Fedora 36 : pypy3.9 (2023-097dd40685)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-097dd40685 advisory. Update to 7.3.11. See https://doc.pypy.org/en/latest/release-v7.3.11.html Security fix for CVE-2022-37454, CVE-2022-45061, CVE-2022-42919. Tenable h...

USN-5767-1: Python vulnerabilities

Nicky Mouha discovered that Python incorrectly handled certain SHA-3 internals. An attacker could possibly use this issue to cause a crash or execute arbitrary code. CVE-2022-37454 It was discovered that Python incorrectly handled certain IDNA inputs. An attacker could possibly use this issue to...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Python vulnerabilities (USN-5767-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5767-1 advisory. Nicky Mouha discovered that Python incorrectly handled certain SHA-3 internals. An attacker could possibly use this issue to caus...

SUSE SLED15 / SLES15 Security Update : python310 (SUSE-SU-2022:4004-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4004-1 advisory. - Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-...

SUSE SLED15 / SLES15 Security Update : python310 (SUSE-SU-2022:3473-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3473-1 advisory. - A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using...

SUSE SLES15 Security Update : python3 (SUSE-SU-2022:2351-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2351-1 advisory. - In Python aka CPython up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system...

Amazon Linux 2 : python (ALAS-2022-1802)

The version of python installed on the remote host is prior to 2.7.18-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1802 advisory. In Python3's Lib/test/multibytecodecsupport.py CJK codec tests call eval on content retrieved via HTTP. CVE-2020-27619 The...

openSUSE 15 Security Update : python (openSUSE-SU-2022:1091-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:1091-1 advisory. - A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issu...

Ubuntu 18.04 LTS : Python vulnerabilities (USN-5200-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5200-1 advisory. It was discovered that the urllib.request.AbstractBasicAuthHandler class in Python contains regex allowing for catastrophic backtracking. Specially craft...

SUSE SLED15 / SLES15 Security Update : python3 (SUSE-SU-2021:4104-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:4104-1 advisory. - There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user...

SUSE SLED15 / SLES15 Security Update : python3 (SUSE-SU-2021:4015-1)

The remote SUSE Linux SLED15 / SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:4015-1 advisory. - There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user...

Python < 2.6.8, 2.7.x < 2.7.3, 3.1.x < 3.1.5, 3.2.x < 3.2.3 Hash DoS (bpo-13703) - Linux

Python is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...

SUSE SLED15 / SLES15 Security Update : python (SUSE-SU-2021:3489-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3489-1 advisory. - There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client such...

OPENSUSE-SU-2021:3489-1 Security update for python

This update for python fixes the following issues: - CVE-2021-3737: Fixed http client infinite line reading DoS after a http 100. bsc1189241 - CVE-2021-3733: Fixed ReDoS in urllib.request. bsc1189287...

USN-5083-1 python3.4, python3.5 vulnerabilities

It was discovered that Python incorrectly handled certain RFCs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 ESM. CVE-2021-3733 It was discovered that Python incorrectly handled certain server responses. An attacker could possibly u...

USN-5083-1: Python vulnerabilities

It was discovered that Python incorrectly handled certain RFCs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 ESM. CVE-2021-3733 It was discovered that Python incorrectly handled certain server responses. An attacker could possibly u...

Ubuntu 16.04 ESM : Python vulnerabilities (USN-5083-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5083-1 advisory. It was discovered that Python incorrectly handled certain RFCs. An attacker could possibly use this issue to cause a denial of service. This issue only...

F5 Networks BIG-IP : Python vulnerabilities (K57542514)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.0. It is, therefore, affected by multiple vulnerabilities as referenced in the K57542514 advisory. Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding with an...

Security Bulletin: Vulnerabilities in Python, Tornado, and Urllib3 affect IBM Spectrum Protect Plus Microsoft File Systems Backup and Restore

Summary IBM Spectrum Protect Plus Microsoft® File Systems backup and restore may be affected by vulnerabilities in Python, Tornado. and Urllib3 such as server-side request forgery, HTTP response splitting, buffer overflow, and man-in-the-middle attacks. Vulnerability Details CVEID: CVE-2021-29921...

Security Bulletin: Streams service for IBM Cloud Pak for Data might be affected by some underlying Python vulnerabilities

Summary Streams service for IBM Cloud Pak for Data might be affected by some underlying Python vulnerabilities Vulnerability Details CVEID: CVE-2020-8492 DESCRIPTION: Python is vulnerable to a denial of service, caused by a flaw in the urllib.request.AbstractBasicAuthHandler. By sending a special...