RHEL 9 : python3.11 (RHSA-2026:1892)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1892 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

Oracle Linux 10 : python3.12 (ELSA-2026-1828)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-1828 advisory. - Security fix for CVE-2025-13836 Resolves: RHEL-140978 Tenable has extracted the preceding description block directly from the Oracle Linux security...

RHEL 8 : python3 (RHSA-2026:1620)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1620 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

RHEL 8 : python3 (RHSA-2026:1631)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1631 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

SUSE SLES15 / openSUSE 15 Security Update : python (SUSE-SU-2026:0337-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0337-1 advisory. - Modified CVE-2025-6075 fix to not use re.ASCII flag not available in Python 2.7 bsc1257064. Tenable has extracted the preceding...

CLEANSTART-2026-MB75553 vulnerability was found in Avahi, where a reachable assertion exists in avahi_dns_packet_append_record

Multiple security vulnerabilities affect the playwright-python package. A vulnerability was found in Avahi, where a reachable assertion exists in avahidnspacketappendrecord. See references for individual vulnerability details...

AlmaLinux 9 : python3.12 (ALSA-2026:1408)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:1408 advisory. cpython: Excessive read buffering DoS in http.client CVE-2025-13836 cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of...

cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service

A flaw was found in cpython. This vulnerability allows impacted availability via a quadratic algorithm in xml.dom.minidom methods, such as appendChild, when building excessively nested documents due to a dependency on clearidcache...

cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service

A flaw was found in cpython. This vulnerability allows impacted availability via a quadratic algorithm in xml.dom.minidom methods, such as appendChild, when building excessively nested documents due to a dependency on clearidcache...

RHEL 8 : python3 (RHSA-2026:1558)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1558 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

RHEL 7 : python (RHSA-2026:1537)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1537 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

RHEL 9 : python3.12 (RHSA-2026:1408)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1408 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

SUSE CVE-2026-0994

A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict in Python, where the maxrecursiondepth limit can be bypassed when parsing nested google.protobuf.Any messages. Due to missing recursion depth accounting inside the internal Any-handling logic, an attacker can...

Azure Linux 3.0 Security Update: python3 (CVE-2024-12254)

The version of python3 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-12254 advisory. - Starting in Python 3.12.0, the asyncio.SelectorSocketTransport.writelines method would not pause writing an...

MiracleLinux 8 : python39:3.9 and python39-devel:3.9 (AXSA:2022-3597:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3597:01 advisory. python-lxml: HTML Cleaner allows crafted and SVG embedded scripts to pass through CVE-2021-43818 Tenable has extracted the preceding description block direct...

MiracleLinux 8 : python3-3.6.8-51.el8.1.ML.1 (AXSA:2023-6176:05)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6176:05 advisory. python: urllib.parse url blocklisting bypass CVE-2023-24329 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 9 : python3.11-3.11.7-1.el9_4.3 (AXSA:2024-8606:19)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8606:19 advisory. python: incorrect IPv4 and IPv6 private ranges CVE-2024-4032 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : python3-3.6.8-62.el8.ML.1 (AXSA:2024-8353:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8353:03 advisory. python: Path traversal on tempfile.TemporaryDirectory CVE-2023-6597 python: The zipfile module is vulnerable to zip-bombs leading to denial of servi...

MiracleLinux 8 : python3-3.6.8-45.el8.ML.1 (AXSA:2022-3487:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3487:01 advisory. python: ftplib should not use the host from the PASV response CVE-2021-4189 python: urllib: HTTP client possible infinite loop on a 100 Continue...

MiracleLinux 9 : python3.9-3.9.16-1.el9.1 (AXSA:2023-6033:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6033:03 advisory. python: urllib.parse url blocklisting bypass CVE-2023-24329 Tenable has extracted the preceding description block directly from the MiracleLinux security...