GHSA-QCCP-GFCP-XXVC vulnerabilities

Vulnerabilities for packages: semgrep, kubeflow-pipelines-visualization-server, kubeflow-pipelines, airflow, kubeflow-volumes-web-app, awx, prefect-fips, metaflow-service, dbt-core, datahub-ingestion, gitlab-cng, py3.9-pip, azureml-inference-server-http-fips, spamcheck, synapse, label-studio,...

SUSE: Security Advisory (SUSE-SU-2026:1296-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for python39

This update for python39 fixes the following issues: CVE-2025-13462: incorrect parsing of TarInfo when GNU long name and type AREGTYPE are combined can lead to misinterpretation of tar archives bsc1259611. CVE-2026-3644: incomplete control character validation in http.cookies can lead to input...

Fedora 45 : python3.9 (2026-1fb0e26534)

The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-1fb0e26534 advisory. Automatic update for python3.9-3.9.25-7.fc45. Changelog Thu Mar 26 2026 Lumr Balhar - 3.9.25-7 - Security fix for CVE-2026-4519 rhbz2449735 Tenable has...

Security update for python39

This update for python39 fixes the following issues: CVE-2025-11468: Fixed a header injection when folding a long comment in an email header containing exclusively unfoldable characters. bsc1257029 CVE-2026-0672: Fixed a HTTP header injection via user-controlled cookie values and parameters when...

MiracleLinux 8 : python39:3.9 and python39-devel:3.9 (AXSA:2022-3597:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3597:01 advisory. python-lxml: HTML Cleaner allows crafted and SVG embedded scripts to pass through CVE-2021-43818 Tenable has extracted the preceding description block direct...

MiracleLinux 8 : python39:3.9 and python39-devel:3.9 (AXSA:2024-8498:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8498:01 advisory. python39:3.9/python39: python: Path traversal on tempfile.TemporaryDirectory CVE-2023-6597 python39:3.9/python39: python: The zipfile module is...

MiracleLinux 8 : python39:3.9 and python39-devel:3.9 (AXSA:2023-6216:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6216:01 advisory. python: urllib.parse url blocklisting bypass CVE-2023-24329 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : python39:3.9 and python39-devel:3.9 (AXSA:2024-8745:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8745:01 advisory. python: incorrect IPv4 and IPv6 private ranges CVE-2024-4032 pypa/setuptools: Remote code execution via download functions in the packageindex modul...

MiracleLinux 8 : python39:3.9 (AXSA:2025-10818:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10818:01 advisory. setuptools: Path Traversal Vulnerability in setuptools PackageIndex CVE-2025-47273 cpython: Cpython infinite loop when parsing a tarfile...

Security update for python39

This update for python39 fixes the following issues: CVE-2025-12084: quadratic complexity when building nested elements using xml.dom.minidom methods that depend on clearidcache can lead to availability issues when building excessively nested documents bsc1254997. CVE-2025-13836: use of...

openSUSE Security Advisory (SUSE-SU-2025:4221-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2025:4221-1 Security update for python39

This update for python39 fixes the following issues: Updated to 3.9.24: - CVE-2025-6075: Fixed simple quadratic complexity vulnerabilities of os.path.expandvars bsc1252974 - CVE-2025-8291: Fixed validity of the ZIP64 End of Central Directory EOCD not checked by the 'zipfile' module bsc1251305...

RHSA-2025:16118 Red Hat Security Advisory: python39:3.9 security update

Bulletin has no description...

RHSA-2025:15411 Red Hat Security Advisory: python39:3.9 security update

Bulletin has no description...

RHSA-2025:15410 Red Hat Security Advisory: python39:3.9 security update

Bulletin has no description...

Moderate: Red Hat Security Advisory: python39:3.9 security update

An update for the python39:3.9 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated...

Moderate: Red Hat Security Advisory: python39:3.9 security update

An update for the python39:3.9 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Moderate. A...

Security update for python39

This update for python39 fixes the following issues: CVE-2025-6069: Avoid worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser bsc1244705. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupda...

Security update for python39

This update for python39 fixes the following issues: CVE-2025-0938: domain names containing square brackets are not identified as incorrect by urlparse. bsc1236705 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch...