AlmaLinux 9 : python3.11 (ALSA-2024:4077)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4077 advisory. python: Path traversal on tempfile.TemporaryDirectory CVE-2023-6597 Tenable has extracted the preceding description block directly from the AlmaLinux security...

Oracle Linux 9 : python3.11 (ELSA-2024-4077)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4077 advisory. - Security fix for CVE-2023-6597 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has no...

AlmaLinux 8 : python3.11 (ALSA-2024:4058)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:4058 advisory. python: Path traversal on tempfile.TemporaryDirectory CVE-2023-6597 python: The zipfile module is vulnerable to zip-bombs leading to denial of service...

Oracle Linux 8 : python3.11 (ELSA-2024-4058)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-4058 advisory. - Security fixes for CVE-2023-6597 and CVE-2024-0450 Tenable has extracted the preceding description block directly from the Oracle Linux security...

python3.11-pip bug fix and enhancement update

An update is available for python3.11-pip. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Lin...

RLSA-2024:2986 Moderate: python3.11-urllib3 security update

The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fixes: python-urllib3: Cookie request header isn't stripped during cross-origin redirects CVE-2023-43804 For more details about the security issues, including the impact, a CVSS...

RHEL 9 : python3.11-pip (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - pygments: ReDoS in pygments CVE-2022-40896 Note that Nessus has not tested for this issue but has instead relied on...

RHEL 8 : python3.11-pip (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - pygments: ReDoS in pygments CVE-2022-40896 Note that Nessus has not tested for this issue but has instead relied on...

Oracle Linux 8 : python3.11-urllib3 (ELSA-2024-2986)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-2986 advisory. 1.26.12-2 - Security fix for CVE-2023-43804 Resolves: RHEL-11996 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 8 : python3.11 (ELSA-2024-3062)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3062 advisory. 3.11.7-1.0.1 - Update rpm-macros description Orabug: 36024572 3.11.7-1 - Rebase to 3.11.7 Resolves: RHEL-21915 3.11.5-2 - Security fix for CVE-2023-27043...

Oracle Linux 8 : python3.11-cryptography (ELSA-2024-3105)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-3105 advisory. - Security fix for CVE-2023-49083 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has n...

RHEL 8 : python3.11-cryptography (RHSA-2024:3105)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:3105 advisory. The python-cryptography packages contain a Python Cryptographic Authority's PyCA's cryptography library, which provides cryptographic primitives and...

RHEL 8 : python3.11 (RHSA-2024:3062)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3062 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

CentOS 8 : python3.11 (CESA-2024:3062)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2024:3062 advisory. - The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is...

CentOS 8 : python3.11-urllib3 (CESA-2024:2986)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2024:2986 advisory. - urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the Cookie HTTP header special or provide any helpers for managing cookies ov...

CentOS 8 : python3.11-cryptography (CESA-2024:3105)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2024:3105 advisory. - cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling loadpempkcs7certificates or...

Important: python3.11

Issue Overview: An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.2, 3.11.8, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can r...

python3.11-cryptography security update

An update is available for python3.11-cryptography. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The python-cryptography packages contain a Python Cryptograph...

Oracle Linux 9 : python3.11 (ELSA-2024-2292)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-2292 advisory. 3.11.7-1 - Rebase to 3.11.7 Resolves: RHEL-20233 3.11.5-2 - Security fix for CVE-2023-27043 Resolves: RHEL-21325 Tenable has extracted the preceding description...

python3.11-urllib3 security update

1.26.12-2 - Security fix for CVE-2023-43804 Resolves: RHEL-12003...