MiracleLinux 7 : rh-python38 (AXSA:2021-2383:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2383:01 advisory. python-cryptography: Bleichenbacher timing oracle attack against RSA decryption CVE-2020-25659 python: Unsafe use of eval on data retrieved via HTTP...

Medium: python38-pip

Issue Overview: python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651 Affected Packages: python38-pip Note: This advisory is applicable to Amazon Linux 2 - Python3.8 Extra. Visit this page to learn more about Amazon Linux 2 AL2 Extras and th...

The vulnerability of the python38._pth file of the Python interpreter lies in its ability to ignore the restrictions specified in the python38._pth file within sys.path. This allows a malicious actor to execute arbitrary code.

The vulnerability of the python38.pth file of the Python interpreter involves ignoring the restrictions specified in the python38.pth file within sys.path. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Medium: python38

Issue Overview: The CryptProtectMemory function in cng.sys aka the Cryptography Next Generation driver in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, an...

Important: python38

Issue Overview: The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface. CVE-2022-37454 Affected...