CPython security vulnerabilities

CPython is a Python interpreter implemented in C language by the Python Foundation. CPython has security vulnerabilities; these vulnerabilities arise from failing to retain parentheses when folding long comments in email headers that only contain non-folding characters. This can lead to the...

CPython security vulnerabilities

CPython is a Python interpreter implemented in C language by the Python Foundation. CPython has security vulnerabilities, which stem from the possibility of injecting additional commands through line breaks when user-controlled commands are passed...

CPython security vulnerabilities

CPython is a Python interpreter implemented in C language by the Python Foundation. CPython has security vulnerabilities, where user-controlled headers containing line breaks can lead to HTTP header injection attacks...

MiracleLinux 9 : python-setuptools-53.0.0-10.el9.1 (AXSA:2023-5193:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5193:02 advisory. pypa-setuptools: Regular Expression Denial of Service ReDoS in packageindex.py CVE-2022-40897 Tenable has extracted the preceding description block directly...

MiracleLinux 8 : python39:3.9 and python39-devel:3.9 (AXSA:2024-8745:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8745:01 advisory. python: incorrect IPv4 and IPv6 private ranges CVE-2024-4032 pypa/setuptools: Remote code execution via download functions in the packageindex modul...

MiracleLinux 9 : python3.11-3.11.11-2.el9_6.2 (AXSA:2025-10821:09)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10821:09 advisory. cpython: Cpython infinite loop when parsing a tarfile CVE-2025-8194 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : python3.11-PyMySQL-1.0.2-2.el8_10 (AXSA:2024-8537:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8537:01 advisory. python-pymysql: SQL injection if used with untrusted JSON input CVE-2024-36039 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : python27:2.7 (AXSA:2024-7348:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7348:01 advisory. python-requests: Unintended leak of Proxy-Authorization header CVE-2023-32681 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : python3.12-3.12.1-4.el9_4.4 (AXSA:2024-8949:08)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8949:08 advisory. python: cpython: tarfile: ReDos via excessive backtracking while parsing header values CVE-2024-6232 Tenable has extracted the preceding description block...

MiracleLinux 9 : python3.11-cryptography-37.0.2-6.el9 (AXSA:2024-7976:01)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7976:01 advisory. python-cryptography: NULL-dereference when loading PKCS7 certificates CVE-2023-49083 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : python-flask-0.10.1-7.el7 (AXSA:2023-5938:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-5938:01 advisory. flask: Possible disclosure of permanent session cookie due to missing Vary: Cookie header CVE-2023-30861 Tenable has extracted the preceding description bloc...

MiracleLinux 8 : python39:3.9 and python39-devel:3.9 (AXSA:2022-4453:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4453:01 advisory. python: mailcap: findmatch function does not sanitize the second argument CVE-2015-20107 Tenable has extracted the preceding description block directly from...

MiracleLinux 8 : python3-3.6.8-56.el8_9.3.ML.1 (AXSA:2024-7427:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7427:02 advisory. python: Parsing errors in email/parseaddr.py lead to incorrect value in email address part of tuple CVE-2023-27043 Tenable has extracted the preceding...

MiracleLinux 9 : python3.9-3.9.18-3.el9_4.1 (AXSA:2024-8484:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8484:03 advisory. python: Path traversal on tempfile.TemporaryDirectory CVE-2023-6597 python: The zipfile module is vulnerable to zip-bombs leading to denial of servi...

Ubuntu: Security Advisory (USN-7916-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-7955-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MiracleLinux 8 : python38:3.8 (AXSA:2021-2422:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2422:01 advisory. python: CRLF injection via HTTP request method in httplib/http.client CVE-2020-26116 python-lxml: mXSS due to the use of improper parser...

MiracleLinux 7 : python-2.7.5-88.0.1.el7.AXS7 (AXSA:2020-4713:15)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-4713:15 advisory. python: Cookie domain check returns incorrect results CVE-2018-20852 python: email.utils.parseaddr wrongly parses email addresses CVE-2019-16056...

MiracleLinux 7 : python-flask-0.10.1-5.el7 (AXSA:2020-4499:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-4499:01 advisory. python-flask: Denial of Service via crafted JSON file CVE-2018-1000656 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : python-pip-9.0.3-18.el8 (AXSA:2020-1044:05)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-1044:05 advisory. python-pip: directory traversal in downloadhttpurl function in src/pip/internal/download.py CVE-2019-20916 Tenable has extracted the preceding description...