Important Photon OS Security Update - PHSA-2026-5.0-0729

Updates of 'python3' packages of Photon OS have been released...

Photon OS 4.0: Python3 PHSA-2026-4.0-0938

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-0938. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

RockyLinux 8 : python3.12 (RLSA-2026:0123)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:0123 advisory. cpython: python: Python zipfile End of Central Directory EOCD Locator record offset not checked CVE-2025-8291 cpython: python: cpython: Quadratic algorit...

Photon OS 5.0: Python3 PHSA-2025-5.0-0595

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0595. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Python3 PHSA-2025-4.0-0853

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0853. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Medium: python3.9

Issue Overview: When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building excessively nested documents. CVE-2025-12084 When loading a plist file, the plistlib module...

Moderate: Red Hat Security Advisory: python3.12 security update

An update for python3.12 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Photon OS 5.0: Python3 PHSA-2026-5.0-0726

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0726. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

ALSA-2026:0123 Moderate: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python3 (SUSE-SU-2026:0027-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0027-1 advisory. - CVE-2025-12084: cpython: Fixed quadratic algorithm in xml.dom.minidom leading to denial of...

Medium: python3

Issue Overview: When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building excessively nested documents. CVE-2025-12084 When loading a plist file, the plistlib module...

Security update for python3

This update for python3 fixes the following issues: CVE-2025-12084: cpython: Fixed quadratic algorithm in xml.dom.minidom leading to denial of service bsc1254997 CVE-2025-13836: Fixed default Content-Lenght read amount from HTTP response bsc1254400 CVE-2025-13837: Fixed plistlib module denial of...

Unity Linux 20.1070e Security Update: python3 (UTSA-2025-993334)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993334 advisory. When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can b...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2025-2614)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2025-2628)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Unity Linux 20.1070e Security Update: python3 (UTSA-2025-993333)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993333 advisory. When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues Tenable has...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python3 (UTSA-2025-992148)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992148 advisory. Allows arbitrary filesystem writes outside the extraction directory during extraction with filter=data. You are affected by this vulnerability if using the...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python3 (UTSA-2025-992149)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992149 advisory. Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata. You are...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python3 (UTSA-2025-992150)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992150 advisory. Allows modifying some file metadata e.g. last modified with filter=dataor file permissions chmod with filter=tarof files outside the extraction directory. You are...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python3 (UTSA-2025-992143)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992143 advisory. If the value passed to os.path.expandvars is user-controlled a performance degradation is possible when expanding environment variables. Tenable has extracted the...