Amazon Linux 2 : python3 (ALAS-2025-2754)

The version of python3 installed on the remote host is prior to 3.7.16-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2754 advisory. The urllib.parse.urlsplit and urlparse functions improperly validated bracketed hosts , allowing hosts that weren't IPv6 ...

GHSA-5QJR-CJ9F-PHRX vulnerabilities

Vulnerabilities for packages: python...

GHSA-PH84-RCJ2-FXXM vulnerabilities

Vulnerabilities for packages: python...

GHSA-5QJR-CJ9F-PHRX vulnerabilities

Vulnerabilities for packages: python...

GHSA-79WF-QGRG-2P6C vulnerabilities

Vulnerabilities for packages: python...

GHSA-GRQQ-HCC7-CRMR vulnerabilities

Vulnerabilities for packages: python...

Medium: python3

Issue Overview: The urllib.parse.urlsplit and urlparse functions improperly validated bracketed hosts , allowing hosts that weren't IPv6 or IPvFuture. This behavior was not conformant to RFC 3986 and potentially enabled SSRF if a URL is processed by more than one URL parser. CVE-2024-11168 There ...

Medium: python3

Issue Overview: The urllib.parse.urlsplit and urlparse functions improperly validated bracketed hosts , allowing hosts that weren't IPv6 or IPvFuture. This behavior was not conformant to RFC 3986 and potentially enabled SSRF if a URL is processed by more than one URL parser. CVE-2024-11168 There ...

Photon OS 3.0: Python PHSA-2024-3.0-0797

An update of the python package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-3.0-0797. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python312 (SUSE-SU-2025:0521-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0521-1 advisory. - CVE-2025-0938: Functions urllib.parse.urlsplit and urlparse accept domain names including squa...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python311 (SUSE-SU-2025:0551-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:0551-1 advisory. - CVE-2025-0938: domain names containing square brackets are not identified as incorrect by urlparse...

SUSE-SU-2025:0514-1 Security update for python

This update for python fixes the following issues: - CVE-2025-0938: functions urllib.parse.urlsplit and urlparse accept domain names including square brackets bsc1236705...

Security Bulletin: Multiple security vulnerabilities in Python affect IBM Robotic Process Automation

Summary Multiple security vulnerabilities in Python affect IBM Robotic Process Automation. Python is used by IBM Robotic Process Automation as part of Watson NLP. This bulletin identifies the fixes to resolve the vulnerabilities. Vulnerability Details CVEID:CVE-2024-49767 DESCRIPTION: Werkzeug is...

BIT-PYTHON-MIN-2022-26488

In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local attacker to add user-writable directories to the system search path. To exploit, an administrator must have installed Python for all users and enabl...

Ubuntu: Security Advisory (USN-7212-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 20.04 LTS / 22.04 LTS : Python 2.7 vulnerabilities (USN-7212-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7212-1 advisory. It was discovered that Python incorrectly handled certain ZIP files. An attacker could possibly use this issue to cause a denial of service...

EulerOS 2.0 SP10 : python3 (EulerOS-SA-2025-1010)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822...

EulerOS 2.0 SP10 : python3 (EulerOS-SA-2025-1027)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822...

USN-7180-1: Python vulnerabilities

It was discovered that Python incorrectly handled certain scripts. An attacker could possibly use this issue to execute arbitrary code or cause a crash. CVE-2022-48560 It was discovered that Python did not properly handle XML entity declarations in plist files. An attacker could possibly use this...

Ubuntu 20.04 LTS / 22.04 LTS : Python vulnerabilities (USN-7180-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7180-1 advisory. It was discovered that Python incorrectly handled certain scripts. An attacker could possibly use this issue to execute arbitrary code or cau...