MiracleLinux 8 : python3-3.6.8-56.el8_9.3.ML.1 (AXSA:2024-7427:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7427:02 advisory. python: Parsing errors in email/parseaddr.py lead to incorrect value in email address part of tuple CVE-2023-27043 Tenable has extracted the preceding...

MiracleLinux 8 : python3-3.6.8-31.el8 (AXSA:2021-1204:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1204:01 advisory. python: XSS vulnerability in the documentation XML-RPC server in servertitle field CVE-2019-16935 python: infinite loop in the tarfile module via...

MiracleLinux 9 : python-setuptools-53.0.0-10.el9.1 (AXSA:2023-5193:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5193:02 advisory. pypa-setuptools: Regular Expression Denial of Service ReDoS in packageindex.py CVE-2022-40897 Tenable has extracted the preceding description block directly...

MiracleLinux 8 : python39:3.9 and python39-devel:3.9 (AXSA:2022-4453:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4453:01 advisory. python: mailcap: findmatch function does not sanitize the second argument CVE-2015-20107 Tenable has extracted the preceding description block directly from...

MiracleLinux 9 : python3.9-3.9.18-3.el9_4.1 (AXSA:2024-8484:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8484:03 advisory. python: Path traversal on tempfile.TemporaryDirectory CVE-2023-6597 python: The zipfile module is vulnerable to zip-bombs leading to denial of servi...

MiracleLinux 9 : python3.11-3.11.2-2.el9.2 (AXSA:2023-6478:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6478:03 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 8 : python-cryptography-3.2.1-6.el8 (AXSA:2023-7257:04)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-7257:04 advisory. python-cryptography: memory corruption via immutable objects CVE-2023-23931 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : python-2.7.5-94.0.1.el7.AXS7 (AXSA:2023-6577:43)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6577:43 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 8 : python-pillow-5.1.1-12.el8 (AXSA:2020-528:03)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-528:03 advisory. python-pillow: out-of-bounds reads/writes in the parsing of SGI image files in expandrow/expandrow2 CVE-2020-11538 python-pillow: out-of-bounds read ...

MiracleLinux 8 : python3.12-3.12.5-2.el8_10 (AXSA:2024-8842:07)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8842:07 advisory. python: incorrect IPv4 and IPv6 private ranges CVE-2024-4032 cpython: python: email module doesn't properly quotes newlines in email headers, allowi...

MiracleLinux 8 : python39:3.9 and python39-devel:3.9 (AXSA:2024-8950:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8950:01 advisory. python: cpython: tarfile: ReDos via excessive backtracking while parsing header values CVE-2024-6232 Tenable has extracted the preceding description block...

MiracleLinux 7 : python-twisted-web-12.1.0-7.el7 (AXSA:2020-025:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-025:01 advisory. python-twisted: HTTP request smuggling when presented with two Content-Length headers CVE-2020-10108 python-twisted: HTTP request smuggling when...

MiracleLinux 9 : python3.11-urllib3-1.26.12-2.el9_5.2 (AXSA:2024-9498:06)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-9498:06 advisory. urllib3: Request body not stripped after redirect from 303 status changes request method to GET CVE-2023-45803 Tenable has extracted the preceding descriptio...

MiracleLinux 9 : python3.11-cryptography-37.0.2-6.el9 (AXSA:2024-7976:01)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7976:01 advisory. python-cryptography: NULL-dereference when loading PKCS7 certificates CVE-2023-49083 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : python39:3.9 and python39-devel:3.9 (AXSA:2024-8429:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8429:01 advisory. pypa-setuptools: Regular Expression Denial of Service ReDoS in packageindex.py CVE-2022-40897 python-cryptography: memory corruption via immutable...

MiracleLinux 7 : python-flask-0.10.1-7.el7 (AXSA:2023-5938:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-5938:01 advisory. flask: Possible disclosure of permanent session cookie due to missing Vary: Cookie header CVE-2023-30861 Tenable has extracted the preceding description bloc...

MiracleLinux 9 : python3.12-3.12.1-4.el9_4.4 (AXSA:2024-8949:08)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8949:08 advisory. python: cpython: tarfile: ReDos via excessive backtracking while parsing header values CVE-2024-6232 Tenable has extracted the preceding description block...

MiracleLinux 8 : python27:2.7 (AXSA:2024-7348:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7348:01 advisory. python-requests: Unintended leak of Proxy-Authorization header CVE-2023-32681 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : python27:2.7 (AXSA:2020-969:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-969:01 advisory. python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure CVE-2018-20060 python: Cookie domain check...

MiracleLinux 7 : python-virtualenv-15.1.0-4.el7 (AXSA:2020-4513:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-4513:01 advisory. python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure CVE-2018-20060 python-urllib3: CRLF injection...