Moderate: Red Hat Security Advisory: python3-setuptools security update

An update for python3-setuptools is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 7 : python3-setuptools (RHSA-2025:11607)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:11607 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic da...

[SECURITY] Fedora 42 Update: mingw-python3-3.11.13-2.fc42

MinGW Windows python3...

Fedora 41 : mingw-python3 (2025-1941db8ecb)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-1941db8ecb advisory. Backport fix for CVE-2025-6069. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

Fedora: Security Advisory (FEDORA-2025-c871432bf3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 42 : mingw-python3 (2025-c871432bf3)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-c871432bf3 advisory. Backport fix for CVE-2025-6069. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

Fedora: Security Advisory (FEDORA-2025-1941db8ecb)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for python3

This update for python3 fixes the following issues: CVE-2024-12718: Fixed extraction filter bypass that allowed file metadata modification outside extraction directory bsc1244056 CVE-2025-4138: Fixed issue that might allow symlink targets to point outside the destination directory, and the...

Azure Linux 3.0 Security Update: python3 (CVE-2025-4516)

The version of python3 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-4516 advisory. - There is an issue in CPython when using bytes.decodeunicodeescape, error=ignore|replace. If you are not usin...

CBL Mariner 2.0 Security Update: python3 (CVE-2024-4030)

The version of python3 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4030 advisory. - On Windows a directory returned by tempfile.mkdtemp would not always have permissions set to restrict readin...

CBL Mariner 2.0 Security Update: python3 (CVE-2025-50181)

The version of python3 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-50181 advisory. - urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, it is possible to disable...

CBL Mariner 2.0 Security Update: python3 (CVE-2025-4517)

The version of python3 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-4517 advisory. - Allows arbitrary filesystem writes outside the extraction directory during extraction with filter=data. You...

CBL Mariner 2.0 Security Update: python3 (CVE-2025-4516)

The version of python3 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-4516 advisory. - There is an issue in CPython when using bytes.decodeunicodeescape, error=ignore|replace. If you are not usin...

Azure Linux 3.0 Security Update: python3 (CVE-2025-4517)

The version of python3 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-4517 advisory. - Allows arbitrary filesystem writes outside the extraction directory during extraction with filter=data. You...

Azure Linux 3.0 Security Update: python3 (CVE-2025-4330)

The version of python3 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-4330 advisory. - Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination...

CBL Mariner 2.0 Security Update: python3 (CVE-2025-6069)

The version of python3 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-6069 advisory. - The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malform...

CBL Mariner 2.0 Security Update: python3 (CVE-2025-4330)

The version of python3 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-4330 advisory. - Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination...

Azure Linux 3.0 Security Update: python3 (CVE-2024-4030)

The version of python3 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4030 advisory. - On Windows a directory returned by tempfile.mkdtemp would not always have permissions set to restrict readin...

CBL Mariner 2.0 Security Update: python3 (CVE-2023-5752)

The version of python3 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5752 advisory. - When installing a package from a Mercurial VCS URL ie pip install hg+... with pip prior to v23.3, the...

Azure Linux 3.0 Security Update: python3 (CVE-2023-5752)

The version of python3 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5752 advisory. - When installing a package from a Mercurial VCS URL ie pip install hg+... with pip prior to v23.3, the...