MiracleLinux 9 : python3.9-3.9.18-1.el9 (AXSA:2023-6804:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6804:05 advisory. python: tarfile module directory traversal CVE-2007-4559 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : python3.11-3.11.9-7.el8_10 (AXSA:2024-8834:23)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8834:23 advisory. python: incorrect IPv4 and IPv6 private ranges CVE-2024-4032 cpython: python: email module doesn't properly quotes newlines in email headers, allowi...

MiracleLinux 9 : python3.11-3.11.9-7.el9.1 (AXSA:2024-9350:29)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9350:29 advisory. python: cpython: tarfile: ReDos via excessive backtracking while parsing header values CVE-2024-6232 Tenable has extracted the preceding description block...

MiracleLinux 8 : python3.11-3.11.9-1.el8_10 (AXSA:2024-8471:15)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8471:15 advisory. python: Path traversal on tempfile.TemporaryDirectory CVE-2023-6597 python: The zipfile module is vulnerable to zip-bombs leading to denial of servi...

MiracleLinux 4 : rh-python34-python-3.4.2-14.AXS4 (AXSA:2016-651:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-651:01 advisory. Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details, especially ho...

MiracleLinux 7 : python-2.7.5-86.0.1.el7.AXS7 (AXSA:2019-4284:05)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4284:05 advisory. python: Missing salt initialization in elementtree.c module CVE-2018-14647 python: NULL pointer dereference using a specially crafted X509 certifica...

MiracleLinux 9 : python3.9-3.9.21-2.el9_6.1 (AXSA:2025-10620:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10620:02 advisory. cpython: Tarfile extracts filtered members when errorlevel=0 CVE-2025-4435 cpython: Bypass extraction filter to modify file metadata outside...

RHEL 10 : python3.12 (RHSA-2026:0353)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0353 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic da...

CVE-2025-12084 affecting package python3 for versions less than 3.12.9-7

CVE-2025-12084 affecting package python3 for versions less than 3.12.9-7. A patched version of the package is available...

CVE-2022-35861

pyenv 1.2.24 through 2.3.2 allows local users to gain privileges via a .python-version file in the current working directory. An attacker can craft a Python version string in .python-version to execute shims under their control. Shims are executables that pass a command along to a specific versio...

CVE-2024-39205

An issue in pyload-ng v0.5.0b3.dev85 running under python3.11 or below allows attackers to execute arbitrary code via a crafted HTTP request...

Photon OS 5.0: Python3 PHSA-2026-5.0-0729

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0729. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

python3.12 security update

An update is available for python3.12. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming languag...

Oracle Linux 8 : python3.12 (ELSA-2026-0123)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0123 advisory. 3.12.12-1 - Update to 3.12.12 - Security fix for CVE-2025-8291 and CVE-2025-12084 Resolves: RHEL-128364, RHEL-135391 Tenable has extracted the precedin...

CVE-2025-14026

Forcepoint One DLP Client, version 23.04.5642 and possibly newer versions, includes a restricted version of Python 2.5.4 that prevents use of the ctypes library. ctypes is a foreign function interface FFI for Python, enabling calls to DLLs/shared libraries, memory allocation, and direct code...

CVE-2025-14026 Vulnerable Python version used in Forcepoint One DLP Client

Forcepoint One DLP Client, version 23.04.5642 and possibly newer versions, includes a restricted version of Python 2.5.4 that prevents use of the ctypes library. ctypes is a foreign function interface FFI for Python, enabling calls to DLLs/shared libraries, memory allocation, and direct code...

CVE-2025-14026

Summary (CVE-2025-14026): Forcepoint One DLP Client (version 23.04.5642 and potentially newer) ships with a restricted Python 2.5.4 runtime that blocks ctypes (FFI). The restriction was shown to be bypassable by reintroducing ctypes support, enabling potential arbitrary code execution via DLLs/me...

CVE-2025-14026 Vulnerable Python version used in Forcepoint One DLP Client

Forcepoint One DLP Client, version 23.04.5642 and possibly newer versions, includes a restricted version of Python 2.5.4 that prevents use of the ctypes library. ctypes is a foreign function interface FFI for Python, enabling calls to DLLs/shared libraries, memory allocation, and direct code...

PT-2026-1435

Name of the Vulnerable Software and Affected Versions Forcepoint One DLP Client versions 23.04.5642 and later Description The Forcepoint One DLP Client includes a restricted version of Python 2.5.4 that limits the use of the ctypes library. The ctypes library is a foreign function interface FFI f...

OPENSUSE-SU-2026:10011-1 python314-3.14.2-1.1 on GA media

These are all security issues fixed in the python314-3.14.2-1.1 package on the GA media of openSUSE Tumbleweed...