EulerOS 2.0 SP10 : python3 (EulerOS-SA-2024-2892)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was found in the CPython zipfile module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is...

Huawei EulerOS: Security Advisory for python-zipp (EulerOS-SA-2024-2593)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP11 : python-zipp (EulerOS-SA-2024-2593)

According to the versions of the python-zipp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A Denial of Service DoS vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggere...

EulerOS 2.0 SP11 : python-zipp (EulerOS-SA-2024-2567)

According to the versions of the python-zipp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A Denial of Service DoS vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggere...

CBL Mariner 2.0 Security Update: python3 / tensorflow (CVE-2024-8088)

The version of python3 / tensorflow installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-8088 advisory. - There is a HIGH severity vulnerability affecting the CPython zipfile module affecting...

python: cpython: Iterating over a malicious ZIP file may lead to Denial of Service

A flaw was found in Python's zipfile module. When iterating over the entries of a zip archive, the process can enter into an infinite loop state and become unresponsive. This flaw allows an attacker to craft a malicious ZIP archive, leading to a denial of service from the application consuming th...

python: cpython: Iterating over a malicious ZIP file may lead to Denial of Service

A flaw was found in Python's zipfile module. When iterating over the entries of a zip archive, the process can enter into an infinite loop state and become unresponsive. This flaw allows an attacker to craft a malicious ZIP archive, leading to a denial of service from the application consuming th...

The vulnerability of the zipfile module in the Python programming language allows a hacker to trigger a service failure.

The vulnerability of the zipfile module in the Python programming language is related to a loop with an unreachable exit condition. Exploiting this vulnerability can allow an attacker to cause service failures...

python: cpython: Iterating over a malicious ZIP file may lead to Denial of Service

A flaw was found in Python's zipfile module. When iterating over the entries of a zip archive, the process can enter into an infinite loop state and become unresponsive. This flaw allows an attacker to craft a malicious ZIP archive, leading to a denial of service from the application consuming th...

CentOS 9 : python3.9-3.9.19-8.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the python3.9-3.9.19-8.el9 build changelog. - There is a HIGH severity vulnerability affecting the CPython zipfile module affecting zipfile.Path. Note that the more common API zipfile.ZipFi...

Debian dsa-5759 : idle-python3.11 - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5759 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5759-1 [email protected] https://www.debian.org/securit...

CVE-2024-8088

A flaw was found in Python's zipfile module. When iterating over the entries of a zip archive, the process can enter into an infinite loop state and become unresponsive. This flaw allows an attacker to craft a malicious ZIP archive, leading to a denial of service from the application consuming th...

AZL-48141 CVE-2024-8088 affecting package tensorflow for versions less than 2.16.1-7

There is a HIGH severity vulnerability affecting the CPython "zipfile" module affecting "zipfile.Path". Note that the more common API "zipfile.ZipFile" class is unaffected. When iterating over names of entries in a zip archive for example, methods of "zipfile.Path" like "namelist", "iterdir", etc...

CVE-2024-8088

There is a HIGH severity vulnerability affecting the CPython "zipfile" module affecting "zipfile.Path". Note that the more common API "zipfile.ZipFile" class is unaffected. When iterating over names of entries in a zip archive for example, methods of "zipfile.Path" like "namelist", "iterdir", etc...

CVE-2024-8088

There is a HIGH severity vulnerability affecting the CPython "zipfile" module affecting "zipfile.Path". Note that the more common API "zipfile.ZipFile" class is unaffected. When iterating over names of entries in a zip archive for example, methods of "zipfile.Path" like "namelist", "iterdir", etc...

CVE-2024-8088

There is a HIGH severity vulnerability affecting the CPython "zipfile" module affecting "zipfile.Path". Note that the more common API "zipfile.ZipFile" class is unaffected. When iterating over names of entries in a zip archive for example, methods of "zipfile.Path" like "namelist", "iterdir", etc...

Python 安全漏洞

Python is an open source, object-oriented programming language from the Python Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. A security vulnerability exists in Python that stems from a potential infinite loop due to a maliciously crafted z...

CLSA-2024-1723482251 python2: Fix of CVE-2024-0450

CVE-2024-0450: add detection of "quoted-overlap" zip-bombs in zipfile module...

OESA-2024-1890 python-zipp security update

A pathlib-compatible Zipfile object wrapper. A backport of the Path object. Security Fixes: A Denial of Service DoS vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an...

OESA-2024-1887 python-zipp security update

A pathlib-compatible Zipfile object wrapper. A backport of the Path object. Security Fixes: A Denial of Service DoS vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an...