EulerOS 2.0 SP12 : python3 (EulerOS-SA-2025-1179)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability has been found in the CPython venv module and CLI where path names provided when creating a virtual environment were not quoted...

Azure Linux 3.0 Security Update: python3 (CVE-2023-6597)

The version of python3 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-6597 advisory. - An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.1, 3.11.7,...

EulerOS 2.0 SP11 : python3 (EulerOS-SA-2025-1143)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability has been found in the CPython venv module and CLI where path names provided when creating a virtual environment were not quoted...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2025-1179)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 41 : python3-docs / python3.13 (2025-e911f71d99)

The remote Fedora 41 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-e911f71d99 advisory. Update to 3.13.2 ---- Statically build the datetime module into libpython. This fixes a segfault when importing it from Python 3.13.0 updated to 3.13.1+ whil...

Amazon Linux 2023 : python3-virtualenv (ALAS2023-2025-831)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-831 advisory. virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when replacing. NOTE: this is not the same as...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2025-1098)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2025-1111)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Medium: python3

Issue Overview: CPython 3.9 and earlier doesn't disallow configuring an empty list for SSLContext.setnpnprotocols which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used see CVE-2024-5535 for OpenSSL. This vulnerability is of low severity due ...

Amazon Linux 2 : python3 (ALAS-2025-2743)

The version of python3 installed on the remote host is prior to 3.7.16-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2743 advisory. CPython 3.9 and earlier doesn't disallow configuring an empty list for SSLContext.setnpnprotocols which is an invalid value for th...

[SECURITY] Fedora 40 Update: buku-4.9-1.fc40

Buku is a powerful bookmark manager written in Python3 and SQLite3. Buku fetches the title of a bookmarked web page and stores it along with any additional comments and tags. You can use your favourite editor to compose and update bookmarks. With multiple search options, including regex and a dee...

AZL-56231 CVE-2025-0938 affecting package python3 for versions less than 3.12.9-1

The Python standard library functions urllib.parse.urlsplit and urlparse accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could result in...

CVE-2023-27043 affecting package python3 for versions less than 3.12.0-1

CVE-2023-27043 affecting package python3 for versions less than 3.12.0-1. A patched version of the package is available...

CVE-2007-4559 affecting package python3 for versions less than 3.9.19-1

CVE-2007-4559 affecting package python3 for versions less than 3.9.19-1. A patched version of the package is available...

Important: python3-jinja2

Issue Overview: Jinja is an extensible templating engine. Prior to 3.1.5, An oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to...

BIT-PYTHON-MIN-2020-15523

In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4, and 3.9 through 3.9.0 on Windows, a Trojan horse python3.dll might be used in cases where CPython is embedded in a native application. This occurs because python3X.dll may use an invalid search path for python3.dll loading after...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2025-1027)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : python3 (EulerOS-SA-2025-1059)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2025-1059)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : python3 (EulerOS-SA-2025-1042)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822...