Fedora 37 : python3-docs / python3.11 (2022-a9a4c48d06)

The remote Fedora 37 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2022-a9a4c48d06 advisory. The final release of Python 3.11.0. Contains security fix for CVE-2022-42919. Tenable has extracted the preceding description block directly from th...

Fedora 37 : python3-docs / python3.11 (2022-dbb811d203)

The remote Fedora 37 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2022-dbb811d203 advisory. Update to 3.11.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

Amazon Linux 2023 : python3-pillow, python3-pillow-devel, python3-pillow-tk (ALAS2023-2024-767)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-767 advisory. In imagingcms.c, two strcpy calls were able to copy too much data into fixed length strings. This has been fixed by using strncpy instead. CVE-2024-28219 Tenable has extracted the preceding description...

Fedora 37 : mingw-python3 (2022-79843dfb3c)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-79843dfb3c advisory. Update to python-3.10.8. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Amazon Linux 2023 : python3-idna (ALAS2023-2024-763)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-763 advisory. python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651 Tenable has extracted the preceding description block directly from the tested product...

Fedora 41 : mingw-python3 (2024-48fd84da22)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-48fd84da22 advisory. Backport patch for CVE-2024-8088 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Amazon Linux 2023 : python3-pip, python3-pip-wheel (ALAS2023-2024-764)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-764 advisory. python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651 Tenable has extracted the preceding description block directly from the tested product...

Fedora 37 : mingw-python3 (2022-3e859b6bc6)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-3e859b6bc6 advisory. Backport patch for CVE-2022-45061. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2024-2911)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2024-2892)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-5cf9589726)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exploit for Path Traversal in Lfprojects Mlflow

CVE-2024-2928 Arbitrary file read exploit for CVE-2024-2928 in...

EulerOS 2.0 SP10 : python3 (EulerOS-SA-2024-2911)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was found in the CPython zipfile module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is...

SUSE: Security Advisory (SUSE-SU-2024:3944-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP10 : python3 (EulerOS-SA-2024-2892)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was found in the CPython zipfile module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is...

SUSE-SU-2024:3944-1 Security update for python3

This update for python3 fixes the following issues: - CVE-2024-9287: Fixed quoted path names provided when creating a virtual environment bsc1232241. Bug fixes: - Drop .pyc files from docdir for reproducible builds bsc1230906...

SUSE: Security Advisory (SUSE-SU-2024:3879-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python3 (SUSE-SU-2024:3879-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3879-1 advisory. Security fixes: - CVE-2024-9287: properly quote path names provided when creating a virtual environment...

openSUSE Security Advisory (SUSE-SU-2024:3879-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for python3

This update for python3 fixes the following issues: Security fixes: CVE-2024-9287: properly quote path names provided when creating a virtual environment bsc1232241 Other fixes: Drop .pyc files from docdir for reproducible builds bsc1230906 Patch Instructions: To install this SUSE update use the...