pip 安全漏洞

pip is a Python package installer developed by the Python Packaging Authority. Versions of pip prior to 26.1 contained security vulnerabilities. These vulnerabilities stemmed from the self-update check feature, which ran after the installation of wheel files, potentially leading to the import of...

python27:2.7 security update

An update is available for python-mock, module.python-sqlalchemy, python-backports-sslmatchhostname, python-attrs, python-chardet, python2-rpm-macros, module.numpy, module.python-mock, python-pymongo, python-markupsafe, python2-six, module.python-funcsigs, module.python-pygments,...

python39:3.9 and python39-devel:3.9 security update

An update is available for module.modwsgi, module.python-psutil, python-packaging, module.Cython, module.python-iniconfig, module.python-wcwidth, module.python-ply, python-psutil, python-chardet, module.python-pluggy, python-lxml, python-pysocks, python-wcwidth, python-pluggy, module.python-attrs...

python38:3.8 and python38-devel:3.8 security update

An update is available for module.modwsgi, module.python-psutil, python-packaging, module.Cython, module.python3x-setuptools, module.python-wcwidth, module.python-ply, python-psycopg2, python-psutil, python-chardet, module.python-pluggy, python-lxml, python-pysocks, python-wcwidth, python-pluggy,...

TencentOS Server 3: python39:3.9 and python39-devel:3.9 (TSSA-2024:0768)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0768 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

OPENSUSE-SU-2025:20074-1 Security update for certbot

This update for certbot fixes the following issues: This update adds the certbot stack. python modules: ConfigArgParse, acme, certbot, certbot-nginx, josepy, pyRFC3339...

EUVD-2008-3133

Malware in sbrugna...

EUVD-2008-4375

Malware in sbrugna...

EUVD-2022-0040

Malicious code in bioql PyPI...

python36:3.6 security update

An update is available for module.python-virtualenv, python-virtualenv, python-distro, module.scipy, module.python-nose, module.python-wheel, module.python36, module.python-docutils, module.python-pygments, module.python-PyMySQL, python36, python-docs, python-pygments, scipy, python-PyMySQL,...

python36:3.6 bug fix and enhancement update

An update is available for module.python-sqlalchemy, module.python36, module.python-wheel, python-virtualenv, python-PyMySQL, python-wheel, python-distro, python-docutils, module.python-nose, python-docs, python36, module.scipy, scipy, module.python-docutils, python-pymongo, module.python-pygment...

PYSEC-2025-122

The Keras Model.loadmodel function permits arbitrary code execution, even with safemode=True, through a manually constructed, malicious .keras archive. By altering the config.json file within the archive, an attacker can specify arbitrary Python modules and functions, along with their arguments, ...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : clamav (SUSE-SU-2025:0327-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0327-1 advisory. New version 1.4.2: CVE-2025-20128, bsc1236307: Fixed a possible buffer overflow read bug in the...

RHEL 5 : gedit (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gedit: untrusted python modules search path CVE-2009-0314 - gedit: CPU consumption via crafted file...

RHEL 5 : xchat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - xchat: untrusted python modules search path CVE-2009-0315 - xchat/hexchat: does not verify the server...

RHEL 6 : xchat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - xchat: untrusted python modules search path CVE-2009-0315 - xchat/hexchat: does not verify the server...

python39 bug fix update

An update is available for python-pluggy, module.python-iniconfig, module.python-psycopg2, module.python-more-itertools, module.python3x-pip, module.python-ply, python-requests, python-psutil, numpy, module.python-psutil, module.python-pycparser, module.python-cffi, pytest, module.python39,...

DL1 bug fix update

An update is available for python-jwcrypto, python-qrcode, module.python-yubico, python-yubico, module.opendnssec, module.pyusb, python-kdcproxy, softhsm, pyusb, custodia, module.custodia, module.python-kdcproxy, bind-dyndb-ldap, opendnssec, module.python-jwcrypto, module.softhsm,...

SUSE CVE-2014-0472

The django.core.urlresolvers.reverse function in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 allows remote attackers to import and execute arbitrary Python modules by leveraging a view that constructs URLs using user input and a "dotted Python path."...

SUSE CVE-2019-7653

The Debian python-rdflib-tools 4.2.2-1 package for RDFLib 4.2.2 has CLI tools that can load Python modules from the current working directory, allowing code injection, because "python -m" looks in this directory, as demonstrated by rdf2dot. This issue is specific to use of the debian/scripts...