OPENSUSE-SU-2026:10117-1 python314-3.14.2-2.1 on GA media

These are all security issues fixed in the python314-3.14.2-2.1 package on the GA media of openSUSE Tumbleweed...

Oracle Linux 9 : python3.9 (ELSA-2026-1478)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-1478 advisory. 3.9.25-3.0.1 - Remove upstream URL reference 3.9.25-3 - Security fix for CVE-2025-12084 Resolves: RHEL-135897 Tenable has extracted the preceding description...

RHEL 9 : python3.12 (RHSA-2026:1583)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1583 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

SUSE: Security Advisory (SUSE-SU-2026:0300-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 9 : python3.12 (RHSA-2026:1582)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1582 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

openSUSE Security Advisory (SUSE-SU-2026:0307-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-4458-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2026-f59e87ad88)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MiracleLinux 9 : python3.9-3.9.25-3.el9_7 (AXSA:2026-095:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-095:01 advisory. cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service CVE-2025-12084 Tenable has extracted the preceding description blo...

AlmaLinux 8 : python-urllib3 (ALSA-2026:1254)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:1254 advisory. urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion CVE-2025-66418 urllib3: urllib3 Streaming API improperly handles highly...

OPENSUSE-SU-2026:10116-1 python311-pypdf-6.6.2-1.1 on GA media

These are all security issues fixed in the python311-pypdf-6.6.2-1.1 package on the GA media of openSUSE Tumbleweed...

Fedora 43 : python-tinycss2 / weasyprint (2026-f59e87ad88)

The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-f59e87ad88 advisory. update to new upstream version including a fix for CVE-2025-68616 Tenable has extracted the preceding description block directly from the Fedora security...

ROS-20260129-73-0019

Vulnerability in python-ldap related to errors in neutralizing special elements. Exploitation of the vulnerability may allow an attacker to escalate privileges...

ROS-20260129-73-0027

Vulnerability in python-kdcproxy due to insufficient validation of incoming requests. Exploitation of the vulnerability could allow an attacker acting remotely to launch an ssrf attack...

ROS-20260129-73-0026

Vulnerability in python-kdcproxy related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260129-73-0044

Vulnerability in python-django related to failure to protect sql query structure. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

ROS-20260129-73-0020

Vulnerability in python-ldap due to a flaw in the output encoding or escaping mechanism. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...

ROS-20260129-73-0016

A vulnerability in the tarfile module of the Python Programming Language Interpreter CPython relates to the execution of a loop with an unreachable exit condition. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using specially crafted tar...

ROS-20260129-73-0015

A vulnerability in the html.parser.HTMLParser module of the Python programming language interpreter involves the use of a regular expression with inefficient computational complexity. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

flowflops (>=0.0.1.post2211140919 <=0.0.1.post2211151211) potentially affected by CVE-2025-71004 via oneflow (=0.9.0)

oneflow PYPI version =0.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on oneflow and may be impacted: - flowflops =0.0.1.post2211140919, =0.0.1.post2211151211 Source cves: CVE-2025-71004 Source advisory: SNYK:PYTHON-ONEFLOW-15162566...