux 8 : python3-3.6.8-41.el8.ML.1 (AXSA:2021-2751:06)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2751:06 advisory. python: Information disclosure via pydoc CVE-2021-3426 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

[SECURITY] Fedora 42 Update: python3.12-3.12.12-2.fc42

Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.12 package provides the "python3.12" executable:...

MiracleLinux 4 : python33-python-3.3.2-18.AXS4 (AXSA:2016-628:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-628:01 advisory. Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details,...

CLSA-2026-1768480470 python3.11: Fix of CVE-2025-13836

CVE-2025-13836: fixed memory exhaustion vulnerability when reading HTTP responses with malicious Content-Length headers...

EulerOS 2.0 SP12 : python3 (EulerOS-SA-2026-1078)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to...

CLSA-2026-1768412660 python3.11: Fix of CVE-2025-13836

CVE-2025-13836: fixed memory exhaustion vulnerability when reading HTTP responses with malicious Content-Length headers...