SUSE CVE-2024-0450

An issue was found in the CPython zipfile module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is vulnerable to “quoted-overlap” zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython...

Astra Linux - уязвимость в python2.7, python3.7, python3.11

A issue was discovered in the CPython zipfile module, affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, 3.8.18, and earlier versions. The zipfile module is vulnerable to “quoted-overlap” zip-bombs, which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versio...

Astra Linux - уязвимость в sqlite3

The ext/misc/zipfile.c file in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded \0' characters in filenames, resulting in a memory-management error that can be detected using tools like valgrind...

Astra Linux - уязвимость в python3.11

There is a HIGH-severity vulnerability affecting the CPython “zipfile” module, specifically the “zipfile.Path” class. It should be noted that the more commonly used API “zipfile.ZipFile” class is not affected. When iterating over the names of entries in a zip archive for example, methods like...

PT-2026-33220

Name of the Vulnerable Software and Affected Versions gdown versions prior to 5.2.2 Description A Path Traversal issue exists within the extractall function in the gdown/extractall.py file. The software fails to sanitize or validate the filenames of members within ZIP or TAR archives during...

GHSA-4PH2-F6PF-79WV PraisonAI Has Arbitrary File Write (Zip Slip) in Templates Extraction

The PraisonAI templates installation feature is vulnerable to a "Zip Slip" Arbitrary File Write attack. When downloading and extracting template archives from external sources e.g., GitHub, the application uses Python's zipfile.extractall without verifying if the files within the archive resolve...

Security Bulletin: IBM Storage Ceph is vulnerable to Improper Validation of Specified Index, Position, or Offset in Input in zipfile (CVE-2025-8291)

Summary zipfile is used by IBM Storage Ceph. CVE-2025-8291 This bulletin identifies the steps to take to address the vulnerability in Ceph. Vulnerability Details CVEID:CVE-2025-8291 DESCRIPTION: The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator...

OESA-2026-1772 sqlite security update

SQLite is a C-language library that implements a small, fast, self-contained, high-reliability, full-featured, SQL database engine. SQLite is the most used database engine in the world. SQLite is built into all mobile phones and most computers and comes bundled inside countless other applications...

OESA-2026-1771 sqlite security update

SQLite is a C-language library that implements a small, fast, self-contained, high-reliability, full-featured, SQL database engine. SQLite is the most used database engine in the world. SQLite is built into all mobile phones and most computers and comes bundled inside countless other applications...

OESA-2026-1770 sqlite security update

SQLite is a C-language library that implements a small, fast, self-contained, high-reliability, full-featured, SQL database engine. SQLite is the most used database engine in the world. SQLite is built into all mobile phones and most computers and comes bundled inside countless other applications...

OESA-2026-1767 sqlite security update

SQLite is a C-language library that implements a small, fast, self-contained, high-reliability, full-featured, SQL database engine. SQLite is the most used database engine in the world. SQLite is built into all mobile phones and most computers and comes bundled inside countless other applications...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : sqlite3 (SUSE-SU-2026:1065-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1065-1 advisory. Update sqlite3 to 3.51.3: - CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. -...

SUSE-SU-2026:1065-1 Security update for sqlite3

This update for sqlite3 fixes the following issues: Update sqlite3 to 3.51.3: - CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. - CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation bsc1259619. Changelog: Fix the WAL-reset database...

SQLite <= 3.51.1 Information Disclosure

The version of SQLite installed on the remote host is prior to 3.51.2. It is, therefore, affected by an information disclosure issue where the zipfileInflate function, responsible for decompressing ZIP file contents, fails to properly validate or sanitize data during the inflation process. When...

SUSE SLES12 Security Update : sqlite3 (SUSE-SU-2026:0955-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0955-1 advisory. Update to 3.51.3: - CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. - CVE-2025-70873: SQLite zipfile extension may disclose...

SUSE-SU-2026:20771-1 Security update for sqlite3

This update for sqlite3 fixes the following issues: Update to sqlite3 3.51.3: - CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. - CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation bsc1259619. Changelog: Update to version 3.51.3: Fix the...

SUSE-SU-2026:0955-1 Security update for sqlite3

This update for sqlite3 fixes the following issues: Update to 3.51.3: - CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. - CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation bsc1259619. Changelog: Fix the WAL-reset database corruption bug...

Security update for sqlite3

This update for sqlite3 fixes the following issues: Update to 3.51.3: CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation bsc1259619. Changelog: Fix the WAL-reset database corruption bug:...

SUSE-SU-2026:20794-1 Security update for sqlite3

This update for sqlite3 fixes the following issues: Update to version 3.51.3: - CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. - CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation bsc1259619. Changelog: Update to version 3.51.3: Fix the...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2026-1588)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...