MiracleLinux 7 : python3-3.6.8-13.el7 (AXSA:2020-4552:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-4552:01 advisory. python: Cookie domain check returns incorrect results CVE-2018-20852 python: email.utils.parseaddr wrongly parses email addresses CVE-2019-16056...

MiracleLinux 7 : python-2.7.5-93.0.1.el7.AXS7 (AXSA:2023-6068:37)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6068:37 advisory. python: urllib.parse url blocklisting bypass CVE-2023-24329 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : python3-3.6.8-31.el8 (AXSA:2021-1204:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1204:01 advisory. python: XSS vulnerability in the documentation XML-RPC server in servertitle field CVE-2019-16935 python: infinite loop in the tarfile module via...

MiracleLinux 9 : python3.12-3.12.5-2.el9.1 (AXSA:2024-9402:16)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9402:16 advisory. python: cpython: tarfile: ReDos via excessive backtracking while parsing header values CVE-2024-6232 Tenable has extracted the preceding description block...

MiracleLinux 9 : python3.9-3.9.10-3.el9 (AXSA:2022-4535:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4535:03 advisory. python: int type in PyLongFromString does not limit amount of digits converting text to int leading to DoS CVE-2020-10735 Tenable has extracted the preceding...

MiracleLinux 7 : python-2.7.5-94.0.1.el7.AXS7 (AXSA:2023-6577:43)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6577:43 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 9 : python3.11-3.11.5-1.el9_3 (AXSA:2023-6966:07)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6966:07 advisory. python: tarfile module directory traversal CVE-2007-4559 python: file path truncation at \0 characters CVE-2023-41105 Tenable has extracted the...

MiracleLinux 7 : python-2.7.5-94.0.3.el7.AXS7 (AXSA:2024-8926:48)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8926:48 advisory. CVE-2024-6232: fixed regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via...

MiracleLinux 8 : python3.12-3.12.5-2.el8_10 (AXSA:2024-8842:07)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8842:07 advisory. python: incorrect IPv4 and IPv6 private ranges CVE-2024-4032 cpython: python: email module doesn't properly quotes newlines in email headers, allowi...

MiracleLinux 7 : python3-3.6.8-17.el7 (AXSA:2020-630:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-630:02 advisory. python: XSS vulnerability in the documentation XML-RPC server in servertitle field CVE-2019-16935 python: wrong backtracking in...

SUSE SLES12 Security Update : python (SUSE-SU-2026:0133-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0133-1 advisory. - CVE-2025-8291: check validity of the ZIP64 End of Central Directory EOCD in the 'zipfile' module bsc1251305. - CVE-2025-12084: prevent...

MiracleLinux 7 : python-2.7.5-38.0.1.el7.AXS7 (AXSA:2016-650:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-650:01 advisory. Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules, classes,...

MiracleLinux 4 : python-2.6.6-68.0.1.AXS4 (AXSA:2019-3919:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-3919:02 advisory. python: Information Disclosure due to urlsplit improper NFKC normalization CVE-2019-9636 Tenable has extracted the preceding description block directly from...

MiracleLinux 7 : python-2.7.5-76.0.1.el7.AXS7 (AXSA:2019-3684:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3684:02 advisory. python: DOS via regular expression backtracking in difflib.ISLINEJUNK method in difflib CVE-2018-1061 python: DOS via regular expression catastrophi...

K000159546: Python vulnerability CVE-2024-5642

Security Advisory Description CPython 3.9 and earlier doesn't disallow configuring an empty list "" for SSLContext.setnpnprotocols which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used see CVE-2024-5535 for OpenSSL. This vulnerability is of...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 / 25.10 : Python vulnerability (USN-7951-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-7951-1 advisory. It was discovered that Python's http.client did not properly handle the Content-Length header in HTTP response...

MiracleLinux 9 : python3.11-3.11.9-7.el9_5.3 (AXSA:2025-9841:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9841:01 advisory. cpython: python: Uncontrolled CPU resource consumption when in http.cookies module CVE-2024-7592 Tenable has extracted the preceding description block direct...

MiracleLinux 9 : python3.9-3.9.21-2.el9 (AXSA:2025-10382:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10382:01 advisory. python: cpython: URL parser allowed square brackets in domain names CVE-2025-0938 Tenable has extracted the preceding description block directly from the...

CVE-2020-10799

The svglib package through 0.9.3 for Python allows XXE attacks via an svg2rlg call...

CVE-2023-45167

IBM AIX's 7.3 Python implementation could allow a non-privileged local user to exploit a vulnerability to cause a denial of service. IBM X-Force ID: 267965...