Security Bulletin: A vulnerability in Python affects IBM Robotic Process Automation which may allow and attacker to launch addtional attacks on the system (IBM X-Force ID: 273241)

Summary A vulnerability in Python affects IBM Robotic Process Automation which may allow and attacker to launch addtional attacks on the system. This bulletin identifies the fix to address this vulnerability. Vulnerability Details IBM X-Force ID: 273241 DESCRIPTION: GitLab Runner could provide...

RHEL 8 : python36:3.6 (RHSA-2024:11094)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:11094 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic da...

RHEL 8 : python36:3.6 (RHSA-2024:11091)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:11091 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic da...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python312 (SUSE-SU-2024:4291-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:4291-1 advisory. - CVE-2024-12254: Fixed unbounded memory buffering in SelectorSocketTransport.writelines bsc1234290 Other...

Python DoS Vulnerability (Dec 2024) - Linux

Python is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...

Fedora 41 : python3.9 (2024-47e4624c89)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-47e4624c89 advisory. Python 3.9.21 security release. Security content in this release -------------------------------- - gh-122792: Changed IPv4-mapped ipaddress.IPv6Address to...

SUSE SLES15 / openSUSE 15 Security Update : python (SUSE-SU-2024:4151-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:4151-1 advisory. - CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses bsc1233307 Other fixes: - Add ipaddress module from...

RHEL 8 : python3.11 (RHSA-2024:10979)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:10979 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic da...

SUSE SLES12 Security Update : python (SUSE-SU-2024:4165-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2024:4165-1 advisory. - CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses bsc1233307 Other fixes: - Add ipaddress module from...

Amazon Linux 2023 : python3, python3-devel, python3-idle (ALAS2023-2024-770)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-770 advisory. There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted...

RHEL 8 : python36:3.6 (RHSA-2024:10953)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:10953 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic da...

01os (>=0.0.5 <=0.0.13), airbyte-source-azure-blob-storage (>=0.3.3 <=0.6.12) +57 more potentially affected by CVE-2024-46455 via unstructured (>=0.10.10 <=0.14.2)

unstructured PYPI version =0.10.10, =0.0.5, =0.3.3, =0.3.6, =0.0.8, =0.1.5, =0.2.0, =4.5.1, =1.0.0, =0.0.1, =0.1.0, =0.0.1, =1.0.0, =1.1.0 and more Source cves: CVE-2024-46455 Source advisory: SNYK:PYTHON-UNSTRUCTURED-8492724...

CVE-2024-12254

Starting in Python 3.12.0, the asyncio.SelectorSocketTransport.writelines method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the "high-water mark". Because of this, Protocols would not periodically drain the write buffer...

Python 安全漏洞

Python is an open source, object-oriented programming language from the Python Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. A security vulnerability exists in Python 3.12.0 and later, which stems from the fact that the...

RHEL 9 : python3.11-urllib3 (RHSA-2024:9922)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:9922 advisory. The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fixes: urllib3:...

USN-7116-1: Python vulnerability

It was discovered that Python incorrectly handled quoting path names when using the venv module. A local attacker able to control virtual environments could possibly use this issue to execute arbitrary code when the virtual environment is activated...

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : Python vulnerability (USN-7116-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by a vulnerability as referenced in the USN-7116-1 advisory. It was discovered that Python incorrectly handled quoting path names when using the venv module. A local attacker able to control...

Important: python3

Issue Overview: There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives. CVE-2024-6232 Affected Packages: python3 Note: This advisory is...

Fedora 37 : python3.6 (2022-fbf6a320fe)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-fbf6a320fe advisory. Security fix for CVE-2022-45061: CPU denial of service via inefficient IDNA decoder Tenable has extracted the preceding description block directly from the...

Fedora 37 : python3.8 (2022-18b234c18b)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-18b234c18b advisory. Update to 3.8.16 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...