69 matches found
Siemens SIMATIC S7-1500 Improper Limitation of a Pathname to a Restricted Directory (CVE-2019-9948)
urllib in Python 2.x through 2.7.16 supports the localfile: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen'localfile:///etc/passwd' call. This plugin only works with Tenable.ot. Please...
Linux Distros Unpatched Vulnerability : CVE-2019-9948
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - urllib in Python 2.x through 2.7.16 supports the localfile: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist...
Photon OS 2.0: Python2 PHSA-2019-2.0-0146
An update of the python2 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-2.0-0146. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Ubuntu: Security Advisory (USN-6891-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 6 / 7 : rh-python36-python (RHSA-2019:3725)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3725 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high leve...
RHEL 6 / 7 : python27-python (RHSA-2019:1700)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1700 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high leve...
K28622040: Python vulnerability CVE-2019-9948
Security Advisory Description urllib in Python 2.x through 2.7.16 supports the localfile: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen'localfile:///etc/passwd' call. CVE-2019-9948 Impac...
SUSE CVE-2019-9948
urllib in Python 2.x through 2.7.16 supports the localfile: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen'localfile:///etc/passwd' call...
F5 Networks BIG-IP : Python vulnerability (K28622040)
The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.5 / 15.1.4.1 / 16.1.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K28622040 advisory. - urllib in Python 2.x through 2.7.16 supports the localfile: scheme, which makes it...
Mageia: Security Advisory (MGASA-2019-0165)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2019-0318)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Python 2.x < 2.7.17, 3.5.x < 3.5.8, 3.6.x < 3.6.9, 3.7.x < 3.7.4 Protection Bypass Vulnerability (bpo-35907) - Windows
Python is prone to a protection bypass vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescripti...
SUSE: Security Advisory (SUSE-SU-2019:14018-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:0972-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:1439-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: [All] Python (Publicly disclosed vulnerability)
Summary Vulnerabilities in Open Source Python affect IBM Tivoli Application Dependency Discovery Manager. Vulnerability Details CVEID: CVE-2019-9948 DESCRIPTION: Python could allow a remote attacker to bypass security restrictions, caused by improper input validation by the urllib. By sending a...
Debian DLA-2337-1 : python2.7 security update
Multiple vulnerabilities were discovered in Python2.7, an interactive high-level object-oriented language. CVE-2018-20852 By using a malicious server an attacker might steal cookies that are meant for other domains. CVE-2019-5010 NULL pointer dereference using a specially crafted X509 certificate...
[SECURITY] [DLA 2337-1] python2.7 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2337-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz August 22, 2020 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 2280-1] python3.5 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2280-1 [email protected] https://www.debian.org/lts/security/ July 15, 2020 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package :...
RHEL 7 : python (RHSA-2020:1462)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1462 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...