71 matches found
Huawei EulerOS: Security Advisory for python (EulerOS-SA-2023-1513)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 9 : python3.9 (ELSA-2023-0953)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-0953 advisory. 3.9.14-1.2 - Security fix for CVE-2022-45061 Resolves: rhbz2144072 Tenable has extracted the preceding description block directly from the Oracle Linux security...
AlmaLinux 8 : python3 (ALSA-2023:0833)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:0833 advisory. - A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using inttext, a system could take 50ms to parse a...
SUSE CVE-2022-45061
An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA RFC 3490 decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often...
EulerOS 2.0 SP10 : python3 (EulerOS-SA-2023-1368)
According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to...
Amazon Linux 2022 : python3.10, python3.10-devel, python3.10-idle (ALAS2022-2023-274)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2023-274 advisory. Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non- default configuration. The Python multiprocessing library, when used with the forkserver...
Important: python3
Issue Overview: An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA RFC 3490 decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service...
EulerOS 2.0 SP9 : python3 (EulerOS-SA-2023-1109)
According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA...
EulerOS 2.0 SP9 : python3 (EulerOS-SA-2023-1133)
According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA...
Fedora 35 : python3.8 (2022-e1ce71ff40)
The remote Fedora 35 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-e1ce71ff40 advisory. Update to 3.8.16 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...
Fedora 36 : python3.8 (2022-6d51289820)
The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-6d51289820 advisory. Update 3.8.16 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this issu...
Fedora 36 : mingw-python3 (2022-45d2cfdfa4)
The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-45d2cfdfa4 advisory. Backport patch for CVE-2022-45061. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
Fedora 35 : python3.7 (2022-fdb2739feb)
The remote Fedora 35 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-fdb2739feb advisory. Update to 3.7.16 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...
Fedora 35 : python3.9 (2022-6f4e6120d7)
The remote Fedora 35 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-6f4e6120d7 advisory. Update to 3.9.16 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...
Fedora 35 : python3.11 (2022-e6d0495206)
The remote Fedora 35 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-e6d0495206 advisory. Update to 3.11.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...
Python DoS Vulnerability (Oct 2022) - Linux
Python is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...
Denial Of Service (DoS)
python3 is vulnerable to denial of service DoS attacks. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA RFC 3490 decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service...
CVE-2022-45061
A vulnerability was discovered in Python. A quadratic algorithm exists when processing inputs to the IDNA RFC 3490 decoder, such that a crafted unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be...
OESA-2022-2102 python3 security update
Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...
AZL-11439 CVE-2022-45061 affecting package python3 for versions less than 3.9.14-5
An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA RFC 3490 decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often...