CBL Mariner 2.0 Security Update: grpc / python-gevent (CVE-2020-22217)

The version of grpc / python-gevent installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-22217 advisory. - Buffer overflow vulnerability in c-ares before 1161 thru 1170 via function aresparsesoareply i...

OPENSUSE-SU-2024:13254-1 python-gevent-doc-23.9.0-1.1 on GA media

These are all security issues fixed in the python-gevent-doc-23.9.0-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:13890-1 python-gevent-doc-24.2.1-1.1 on GA media

These are all security issues fixed in the python-gevent-doc-24.2.1-1.1 package on the GA media of openSUSE Tumbleweed...

RHEL 7 : python-gevent (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - python-gevent: privilege escalation via a crafted script to the WSGIServer component CVE-2023-41419 Note that Nessu...

RHEL 7 : python-gevent (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - python-gevent: privilege escalation via a crafted script to the WSGIServer component CVE-2023-41419 Note that Nessu...

RHEL 9 : Red Hat OpenStack Platform 17.1.1 (python-gevent) (RHSA-2023:7438)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:7438 advisory. gevent is a coroutine-based Python networking library that uses greenlet to provide a high-level synchronous API on top of libevent event loop...

CVE-2020-8277 affecting package python-gevent for versions less than 21.1.2-3

CVE-2020-8277 affecting package python-gevent for versions less than 21.1.2-3. A patched version of the package is available...

CVE-2021-22931 affecting package python-gevent for versions less than 21.1.2-3

CVE-2021-22931 affecting package python-gevent for versions less than 21.1.2-3. A patched version of the package is available...

CVE-2023-31130 affecting package python-gevent for versions less than 21.1.2-3

CVE-2023-31130 affecting package python-gevent for versions less than 21.1.2-3. A patched version of the package is available...

CVE-2024-25629 affecting package python-gevent for versions less than 21.1.2-3

CVE-2024-25629 affecting package python-gevent for versions less than 21.1.2-3. A patched version of the package is available...

CVE-2023-31147 affecting package python-gevent for versions less than 21.1.2-3

CVE-2023-31147 affecting package python-gevent for versions less than 21.1.2-3. A patched version of the package is available...

AZL-34463 CVE-2024-25629 affecting package python-gevent for versions less than 21.1.2-3

c-ares is a C library for asynchronous DNS requests. aresreadline is used to parse local configuration files such as /etc/resolv.conf, /etc/nsswitch.conf, the HOSTALIASES file, and if using a c-ares version prior to 1.27.0, the /etc/hosts file. If any of these configuration files has an embedded...

AZL-35132 CVE-2024-25629 affecting package python-gevent for versions less than 23.9.1-4

c-ares is a C library for asynchronous DNS requests. aresreadline is used to parse local configuration files such as /etc/resolv.conf, /etc/nsswitch.conf, the HOSTALIASES file, and if using a c-ares version prior to 1.27.0, the /etc/hosts file. If any of these configuration files has an embedded...

AZL-35133 CVE-2024-24806 affecting package python-gevent for versions less than 23.9.1-3

libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its windows counterpart src/win/getaddrinfo.c, truncates hostnames to 256 characters before calling getaddrinfo. This behavior can be exploited to create addresses...

CVE-2022-4904 affecting package python-gevent for versions less than 21.1.2-3

CVE-2022-4904 affecting package python-gevent for versions less than 21.1.2-3. A patched version of the package is available...

CVE-2023-32067 affecting package python-gevent for versions less than 21.1.2-3

CVE-2023-32067 affecting package python-gevent for versions less than 21.1.2-3. A patched version of the package is available...

CVE-2020-22217 affecting package python-gevent for versions less than 21.1.2-1

CVE-2020-22217 affecting package python-gevent for versions less than 21.1.2-1. A patched version of the package is available...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1.1 (python-gevent) security update

An update for python-gevent is now available for Red Hat OpenStack Platform 17.1.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

python-gevent: privilege escalation via a crafted script to the WSGIServer component

A flaw was found in python-event, which could allow a remote attacker to gain elevated privileges on the system, caused by a flaw in the WSGIServer component. By using a specially crafted script, an attacker can gain elevated privileges...

CVE-2023-41419 affecting package python-gevent for versions less than 1.3.6-9

CVE-2023-41419 affecting package python-gevent for versions less than 1.3.6-9. A patched version of the package is available...