SUSE SLES12 Security Update : python3 (SUSE-SU-2025:02802-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02802-1 advisory. - CVE-2025-6069: Fixed worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser bsc1244705 -...

SUSE-SU-2025:02787-1 Security update for python3

This update for python3 fixes the following issues: - CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets bsc1247249...

Security update for python3

This update for python3 fixes the following issues: CVE-2025-4516: use-after-free in the unicode-escape decoder when using the error handler bsc1243273. CVE-2024-12718: Fixed extraction filter bypass that allowed file metadata modification outside extraction directory bsc1244056 CVE-2025-4138:...

[SECURITY] Fedora 42 Update: python3.13-3.13.6-1.fc42

Python 3.13 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries...

Security Bulletin: Security vulnerabilities due to libxml2, python3, pam and glibc  packages shipped with IBM CICS TX Standard.

Summary Security vulnerabilities due to libxml2, python3, pam and glibc packages shipped with IBM CICS TX Standard. The package version has been updated. Vulnerability Details CVEID:CVE-2024-12718 DESCRIPTION: Allows modifying some file metadata e.g. last modified with filter="data" or file...

[SECURITY] Fedora 41 Update: mingw-python3-3.11.13-4.fc41

MinGW Windows python3...

[SECURITY] Fedora 42 Update: mingw-python3-3.11.13-4.fc42

MinGW Windows python3...

Fedora 42 : mingw-python3 (2025-2e992ddfa0)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-2e992ddfa0 advisory. Backport fix for CVE-2025-8194. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

Fedora: Security Advisory (FEDORA-2025-64abf2ff21)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 41 : mingw-python3 (2025-64abf2ff21)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-64abf2ff21 advisory. Backport fix for CVE-2025-8194. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

BIT-LIBPYTHON-2024-12718 Bypass extraction filter to modify file metadata outside extraction directory

Allows modifying some file metadata e.g. last modified with filter="data" or file permissions chmod with filter="tar" of files outside the extraction directory. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall or...

BIT-LIBPYTHON-2023-41105

An issue was discovered in Python 3.11 through 3.11.4. If a path containing '\0' bytes is passed to os.path.normpath, the path will be truncated unexpectedly at the first '\0' byte. There are plausible cases in which an application would have rejected a filename for security reasons in Python...

BIT-LIBPYTHON-2022-48560

A use-after-free exists in Python through 3.9 via heappushpop in heapq...

BIT-LIBPYTHON-2020-15801

In Python 3.8.4, sys.path restrictions specified in a python38.pth file are ignored, allowing code to be loaded from arbitrary locations. The .pth file e.g., the python.pth file is not affected...

python3.11-setuptools security update

65.5.1-4 - Security fix for CVE-2025-47273 Resolves: RHEL-101113...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2025-1733)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2025-1764)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2025:02597-1 Security update for python310

This update for python310 fixes the following issues: - CVE-2025-6069: Avoid worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser bsc1244705...

AZL-65984 CVE-2025-8194 affecting package python3 for versions less than 3.9.19-15

There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives...

CLSA-2025-1753209568 python3: Fix of 5 CVEs

CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4435, CVE-2025-4517: fix multiple tarfile extraction filter bypasses filter="tar"/filter="data"...