Fedora 43 : python3.9 (2026-975a15098b)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-975a15098b advisory. Security fix for CVE-2025-12084 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

SUSE SLES12 Security Update : python3 (SUSE-SU-2026:0210-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0210-1 advisory. Security fixes: - CVE-2025-4517: Fixed arbitrary filesystem writes outside the extraction directory during extraction with filter='data'...

Fedora 42 : python3.9 (2026-43e2b1e209)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-43e2b1e209 advisory. Security fix for CVE-2025-12084 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Amazon Linux 2023 : python3.11-pip, python3.11-pip-wheel (ALAS2023-2026-1368)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1368 advisory. urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious server...

CLSA-2026-1769084959 python3.11: Fix of CVE-2025-12084

CVE-2025-12084: fix denial-of-service by removing quadratic behavior in xml.dom.minidom node ID cache clearing when building deeply nested documents...

[SECURITY] Fedora 42 Update: mingw-python3-3.11.14-5.fc42

MinGW Windows python3...

Azure Linux 3.0 Security Update: python3 / tensorflow (CVE-2024-8088)

The version of python3 / tensorflow installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-8088 advisory. - There is a HIGH severity vulnerability affecting the CPython zipfile module affecting...

CLSA-2026-1769020780 python3.9: Fix of CVE-2025-12084

CVE-2025-12084: fix denial-of-service by removing quadratic behavior in xml.dom.minidom node ID cache clearing when building deeply nested documents...

AZL-75044 CVE-2026-0672 affecting package python3 for versions less than 3.9.19-18

When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters...

CLSA-2026-1768911433 python3.11: Fix of CVE-2025-12084

CVE-2025-12084: fix denial-of-service by removing quadratic behavior in xml.dom.minidom node ID cache clearing when building deeply nested documents...

MiracleLinux 8 : python3.11-3.11.2-2.el8.2 (AXSA:2023-6479:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6479:04 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 8 : python39:3.9 and python39-devel:3.9 (AXSA:2023-6552:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6552:01 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 9 : python3.9-3.9.18-3.el9_4.6 (AXSA:2024-8947:06)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8947:06 advisory. python: cpython: tarfile: ReDos via excessive backtracking while parsing header values CVE-2024-6232 Tenable has extracted the preceding description block...

MiracleLinux 9 : python3.11-3.11.2-2.el9.2 (AXSA:2023-6478:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6478:03 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 8 : python36:3.6 (AXSA:2024-9397:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9397:01 advisory. virtualenv: potential command injection via virtual environment activation scripts CVE-2024-53899 Tenable has extracted the preceding description block...

CentOS 9 : python3.9-3.9.25-3.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the python3.9-3.9.25-3.el9 build changelog. - When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is...

MiracleLinux 9 : python3.9-3.9.21-1.el9_5 (AXSA:2024-9439:09)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9439:09 advisory. python: Virtual environment venv activation scripts don't quote paths CVE-2024-9287 python: Improper validation of IPv6 and IPvFuture addresses...

MiracleLinux 9 : python3.9-3.9.14-1.el9.2 (AXSA:2023-5191:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5191:01 advisory. Python: CPU denial of service via inefficient IDNA decoder CVE-2022-45061 Tenable has extracted the preceding description block directly from the MiracleLinu...

Debian dla-4445 : idle-python3.9 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4445 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4445-1 [email protected]...

MiracleLinux 9 : python3.11-3.11.11-2.el9_6.2 (AXSA:2025-10821:09)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10821:09 advisory. cpython: Cpython infinite loop when parsing a tarfile CVE-2025-8194 Tenable has extracted the preceding description block directly from the MiracleLinux...