SUSE-SU-2024:1657-1 Security update for python3

This update for python3 fixes the following issues: - CVE-2023-52425: Fixed etree XMLPullParser tests for Expat =2.6.0 with reparse deferral bsc1219559...

Important: python3

Issue Overview: An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.2, 3.11.8, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can r...

Amazon Linux 2 : python3 (ALAS-2024-2541)

The version of python3 installed on the remote host is prior to 3.7.16-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2541 advisory. An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.2, 3.11.8, 3.10.13, 3.9.18, and 3.8.18...

SUSE: Security Advisory (SUSE-SU-2024:1657-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 22.04 LTS / 23.10 / 24.04 LTS : SQL parse vulnerability (USN-6771-1)

The remote Ubuntu 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6771-1 advisory. It was discovered that SQL parse incorrectly handled certain nested lists. An attacker could possibly use this issue to cause a denial of...

Amazon Linux 2023 : python3, python3-devel, python3-idle (ALAS2023-2024-616)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-616 advisory. An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.2, 3.11.8, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference...

openSUSE: Security Advisory for sssd (SUSE-SU-2024:1578-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux 2023 : python3-unbound, unbound, unbound-anchor (ALAS2023-2024-610)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-610 advisory. An issue was discovered in some DNS recursive resolvers that allows remote attackers to cause a denial of service using a maliciously designed authority and response amplification. CVE-2024-33655 Tenabl...

Exploit for Cross-site Scripting in Phpmyfaq

Badges !MIT Licensehttps://img.shields.io/badge/Licens...

Exploit for Insecure Default Initialization of Resource in Apache Superset

Badges !MIT Licensehttps://img.shields.io/badge/Licens...

SUSE: Security Advisory (SUSE-SU-2024:1557-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2024:0901-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2024:0850-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exploit for Path Traversal in Jenkins

CVE-2024-23897 Jenkins CVE-2024-23897: Arbitrary...

Moderate Photon OS Security Update - PHSA-2024-3.0-0754

Updates of 'ruby', 'python3-pycryptodomex' packages of Photon OS have been released...

Amazon Linux 2023 : python3-unbound, unbound, unbound-anchor (ALAS2023-2024-604)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-604 advisory. A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over...

Ubuntu 24.04 LTS. : Pillow vulnerability (USN-6744-3)

The remote Ubuntu 24.04 LTS. host has packages installed that are affected by a vulnerability as referenced in the USN-6744-3 advisory. USN-6744-1 fixed a vulnerability in Pillow. This update provides the corresponding updates for Ubuntu 24.04 LTS. Tenable has extracted the preceding description...

Amazon Linux 2023 : python3, python3-devel, python3-idle (ALAS2023-2024-605)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-605 advisory. An issue was found in the CPython zipfile module affecting versions 3.12.2, 3.11.8, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is vulnerable to quoted-overlap zip-bombs which exploit the...

Exploit for Cross-site Scripting in Sap Knowledge_Warehouse

Badges !MIT Licensehttps://img.shields.io/badge/Licens...

RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Moderate) (RHSA-2023:5208)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:5208 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can...