678 matches found
SUSE-SU-2026:1028-1 Security update for salt
This update for salt fixes the following issues: - Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header parameter parsing algorithm bsc1254904...
SUSE-SU-2026:1027-1 Security update for salt
This update for salt fixes the following issues: - Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header parameter parsing algorithm bsc1254904...
SUSE-SU-2026:1012-1 Security update 5.0.7 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: - Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header parameter parsing algorithm bsc1254904...
The vulnerability of the command-line tool for working with Wheel files is related to incorrect path name restrictions, which allows attackers to escalate their privileges or execute arbitrary code.
The vulnerability of the command-line tool for working with Wheel files is related to an incorrect limitation on the path name to the directory. Exploiting this vulnerability can allow an attacker to increase their privileges or execute arbitrary code...
OPENSUSE-SU-2026:20412-1 Security update for salt
This update for salt fixes the following issues: Changes in salt: - Security issues fixed: CVE-2025-67724: fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: fixed HTTP header parameter parsing algorithm...
Security Bulletin: Vulnerabilities in wheel affects IBM watsonx Orchestrate with watsonx Assistant Cartridge
Summary Potential vulnerability in wheel has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2026-24049 DESCRIPTION: wheel is a...
Fedora 44 : python3.6 (2026-cb86172c17)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-cb86172c17 advisory. Rebuilt for improvements of %pythonwheelinjectsbom in python-rpm-macros-3.14-11. ---- Security fix for CVE-2025-12084 Tenable has extracted the preceding...
skia-python vendors vulnerable libfreetype because of pinned cibuildwheel version
Impact The Linux wheels for skia-python vendor a vulnerable version of libfreetype that is affected by CVE-2025-27363 1. The root cause is a chain of unfortunate events: 1. skia-python builds wheels using pinned pypa/[email protected] 2 2. cibuildwheel 2.21.3 in turn pins manylinux container...
ROS-20260310-73-0035
Vulnerability in python-wheel related to incorrect path name restriction to a restricted directory. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information...
wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking
A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the...
wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking
A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the...
Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Product Security and Bug Fix Update
An update is now available for Red Hat Ansible Automation Platform 2.6 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
TencentOS Server 4: python-wheel (TSSA-2026:0103)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0103 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
TencentOS Server 4: python-pip (TSSA-2026:0096)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0096 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
OESA-2026-1448 python-pip security update
pip is the package installer for Python. You can use pip to install packages from the Python Package Index and other indexes. %global bashcompdir %b=$pkg-config --variable=completionsdir bash-completion 2/dev/null; echo $b:-/bashcompletion.d Name: python-pip Version: 23.3.1 Release: 6 Summary: A...
OESA-2026-1447 python-pip security update
pip is the package installer for Python. You can use pip to install packages from the Python Package Index and other indexes. %global bashcompdir %b=$pkg-config --variable=completionsdir bash-completion 2/dev/null; echo $b:-/bashcompletion.d Name: python-pip Version: 23.3.1 Release: 6 Summary: A...
OESA-2026-1446 python-pip security update
pip is the package installer for Python. You can use pip to install packages from the Python Package Index and other indexes. %global bashcompdir %b=$pkg-config --variable=completionsdir bash-completion 2/dev/null; echo $b:-/bashcompletion.d Name: python-pip Version: 23.3.1 Release: 6 Summary: A...
OESA-2026-1444 python-pip security update
pip is the package installer for Python. You can use pip to install packages from the Python Package Index and other indexes. %global bashcompdir %b=$pkg-config --variable=completionsdir bash-completion 2/dev/null; echo $b:-/bashcompletion.d Name: python-pip Version: 23.3.1 Release: 6 Summary: A...
OESA-2026-1443 python-pip security update
pip is the package installer for Python. You can use pip to install packages from the Python Package Index and other indexes. %global bashcompdir %b=$pkg-config --variable=completionsdir bash-completion 2/dev/null; echo $b:-/bashcompletion.d Name: python-pip Version: 23.3.1 Release: 6 Summary: A...
Security Bulletin: IBM Maximo Application Suite - Monitor Component uses transformers-4.53.0-py3-none-any.whl which is vulnerable to multiple CVEs.
Summary IBM Maximo Application Suite - Monitor Component uses transformers-4.53.0-py3-none-any.whl which is vulnerable to CVE-2025-14920, CVE-2025-14921, CVE-2025-14926, CVE-2025-14927, CVE-2025-14924, CVE-2025-14928, CVE-2025-14929, CVE-2025-14930. This bulletin contains information addressing t...