RHEL 8 : python (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python: Nested zip file Zip bomb vulnerability in Lib/zipfile.py CVE-2019-9674 - Modules/pickle.c in Pyth...

EulerOS Virtualization for ARM 64 3.0.2.0 : python (EulerOS-SA-2020-1516)

According to the versions of the python packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Python Software Foundation Python CPython version 2.7 contains a CWE-77: Improper Neutralization of Special Elements...

EulerOS 2.0 SP8 : python3 (EulerOS-SA-2020-1175)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service resource consumption via a ZIP bomb.CVE-2019-9674 -...

CVE-2019-9674

The CVE-2019-9674 entry affects Python’s Lib/zipfile.py up to Python 3.7.2. It enables remote attackers to cause a denial of service via a ZIP bomb, triggering resource consumption. The vulnerability originates from how zip files are processed in lib/zipfile.py, leading to potential exhaustion of...

CVE-2019-9674

Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service resource consumption via a ZIP bomb...