MiracleLinux 7 : python-2.7.5-69.0.1.el7.AXS7 (AXSA:2018-3246:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3246:03 advisory. A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the- middle attacker could use this flaw to recover some...

EUVD-2024-16193

Malicious code in bioql PyPI...

Security update for python-requests

This update for python-requests fixes the following issues: Add patch to inject the default CA bundles if they are not specified. bsc1226321, bsc1231500 Remove Requires on python-py. update to 2.32.3: Fixed bug breaking the ability to specify custom SSLContexts in sub-classes of HTTPAdapter. Fixe...

Linux Distros Unpatched Vulnerability : CVE-2024-0397

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A defect was discovered in the Python ssl module where there is a memory race condition with the ssl.SSLContext methods certstorestats and getcacerts. The race...

BIT-PYTHON-MIN-2024-0397 Memory race condition in ssl.SSLContext certificate store methods

A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “certstorestats” and “getcacerts”. The race condition can be triggered if the methods are called at the same time as certificates are loaded into the SSLContext, such as durin...

EulerOS 2.0 SP11 : python3 (EulerOS-SA-2024-2971)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A defect was discovered in the Python ssl module where there is a memory race condition with the ssl.SSLContext methods certstorestats and...

EulerOS 2.0 SP11 : python3 (EulerOS-SA-2024-2985)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A defect was discovered in the Python ssl module where there is a memory race condition with the ssl.SSLContext methods certstorestats and...

AZL-42784 CVE-2024-0397 affecting package python3 for versions less than 3.12.3-1

A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “certstorestats” and “getcacerts”. The race condition can be triggered if the methods are called at the same time as certificates are loaded into the SSLContext, such as durin...

Low: python-tornado

Issue Overview: A denial of service flaw was found in the way Python's SSL module implementation performed matching of certain certificate names. A remote attacker able to obtain a valid certificate that contained multiple wildcard characters could use this flaw to issue a request to validate suc...

RHEL 6 : cloud-init (RHSA-2015:0042)

Updated cloud-init packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Common for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base...

Important: Red Hat Security Advisory: rhev-hypervisor6 security and bug fix update

An updated rhev-hypervisor6 package that fixes multiple security issues and one bug is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...