MiracleLinux 7 : rh-python38 (AXSA:2021-2383:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2383:01 advisory. python-cryptography: Bleichenbacher timing oracle attack against RSA decryption CVE-2020-25659 python: Unsafe use of eval on data retrieved via HTTP...

Medium: python38-pip

Issue Overview: python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651 Affected Packages: python38-pip Note: This advisory is applicable to Amazon Linux 2 - Python3.8 Extra. Visit this page to learn more about Amazon Linux 2 AL2 Extras and th...

Important: python38

Issue Overview: The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface. CVE-2022-37454 Affected...

Medium: python38

Issue Overview: The CryptProtectMemory function in cng.sys aka the Cryptography Next Generation driver in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, an...