Alibaba Cloud Linux 3 : 0272: python3.11-pip (ALINUX3-SA-2024:0272)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0272 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2007-4559: Directory traversal vulnerability in...

Medium: python3.11-pip

Issue Overview: Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. dot dot sequence in filenames in a TAR archive, a related issue to CVE-2001-1267. CVE-2007-4559...

Medium: python3.11-pip

Issue Overview: Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to th...

Medium: python3.11-pip

Issue Overview: python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651 Affected Packages: python3.11-pip Issue Correction: Run dnf update python3.11-pip --releasever 2023.6.20241111 to update your system. New Packages: noarch: ...

Amazon Linux 2023 : python3.11-pip, python3.11-pip-wheel (ALAS2023-2024-762)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-762 advisory. python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651 Tenable has extracted the preceding description block directly from the tested product...

Amazon Linux 2023 : python3.11-pip, python3.11-pip-wheel (ALAS2023-2024-729)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-729 advisory. urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However...

RHSA-2023:6914 Red Hat Security Advisory: python3.11-pip security update

Bulletin has no description...

python3.11-pip bug fix and enhancement update

An update is available for python3.11-pip. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Lin...

RHEL 9 : python3.11-pip (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - pygments: ReDoS in pygments CVE-2022-40896 Note that Nessus has not tested for this issue but has instead relied on...

RHEL 8 : python3.11-pip (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - pygments: ReDoS in pygments CVE-2022-40896 Note that Nessus has not tested for this issue but has instead relied on...

python3.11-pip bug fix and enhancement update

An update is available for python3.11-pip. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list pip is a package management system used to install and manage software...

Oracle Linux 8 : python3.11-pip (ELSA-2023-6914)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-6914 advisory. - Use tarfile.datafilter for extracting CVE-2007-4559, PEP-721, PEP-706 Resolves: RHBZ2218249 Tenable has extracted the preceding description block directly fro...

Oracle Linux 9 : python3.11-pip (ELSA-2023-6324)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-6324 advisory. - Use tarfile.datafilter for extracting CVE-2007-4559, PEP-721, PEP-706 Resolves: RHBZ2218247 Tenable has extracted the preceding description block directly fro...

Moderate: Red Hat Security Advisory: python3.11-pip security update

An update for python3.11-pip is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

python3.11-pip security update

22.3.1-4 - Use tarfile.datafilter for extracting CVE-2007-4559, PEP-721, PEP-706 Resolves: RHBZ2218247 22.3.1-3 - Fix changelog to contain Fedora contributors Resolves: RHEL-232...

RHEL 9 : python3.11-pip (RHSA-2023:6324)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:6324 advisory. pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python Package...