Fedora 37 : pypy3.9 (2023-af5206f71d)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-af5206f71d advisory. Update to 7.3.11. See https://doc.pypy.org/en/latest/release-v7.3.11.html Security fix for CVE-2022-37454, CVE-2022-45061, CVE-2022-42919. Tenable h...

EulerOS Virtualization 2.11.0 : python3 (EulerOS-SA-2024-1434)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It...

Rocky Linux 9 : python3.9 (RLSA-2022:8493)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:8493 advisory. - Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non- default configuration. The Python multiprocessing...

AlmaLinux 8 : python27:2.7 (ALSA-2023:5994)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:5994 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that Nessus h...

CentOS 8 : python39:3.9 and python39-devel:3.9 (CESA-2023:5998)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:5998 advisory. - An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers such as HT...

Amazon Linux 2022 : python3.10, python3.10-devel, python3.10-idle (ALAS2022-2023-274)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2023-274 advisory. Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non- default configuration. The Python multiprocessing library, when used with the forkserver...

Amazon Linux 2022 : python3, python3-devel, python3-idle (ALAS2022-2023-273)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2023-273 advisory. Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non- default configuration. The Python multiprocessing library, when used with the forkserver...

Fedora 35 : python3.9 (2022-1166a1df1e)

The remote Fedora 35 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-1166a1df1e advisory. Security fix for CVE-2022-42919 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

Fedora 35 : python3.11 (2022-a04a020e48)

The remote Fedora 35 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-a04a020e48 advisory. The final release of Python 3.11.0. Contains security fix for CVE-2022-42919. Tenable has extracted the preceding description block directly from th...

AlmaLinux 9 : python3.9 (ALSA-2022:8493)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:8493 advisory. - Python 3.9.x and 3.10.x through 3.10.8 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used...

AlmaLinux 8 : python39:3.9 (ALSA-2022:8492)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:8492 advisory. python: local privilege escalation via the multiprocessing forkserver start method CVE-2022-42919 Tenable has extracted the preceding description block directly fr...

Python Privilege Escalation Vulnerability (Sep 2022) - Linux

Python is prone to a local privilege escalation vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...

PSF-2022-9 Linux specific local privilege escalation via the multiprocessing forkserver start method

Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network...