CVE-2022-45061 affecting package python3 for versions less than 3.9.14-5

CVE-2022-45061 affecting package python3 for versions less than 3.9.14-5. A patched version of the package is available...

CVE-2022-37454 affecting package python3 for versions less than 3.9.14-5

CVE-2022-37454 affecting package python3 for versions less than 3.9.14-5. A patched version of the package is available...

laZzzy - Shellcode Loader, Developed Using Different Open-Source Libraries, That Demonstrates Different Execution Techniques

laZzzy is a shellcode loader that demonstrates different execution techniques commonly employed by malware. laZzzy was developed using different open-source header-only libraries. Features Direct syscalls and native Nt functions not all functions but most Import Address Table IAT evasion Encrypte...

CVE-2022-46609

Python3-RESTfulAPI commit d9907f14e9e25dcdb54f5b22252b0e9452e3970e and e772e0beee284c50946e94c54a1d43071ca78b74 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well ...

Design/Logic Flaw

Python3-RESTfulAPI commit d9907f14e9e25dcdb54f5b22252b0e9452e3970e and e772e0beee284c50946e94c54a1d43071ca78b74 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well ...

CVE-2022-46609

Python3-RESTfulAPI commit d9907f14e9e25dcdb54f5b22252b0e9452e3970e and e772e0beee284c50946e94c54a1d43071ca78b74 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well ...

CVE-2022-46609

The CVE-2022-46609 entry concerns Python3-RESTfulAPI, affecting the code path in the project tied to commits d9907f14e9e25dcdb54f5b22252b0e9452e3970e and e772e0beee284c50946e94c54a1d43071ca78b74. A root cause is described as a code execution backdoor introduced via the request package, enabling a...

Denial Of Service (DoS)

python3 is vulnerable to denial of service DoS attacks. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA RFC 3490 decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2022-2805)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : python3 (EulerOS-SA-2022-2805)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Python aka CPython up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This...

Slackware: Security Advisory (SSA:2022-341-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[slackware-security] python3

New python3 packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/python3-3.9.16-i586-1slack15.0.txz: Upgraded. This update fixes security issues: gh-98739: Updated bundled libexpat to 2.5.0 to fix...

Amazon Linux 2 : python3 (ALAS-2022-1896)

The version of python3 installed on the remote host is prior to 3.7.15-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1896 advisory. 2025-02-11: CVE-2021-28861 was added to this advisory. A flaw was found in python. In algorithms with quadratic time...

Amazon Linux 2 : python3 (ALAS-2022-1897)

The version of python3 installed on the remote host is prior to 3.7.15-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1897 advisory. The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows...

Slackware Linux 15.0 / current python3 Multiple Vulnerabilities (SSA:2022-341-01)

The version of python3 installed on the remote host is prior to 3.9.16. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2022-341-01 advisory. - In Python aka CPython up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the...

Important: python3

Issue Overview: The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface. CVE-2022-37454 Affected...

[SECURITY] Fedora 37 Update: mingw-python3-3.10.8-2.fc37

MinGW Windows python3 library...

[SECURITY] Fedora 36 Update: mingw-python3-3.10.8-2.fc36

MinGW Windows python3 library...

SUSE SLED15 / SLES15 Security Update : python3 (SUSE-SU-2022:4281-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4281-1 advisory. - An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF...

SUSE SLES12 Security Update : python3 (SUSE-SU-2022:4274-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4274-1 advisory. - A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using inttext, a system cou...