EulerOS Virtualization 2.10.0 : python-pip (EulerOS-SA-2026-1194)

According to the versions of the python-pip packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, it is possible to disable redirects for all requests...

MiracleLinux 8 : python-idna-2.5-7.el8_10 (AXSA:2024-8515:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8515:02 advisory. python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651 Tenable has extracted the preceding description...

SUSE-SU-2025:3784-1 Security update for afterburn

This update for afterburn fixes the following issues: Update to version 5.9.0.git21.a73f509. Security issues fixed: - CVE-2022-24713: regex: no proper complexity limitation when parsing untrusted regular expressions with large repetitions on empty sub-expressions can lead to excessive resource...

Security update for afterburn

This update for afterburn fixes the following issues: Update to version 5.9.0.git21.a73f509. Security issues fixed: CVE-2022-24713: regex: no proper complexity limitation when parsing untrusted regular expressions with large repetitions on empty sub-expressions can lead to excessive resource...

doge_dns (>=0.2.4-beta <=1.0.2), rev-up-your-harley (>=0.1.0 <=1.0.1) +3 more potentially affected by unknown CVE via unic-idna (>=0.5.0 <=0.9.0)

unic-idna CARGO version =0.5.0, =0.2.4-beta, =0.1.0, =0.1.0, =0.5.0, =0.7.0, =0.9.0 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0085...

Security update for rust-keylime

This update for rust-keylime fixes the following issues: CVE-2025-55159: slab: incorrect bounds check in getdisjointmut function can lead to undefined behavior or potential crash due to out-of-bounds access bsc1248006 CVE-2025-3416: openssl: Use-After-Free in Md::fetch and Cipher::fetch in...

SUSE SLES15 / openSUSE 15 Security Update : snpguest (SUSE-SU-2025:03445-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03445-1 advisory. - CVE-2024-12224: idna: acceptance of Punycode labels that do not produce any non-ASCII output may lead to incorrect...

Security update for snpguest

This update for snpguest fixes the following issues: CVE-2024-12224: idna: acceptance of Punycode labels that do not produce any non-ASCII output may lead to incorrect hostname comparisons and incorrect URL parsing bsc1243869. CVE-2025-3416: openssl: use-after-free in Md::fetch and Cipher::fetch...

NewStart CGSL MAIN 7.02 : python-idna Vulnerability (NS-SA-2025-0144)

The remote NewStart CGSL host, running version MAIN 7.02, has python-idna packages installed that are affected by a vulnerability: - A vulnerability was identified in the kjd/idna library, specifically within the idna.encode function, affecting version 3.6. The issue arises from the function's...

CVE-2024-12224 idna accepts Punycode labels that do not produce any non-ASCII when decoded

Improper Validation of Unsafe Equivalence in punycode by the idna crate from Servo rust-url allows an attacker to create a punycode hostname that one part of a system might treat as distinct while another part of that system would treat as equivalent to another hostname...

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to idna-0.1.5.crate, idna-0.5.0.crate CVE-2024-12224

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to idna-0.1.5.crate, idna-0.5.0.crate CVE-2024-12224. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-12224 DESCRIPTION: idna 0.5.0 and earlier accepts Punycode...

Advisory ROSA-SA-2025-2744

Software: python-idna 2.5 OS: ROSA Virtualization 3.0 packageevrstring: python-idna-2.5-7.0.2.rv30 CVE-ID: CVE-2024-3651 BDU-ID: 2024-04211 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the idna.encode function of the Internationalized Domain Names in Applications IDNA is associated with...

Azure Linux 3.0 Security Update: python-idna / python-pip / python3 / tensorflow (CVE-2024-3651)

The version of python-idna / python-pip / python3 / tensorflow installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-3651 advisory. - A vulnerability was identified in the kjd/idna library, specifically...

Security update for SUSE Manager Client Tools and Salt Bundle

This update for SUSE Manager Client Tools and Salt Bundle the following issues: uyuni-tools: venv-salt-minion: Security fixes on Python 3.11 interpreter: CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes bsc1229873, bsc1230059 CVE-2024-8088: Prevent...

GLSA-202412-17 : idna: Denial of Service

The remote host is affected by the vulnerability described in GLSA-202412-17 idna: Denial of Service A vulnerability has been discovered in idna. Please review the CVE identifier referenced below for details. Tenable has extracted the preceding description block directly from the Gentoo Linux...

`idna` accepts Punycode labels that do not produce any non-ASCII when decoded

idna 0.5.0 and earlier accepts Punycode labels that do not produce any non-ASCII output, which means that either ASCII labels or the empty root label can be masked such that they appear unequal without IDNA processing or when processed with a different implementation and equal when processed with...

Security update for SUSE Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security fixes on Python 3.11 interpreter: CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes bsc1229873, bsc1230059 CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Path...

Security update for SUSE Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security fixes on Python 3.11 interpreter: CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes bsc1229873, bsc1230059 CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Path...

Medium: python38-pip

Issue Overview: python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651 Affected Packages: python38-pip Note: This advisory is applicable to Amazon Linux 2 - Python3.8 Extra. Visit this page to learn more about Amazon Linux 2 AL2 Extras and th...

Amazon Linux 2 : python-idna (ALAS-2024-2680)

The version of python-idna installed on the remote host is prior to 2.4-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2680 advisory. python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651 Tenable has extract...