73 matches found
Low: python3
Issue Overview: The "ipaddress" module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as "globally reachable" or "private". This affected the isprivate and isglobal properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address...
Low: python-ipaddress
Issue Overview: The "ipaddress" module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as "globally reachable" or "private". This affected the isprivate and isglobal properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address...
Low: python3
Issue Overview: The "ipaddress" module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as "globally reachable" or "private". This affected the isprivate and isglobal properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address...
Amazon Linux 2023 : python3.11, python3.11-devel, python3.11-idle (ALAS2023-2025-829)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-829 advisory. Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. dot dot...
BIT-PYTHON-MIN-2024-4032 Incorrect IPv4 and IPv6 private ranges
The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the isprivate and isglobal properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.8.1.6)
The version of AOS installed on the remote host is prior to 6.8.1.6. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.8.1.6 advisory. - An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for mgroupSiz...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.10.0.5)
The version of AOS installed on the remote host is prior to 6.10.0.5. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.10.0.5 advisory. - An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for...
Amazon Linux 2023 : python3, python3-devel, python3-idle (ALAS2023-2024-790)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-790 advisory. Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. dot dot...
EulerOS 2.0 SP11 : python3 (EulerOS-SA-2024-2971)
According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A defect was discovered in the Python ssl module where there is a memory race condition with the ssl.SSLContext methods certstorestats and...
SUSE SLES15 / openSUSE 15 Security Update : python (SUSE-SU-2024:4151-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:4151-1 advisory. - CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses bsc1233307 Other fixes: - Add ipaddress module from...
EulerOS 2.0 SP11 : python3 (EulerOS-SA-2024-2985)
According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A defect was discovered in the Python ssl module where there is a memory race condition with the ssl.SSLContext methods certstorestats and...
SUSE-SU-2024:4165-1 Security update for python
This update for python fixes the following issues: - CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses bsc1233307 Other fixes: - Add ipaddress module from https://github.com/phihag/ipaddress - Remove -IVendor/ from python-config bsc1231795 - Stop using %%defattr, it seems ...
Security update for python
This update for python fixes the following issues: CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses bsc1233307 Other fixes: - Add ipaddress module from https://github.com/phihag/ipaddress - Remove -IVendor/ from python-config bsc1231795 - Stop using %%defattr, it seems...
Security update for python
This update for python fixes the following issues: CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses bsc1233307 Other fixes: - Add ipaddress module from https://github.com/phihag/ipaddress - Remove -IVendor/ from python-config bsc1231795 - Stop using %%defattr, it seems...
SUSE-SU-2024:4151-1 Security update for python
This update for python fixes the following issues: - CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses bsc1233307 Other fixes: - Add ipaddress module from https://github.com/phihag/ipaddress - Remove -IVendor/ from python-config bsc1231795 - Stop using %%defattr, it seems ...
python: incorrect IPv4 and IPv6 private ranges
A flaw was found in Python. The ipaddress module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. Due to this issue, it is possible that values will not be returned in accordance with the latest information from th...
CLSA-2024-1728403634 python3: Fix of CVE-2024-4032
CVE-2024-4032: update ipaddress module to reflect latest IANA Special-Purpose Address Registries...
CBL Mariner 2.0 Security Update: python3 (CVE-2024-4032)
The version of python3 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4032 advisory. - The ipaddress module contained incorrect information about whether certain IPv4 and IPv6 addresses were...
Updated python3 packages fix security vulnerabilities
A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “certstorestats” and “getcacerts”. The race condition can be triggered if the methods are called at the same time as certificates are loaded into the SSLContext, such as durin...
python: incorrect IPv4 and IPv6 private ranges
A flaw was found in Python. The ipaddress module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. Due to this issue, it is possible that values will not be returned in accordance with the latest information from th...