USN-7015-1: Python vulnerabilities

It was discovered that the Python email module incorrectly parsed email addresses that contain special characters. A remote attacker could possibly use this issue to bypass certain protection mechanisms. CVE-2023-27043 It was discovered that Python allowed excessive backtracking while parsing...

USN-6928-1: Python vulnerabilities

It was discovered that the Python ssl module contained a memory race condition when handling the APIs to obtain the CA certificates and certificate store statistics. This could possibly result in applications obtaining wrong results, leading to various SSL issues. CVE-2024-0397 It was discovered...

Ubuntu 20.04 LTS / 22.04 LTS : Python vulnerabilities (USN-6928-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6928-1 advisory. It was discovered that the Python ssl module contained a memory race condition when handling the APIs to obtain the CA certificates and...

USN-6891-1: Python vulnerabilities

It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. CVE-2015-20107 It was discovered that Python incorrectly used regular expressions vulnerable to...

USN-6891-1 python3.5, python3.6, python3.7, python3.8, python3.9, python3.10, python3.11, python3.12 vulnerabilities

It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. CVE-2015-20107 It was discovered that Python incorrectly used regular expressions vulnerable to...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 : Python vulnerabilities (USN-6891-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6891-1 advisory. It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use...

F5 Networks BIG-IP : Python vulnerabilities (K000139698)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the K000139698 advisory. - Integer overflow in the getdata function in zipimport.c in CPython aka Python before 2.7.12, 3.x before...

Fedora 40 : pypy3.10 (2023-c729dabeb1)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-c729dabeb1 advisory. Automatic update for pypy3.10-7.3.12-1.3.10.fc40. Changelog Wed Jul 26 2023 Miro Hronok - 7.3.12-1.3.10 - Initial PyPy 3.10 package Wed Jul 26 2023...

SUSE SLES15 / openSUSE 15 Security Update : python39 (SUSE-SU-2024:0784-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0784-1 advisory. - xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into...

Fedora 38 : python3.12 (2023-c0bf8c0c4e)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-c0bf8c0c4e advisory. Security fix for CVE-2023-27043 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

SUSE SLED12 / SLES12 Security Update : python (SUSE-SU-2023:4001-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4001-1 advisory. - An XML External Entity XXE issue was discovered in Python through 3.9.1. The plistlib module no longer accep...

Oracle Linux 8 : python27:2.7 (ELSA-2020-1605)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1605 advisory. - The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect...

Oracle Linux 8 : python27:2.7 (ELSA-2019-3335)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3335 advisory. - An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker...

Oracle Linux 6 : python (ELSA-2011-0554)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-0554 advisory. - rebase to 2.6.6: which contains the big whitespace cleanup of r81031 http://www.python.org/download/releases/2.6.6/ - fixup patch 102, patch 11, patc...

Medium: python3.9

Issue Overview: A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using inttext, a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits float, decimal, int.frombytes, and int for binary bases 2, 4, 8, 16,...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python310 (SUSE-SU-2023:0748-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0748-1 advisory. - In Python aka CPython up to 3.10.8, the mailcap module does not add escape characters into...

SUSE SLES15 / openSUSE 15 Security Update : python39 (SUSE-SU-2023:0707-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0707-1 advisory. - In Python aka CPython up to 3.10.8, the mailcap module does not add escape characters into commands discovered in t...

USN-5888-1 python3.9 vulnerabilities

It was discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. CVE-2015-20107 Hamza Avvan discovered that Python incorrectly...

USN-5888-1: Python vulnerabilities

It was discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. CVE-2015-20107 Hamza Avvan discovered that Python incorrectly...

USN-5767-1: Python vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Canonical Ubuntu 22.04 Description Nicky Mouha discovered that Python incorrectly handled certain SHA-3 internals. An attacker could possibly use this issue to cause a crash or execute arbitrary code. CVE-2022-37454 ...