OESA-2026-1460 python3 security update

Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...

cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service

A flaw was found in cpython. This vulnerability allows impacted availability via a quadratic algorithm in xml.dom.minidom methods, such as appendChild, when building excessively nested documents due to a dependency on clearidcache...

CPython 安全漏洞

CPython is a Python interpreter implemented in C from the Python Foundation. A security vulnerability exists in CPython that stems from the default use of Content-Length when reads are not specified, which could lead to a malicious server causing a client to read a large amount of data into memor...

TencentOS Server 3: python3.12 (TSSA-2024:0799)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0799 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

EUVD-2017-1443

Malware in sbrugna...

EUVD-2021-10423

Malware in sbrugna...

EUVD-2024-16245

Malicious code in bioql PyPI...

EUVD-2024-48018

Malicious code in bioql PyPI...

AlmaLinux 9 : python3.11 (ALSA-2025:15010)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:15010 advisory. cpython: Cpython infinite loop when parsing a tarfile CVE-2025-8194 Tenable has extracted the preceding description block directly from the AlmaLinux security...

RHEL 8 : python3 (RHSA-2025:16151)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:16151 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic da...

Moderate: Red Hat Security Advisory: python39:3.9 security update

An update for the python39:3.9 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

CVE-2025-8194

There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives...

BIT-PYTHON-2025-4516 Use-after-free in "unicode_escape" decoder with error handler

There is an issue in CPython when using bytes.decode"unicodeescape", error="ignore|replace". If you are not using the "unicodeescape" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode call in ...

CVE-2025-4435

A flaw was found in CPython's tarfile module. This vulnerability allows unauthorized file extraction via crafted tar archives when TarFile.errorlevel=0, bypassing expected filtering mechanisms. Mitigation Mitigation for this issue is either not available or the currently available options do not...

CPython 安全漏洞

CPython is a Python interpreter implemented in C from the Python Foundation. A security vulnerability exists in CPython that stems from a filter member not being skipped and still being extracted when TarFile.errorlevel = 0...

cpython -- Use-after-free in "unicode_escape" decoder with error handler

[email protected] reports: There is an issue in CPython when using bytes.decode"unicodeescape", error="ignore|replace". If you are not using the "unicodeescape" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap t...

PT-2025-21282

Name of the Vulnerable Software and Affected Versions: CPython affected versions not specified Description: The issue arises when using bytes.decode with the "unicode escape" encoding and an error handler set to "ignore" or "replace". Users not utilizing this specific encoding or error handler ar...

Security Bulletin: There is a vulnerability in CPython used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2024-7592,CVE-2024-6232,CVE-2024-8775)

Summary There is a vulnerability in CPython used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2024-7592 DESCRIPTION: There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing...

Security Bulletin: Vulnerability in Python CPython affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Python CPython has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

Security Bulletin: Vulnerability in Python CPython affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component.

Summary Potential vulnerability in Python CPython has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component.. The vulnerability have been addressed. Refer to details for additional information...