Oracle Linux 9 : python3.12-urllib3 (ELSA-2026-1088)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-1088 advisory. - Security fix for CVE-2025-66471 - Security fix for CVE-2025-66418 Tenable has extracted the preceding description block directly from the Oracle Linu...

[SECURITY] Fedora 42 Update: python3.12-3.12.12-3.fc42

Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.12 package provides the "python3.12" executable:...

Fedora 42 : python3.12 (2026-f8f1b315d0)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-f8f1b315d0 advisory. Security fix for CVE-2025-13836 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

MiracleLinux 8 : python3.12-urllib3-1.26.19-1.el8_10 (AXSA:2024-8976:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8976:01 advisory. urllib3: proxy-authorization request header is not stripped during cross-origin redirects CVE-2024-37891 Tenable has extracted the preceding description bloc...

Fedora: Security Advisory (FEDORA-2026-8e0e785a72)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHSA-2026:0353 Red Hat Security Advisory: python3.12 security update

Bulletin has no description...

RHSA-2025:14546 Red Hat Security Advisory: python3.12 security update

Bulletin has no description...

Important: python3.12

Issue Overview: There is a defect in the CPython "tarfile" module affecting the "TarFile" extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously...

Medium: python3.12-pip

Issue Overview: urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, it is possible to disable redirects for all requests by instantiating a PoolManager and specifying retries in a way that disable redirects. By default, requests and botocore users are not affected. An...

python3.12-setuptools security update

68.2.2-5 - Security fix for CVE-2025-47273 Resolves: RHEL-101118...

Oracle Linux 9 : python3.12-setuptools (ELSA-2025-12834)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-12834 advisory. 68.2.2-5 - Security fix for CVE-2025-47273 Resolves: RHEL-101118 Tenable has extracted the preceding description block directly from the Oracle Linux security...

RHEL 9 : python3.12-setuptools (RHSA-2025:12834)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:12834 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic da...

RockyLinux 9 : python3.12 (RLSA-2025:3631)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:3631 advisory. cpython: python: Uncontrolled CPU resource consumption when in http.cookies module CVE-2024-7592 Tenable has extracted the preceding description block directly fr...

RockyLinux 8 : python3.12 (RLSA-2025:10031)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:10031 advisory. cpython: Tarfile extracts filtered members when errorlevel=0 CVE-2025-4435 cpython: Bypass extraction filter to modify file metadata outside extraction...

RockyLinux 8 : python3.12-setuptools (RLSA-2025:11044)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:11044 advisory. setuptools: Path Traversal Vulnerability in setuptools PackageIndex CVE-2025-47273 Tenable has extracted the preceding description block directly from the...

Oracle Linux 8 : python3.12-setuptools (ELSA-2025-11044)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-11044 advisory. 68.2.2-5 - Security fix for CVE-2025-47273 Resolves: RHEL-101131 Tenable has extracted the preceding description block directly from the Oracle Linux security...

AlmaLinux 8 : python3.12-setuptools (ALSA-2025:11044)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:11044 advisory. setuptools: Path Traversal Vulnerability in setuptools PackageIndex CVE-2025-47273 Tenable has extracted the preceding description block directly from the AlmaLin...

Moderate: Red Hat Security Advisory: python3.12-setuptools security update

An update for python3.12-setuptools is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RHEL 8 : python3.12-setuptools (RHSA-2025:11044)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:11044 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic da...

Amazon Linux 2023 : python3.12-pip, python3.12-pip-wheel (ALAS2023-2025-1083)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1083 advisory. Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to...