Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

663 matches found

Tenable Nessus
Tenable Nessusadded 2024/05/01 12:0 a.m.39 views

SUSE SLES15 Security Update : python311 (SUSE-SU-2024:0782-2)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0782-2 advisory. - xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs...

9.8CVSS7.1AI score0.33936EPSS
Exploits1References10
Tenable Nessus
Tenable Nessusadded 2024/04/29 12:0 a.m.46 views

Amazon Linux 2023 : python3, python3-devel, python3-idle (ALAS2023-2024-605)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-605 advisory. An issue was found in the CPython zipfile module affecting versions 3.12.2, 3.11.8, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is vulnerable to quoted-overlap zip-bombs which exploit the...

6.2CVSS7AI score0.00333EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2024/04/22 9:4 p.m.27 views

CVE-2024-0450

A flaw was found in the Python/CPython 'zipfile' that can allow a zip-bomb type of attack. An attacker may craft a zip file format, leading to a Denial of Service when processed. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the Red Hat...

6.2CVSS6.9AI score0.00333EPSS
Exploits0References3
Amazon
Amazonadded 2024/04/18 12:0 a.m.32 views

Medium: python3

Issue Overview: An issue was found in the CPython zipfile module affecting versions 3.12.2, 3.11.8, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is vulnerable to "quoted-overlap" zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed...

6.2CVSS7.3AI score0.00333EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2024/04/18 12:0 a.m.59 views

Amazon Linux 2 : python3 (ALAS-2024-2515)

The version of python3 installed on the remote host is prior to 3.7.16-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2515 advisory. An issue was found in the CPython zipfile module affecting versions 3.12.2, 3.11.8, 3.10.13, 3.9.18, and 3.8.18 and prior. The...

6.2CVSS7.1AI score0.00333EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2024/04/17 12:0 a.m.38 views

Amazon Linux 2023 : python3.11, python3.11-devel, python3.11-idle (ALAS2023-2024-588)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-588 advisory. An issue was found in the CPython zipfile module affecting versions 3.12.2, 3.11.8, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is vulnerable to quoted-overlap zip-bombs which exploit the...

6.2CVSS7AI score0.00333EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2024/04/09 12:0 a.m.27 views

SUSE SLES15 / openSUSE 15 Security Update : python310 (SUSE-SU-2024:1162-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1162-1 advisory. - libexpat through 2.5.0 allows a denial of service resource consumption because many full reparsings are required in...

7.8CVSS7.2AI score0.01815EPSS
Exploits1References12
Mageia
Mageiaadded 2024/03/28 3:52 a.m.64 views

Updated python3, python packages fix security vulnerabilities

The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged programs are potentially able to modify permissions of files referenced by symlinks in some circumstances. CVE-2023-6597 The zipfile module is...

7.8CVSS6.6AI score0.00333EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2024/03/28 12:0 a.m.33 views

SUSE SLES15 / openSUSE 15 Security Update : python39 (SUSE-SU-2024:1009-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1009-1 advisory. - libexpat through 2.5.0 allows a denial of service resource consumption because many full reparsings are required in...

7.8CVSS7.2AI score0.01815EPSS
Exploits1References11
Tenable Nessus
Tenable Nessusadded 2024/03/24 12:0 a.m.32 views

Debian dla-3771 : idle-python2.7 - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3771 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3771-1 [email protected] https://www.debian.org/lts/security/...

6.2CVSS7.1AI score0.00333EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2024/03/24 12:0 a.m.39 views

Debian dla-3772 : idle-python3.7 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3772 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3772-1 [email protected]...

7.8CVSS7AI score0.00333EPSS
Exploits0References6
Tenable Nessus
Tenable Nessusadded 2024/03/20 12:0 a.m.39 views

Slackware Linux 15.0 / current python3 Multiple Vulnerabilities (SSA:2024-080-01)

The version of python3 installed on the remote host is prior to 3.9.19. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2024-080-01 advisory. - libexpat through 2.5.0 allows a denial of service resource consumption because many full reparsings are required in the...

7.8CVSS7.2AI score0.01815EPSS
Exploits1References4
OSV
OSVadded 2024/03/19 4:15 p.m.3 views

AZL-42573 CVE-2024-0450 affecting package python3 for versions less than 3.12.3-1

An issue was found in the CPython zipfile module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is vulnerable to “quoted-overlap” zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython...

6.2CVSS6.7AI score0.00333EPSS
Exploits0References1
NVD
NVDadded 2024/03/19 4:15 p.m.22 views

CVE-2024-0450

An issue was found in the CPython zipfile module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is vulnerable to “quoted-overlap” zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython...

6.2CVSS6.4AI score0.00333EPSS
Exploits0References18
OSV
OSVadded 2024/03/19 4:15 p.m.29 views

CVE-2024-0450

An issue was found in the CPython zipfile module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is vulnerable to “quoted-overlap” zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython...

6.2CVSS6AI score
Exploits0References18
NVD
NVDadded 2024/03/19 4:15 p.m.30 views

CVE-2023-6597

An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged...

7.8CVSS7.4AI score0.0031EPSS
Exploits0References14
OSV
OSVadded 2024/03/19 4:15 p.m.5 views

AZL-35949 CVE-2023-6597 affecting package python3 for versions less than 3.9.19-1

An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged...

7.8CVSS6.7AI score0.0031EPSS
Exploits0References1
OSV
OSVadded 2024/03/19 4:15 p.m.47 views

CVE-2023-6597

An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged...

7.8CVSS6.3AI score
Exploits0References14
UbuntuCve
UbuntuCveadded 2024/03/19 4:15 p.m.28 views

CVE-2024-0450

An issue was found in the CPython zipfile module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is vulnerable to “quoted-overlap” zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython...

6.2CVSS6.8AI score0.00333EPSS
Exploits0References5
UbuntuCve
UbuntuCveadded 2024/03/19 4:15 p.m.281 views

CVE-2023-6597

An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged...

7.8CVSS6.8AI score0.0031EPSS
Exploits0References5
Rows per page
Query Builder