Fedora 39 : mingw-python3 (2024-fefc75bce4)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-fefc75bce4 advisory. Backport fix for CVE-2024-4032. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Fedora 40 : mingw-python3 (2024-1ecab28e50)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-1ecab28e50 advisory. Backport fix for CVE-2024-4032. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Important: Red Hat Security Advisory: python3 security update

An update for python3 is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated this update as...

openSUSE Security Advisory (SUSE-SU-2024:1639-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exploit for Unrestricted Upload of File with Dangerous Type in Chamilo Chamilo_Lms

Proof of conc...

SUSE-SU-2024:2375-1 Security update for python3-cryptography

This update for python3-cryptography fixes the following issues: - CVE-2023-49083: Fixed a NULL pointer dereference when loading certificates from a PKCS7 bundle bsc1217592...

Exploit for Protection Mechanism Failure in Artifex Ghostscript

PoC exploit for CVE-2024-29510, a Ghostscript format string vuln...

Important: Red Hat Security Advisory: python3 security update

An update for python3 is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

RHEL 8 : python3 (RHSA-2024:4406)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4406 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

Directus GraphQL Field Duplication Denial of Service (DoS)

Summary A denial of service DoS attack by field duplication in GraphQL is a type of attack where an attacker exploits the flexibility of GraphQL to overwhelm a server by requesting the same field multiple times in a single query. This can cause the server to perform redundant computations and...

Important: Red Hat Security Advisory: python3 security update

An update for python3 is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

RHEL 8 : python3 (RHSA-2024:4370)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4370 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

Fedora 40 : python3-docs / python3.12 (2024-486cb71423)

The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-486cb71423 advisory. Update to 3.12.4, fix CVE-2024-4032 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has no...

Oracle Linux 8 : python3 (ELSA-2024-4243)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4243 advisory. 3.12.3-2 - Enable importing of hash-based .pyc files under FIPS mode Resolves: RHEL-40776 3.12.3-1 - Update to 3.12.3 Related: RHEL-33685 3.12.2-3 - Move all te...

CBL Mariner 2.0 Security Update: python3 (CVE-2024-0450)

The version of python3 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-0450 advisory. - An issue was found in the CPython zipfile module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and...

Oracle Linux 8 : python-pillow (ELSA-2024-4227)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4227 advisory. 5.1.1-21 - Security fix for CVE-2024-28219 Resolves: RHEL-31071 Tenable has extracted the preceding description block directly from the Oracle Linux security...

python3 security update

1.1.0-3 - Security fix for CVE-2024-36039 Resolves: RHEL-38366...

Oracle Linux 8 : python-jinja2 (ELSA-2024-4231)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-4231 advisory. 2.10.1-5 - Security fix for CVE-2024-34064 Resolves: RHEL-35651 Tenable has extracted the preceding description block directly from the Oracle Linux security...

AlmaLinux 8 : python3 (ALSA-2024:4243)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4243 advisory. python: The zipfile module is vulnerable to zip-bombs leading to denial of service CVE-2024-0450 Tenable has extracted the preceding description block directly fro...

AlmaLinux 8 : python3 (ALSA-2024:4245)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:4245 advisory. python-pymysql: SQL injection if used with untrusted JSON input CVE-2024-36039 Tenable has extracted the preceding description block directly from the AlmaLinux...