64 matches found
CVE-2025-71261
The CVE-2025-71261 issue affects the SUSE Virtualization (Harvester) Rancher integration registration client, specifically the cluster-registration-url path. The root cause is an insecure TLS setup that fails to verify the remote server’s certificate, enabling MITM between SUSE Virtualization and...
OpenVPN OpenSource 安全漏洞
OpenVPN OpenSource is a virtual private network communication software developed by OpenVPN Inc., based on the SSL/TLS protocol. OpenVPN OpenSource has a security vulnerability; this vulnerability stems from bypassing access restrictions through the TLS handshake, potentially leading to the readi...
RLSA-2023:5998 Important: python39:3.9 and python39-devel:3.9 security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...
python27:2.7 security update
An update is available for python-mock, module.python-sqlalchemy, python-backports-sslmatchhostname, python-attrs, python-chardet, python2-rpm-macros, module.numpy, module.python-mock, python-pymongo, python-markupsafe, python2-six, module.python-funcsigs, module.python-pygments,...
MiracleLinux 8 : python27:2.7 (AXSA:2023-6555:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6555:01 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...
MiracleLinux 7 : python-2.7.5-94.0.1.el7.AXS7 (AXSA:2023-6577:43)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6577:43 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...
MiracleLinux 8 : python3-3.6.8-51.el8.2.ML.1 (AXSA:2023-6551:06)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6551:06 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...
MiracleLinux 8 : python3.11-3.11.2-2.el8.2 (AXSA:2023-6479:04)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6479:04 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...
MiracleLinux 8 : python39:3.9 and python39-devel:3.9 (AXSA:2023-6552:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6552:01 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...
ABB M2M Gateway TLS Handshake bypass in embedded Python (CVE-2023-40217)
An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers such as HTTP servers that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is...
USN-7180-1: Python vulnerabilities
It was discovered that Python incorrectly handled certain scripts. An attacker could possibly use this issue to execute arbitrary code or cause a crash. CVE-2022-48560 It was discovered that Python did not properly handle XML entity declarations in plist files. An attacker could possibly use this...
Ubuntu 20.04 LTS / 22.04 LTS : Python vulnerabilities (USN-7180-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7180-1 advisory. It was discovered that Python incorrectly handled certain scripts. An attacker could possibly use this issue to execute arbitrary code or cau...
CLSA-2024-1717692229 python3: Fix of 3 CVEs
Remove -b option, use original maintainer approach - Fix expat regression tests for xmletree - CVE-2022-48564: Improve validation of Plist files that prevent DoS - CVE-2023-40217: Fix TLS handshake bypass - CVE-2023-27043: reject malformed addresses in email.parseaddr...
RHEL 8 : python27:2.7 (RHSA-2023:5990)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:5990 advisory. Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types...
CentOS: Security Advisory for python (CESA-2023:6885)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS: Security Advisory for python3 (CESA-2023:6823)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for python39 (SUSE-SU-2023:3708-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for python311 (SUSE-SU-2023:3943-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for python (SUSE-SU-2023:3933-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
python, tkinter security update
CentOS Errata and Security Advisory CESA-2023:6885 An update for python is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...