CBL Mariner 2.0 Security Update: python3 (CVE-2024-11168)

The version of python3 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-11168 advisory. - The urllib.parse.urlsplit and urlparse functions improperly validated bracketed hosts , allowing hosts that...

Fedora 37 : mingw-python3 (2022-3e859b6bc6)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-3e859b6bc6 advisory. Backport patch for CVE-2022-45061. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

NewStart CGSL MAIN 6.02 : python3 Vulnerability (NS-SA-2024-0053)

The remote NewStart CGSL host, running version MAIN 6.02, has python3 packages installed that are affected by a vulnerability: - Python ssl.SSLSocket is vulnerable to a bypass of the TLS handshake in certain instances for HTTPS servers and other server-side protocols that use TLS client...

CentOS 8 : python3 (CESA-2024:0256)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2024:0256 advisory. - The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is...

Oracle Linux 8 : python3 (ELSA-2023-7151)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-7151 advisory. - Security fix for CVE-2023-40217 Resolves: RHEL-3041 - Fix symlink handling in the fix for CVE-2007-4559 Resolves: rhbz263261 - Security fix for CVE-2023-24329...

Python 安全漏洞

Python is an open source object-oriented programming language. A privilege design vulnerability exists in the Chocolatey Python3 package v3.11.0 and earlier versions, which originates from all users in the Authenticated users group having write access to the subfolder C:\Python311 and all files i...

AZL-11503 CVE-2022-37454 affecting package python3 for versions less than 3.9.14-5

The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface...

Oracle Linux 8 : python3 (ELSA-2022-1986)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-1986 advisory. - Security fix for CVE-2021-4189: ftplib should not use the host from the PASV response Resolves: rhbz2036020 Tenable has extracted the preceding...

SUSE SLES12 Security Update : python3 (SUSE-SU-2022:1044-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:1044-1 advisory. - A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issue...

OPENSUSE-SU-2020:0940-1 Security update for python3

This update for python3 fixes the following issues: - CVE-2020-14422: Fixed an improper computation of hash values in the IPv4Interface and IPv6Interface could have led to denial of service bsc1173274. This update was imported from the SUSE:SLE-15:Update update project...