MiracleLinux 7 : python-pip-9.0.3-7.el7 (AXSA:2020-4518:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-4518:01 advisory. python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure CVE-2018-20060 python-urllib3: CRLF injection...

MiracleLinux 9 : python3.11-3.11.7-1.el9_4.1 (AXSA:2024-8483:16)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8483:16 advisory. python: Path traversal on tempfile.TemporaryDirectory CVE-2023-6597 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 9 : python3.11-3.11.7-1.el9.ML.1 (AXSA:2024-7974:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7974:03 advisory. python: Parsing errors in email/parseaddr.py lead to incorrect value in email address part of tuple CVE-2023-27043 Tenable has extracted the preceding...

MiracleLinux 9 : python-mako-1.1.4-6.el9 (AXSA:2023-5414:01)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-5414:01 advisory. python-mako: REDoS in Lexer class CVE-2022-40023 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note...

MiracleLinux 8 : python27:2.7 (AXSA:2022-4445:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4445:01 advisory. python: mailcap: findmatch function does not sanitize the second argument CVE-2015-20107. Tenable has extracted the preceding description block directly from...

MiracleLinux 7 : python-pillow-2.0.0-21.gitd1c6db8.el7 (AXSA:2020-560:04)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-560:04 advisory. python-pillow: out-of-bounds read in ImagingFliDecode when loading FLI images CVE-2020-5313 Tenable has extracted the preceding description block directly fro...

MiracleLinux 9 : python3.11-3.11.9-7.el9 (AXSA:2024-9265:28)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9265:28 advisory. python: The zipfile module is vulnerable to zip-bombs leading to denial of service CVE-2024-0450 python: cpython: Iterating over a malicious ZIP fil...

MiracleLinux 8 : python3-3.6.8-56.el8_9.3.ML.1 (AXSA:2024-7427:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7427:02 advisory. python: Parsing errors in email/parseaddr.py lead to incorrect value in email address part of tuple CVE-2023-27043 Tenable has extracted the preceding...

MiracleLinux 8 : python3-3.6.8-31.el8 (AXSA:2021-1204:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1204:01 advisory. python: XSS vulnerability in the documentation XML-RPC server in servertitle field CVE-2019-16935 python: infinite loop in the tarfile module via...

MiracleLinux 9 : python-setuptools-53.0.0-10.el9.1 (AXSA:2023-5193:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5193:02 advisory. pypa-setuptools: Regular Expression Denial of Service ReDoS in packageindex.py CVE-2022-40897 Tenable has extracted the preceding description block directly...

MiracleLinux 8 : python39:3.9 and python39-devel:3.9 (AXSA:2022-4453:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4453:01 advisory. python: mailcap: findmatch function does not sanitize the second argument CVE-2015-20107 Tenable has extracted the preceding description block directly from...

MiracleLinux 9 : python3.9-3.9.18-3.el9_4.1 (AXSA:2024-8484:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8484:03 advisory. python: Path traversal on tempfile.TemporaryDirectory CVE-2023-6597 python: The zipfile module is vulnerable to zip-bombs leading to denial of servi...

MiracleLinux 9 : python3.11-3.11.2-2.el9.2 (AXSA:2023-6478:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6478:03 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 8 : python-cryptography-3.2.1-6.el8 (AXSA:2023-7257:04)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-7257:04 advisory. python-cryptography: memory corruption via immutable objects CVE-2023-23931 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : python-2.7.5-94.0.1.el7.AXS7 (AXSA:2023-6577:43)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6577:43 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 8 : python-pillow-5.1.1-12.el8 (AXSA:2020-528:03)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-528:03 advisory. python-pillow: out-of-bounds reads/writes in the parsing of SGI image files in expandrow/expandrow2 CVE-2020-11538 python-pillow: out-of-bounds read ...

MiracleLinux 8 : python3.12-3.12.5-2.el8_10 (AXSA:2024-8842:07)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8842:07 advisory. python: incorrect IPv4 and IPv6 private ranges CVE-2024-4032 cpython: python: email module doesn't properly quotes newlines in email headers, allowi...

MiracleLinux 8 : python39:3.9 and python39-devel:3.9 (AXSA:2024-8950:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8950:01 advisory. python: cpython: tarfile: ReDos via excessive backtracking while parsing header values CVE-2024-6232 Tenable has extracted the preceding description block...

MiracleLinux 7 : python-twisted-web-12.1.0-7.el7 (AXSA:2020-025:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-025:01 advisory. python-twisted: HTTP request smuggling when presented with two Content-Length headers CVE-2020-10108 python-twisted: HTTP request smuggling when...

MiracleLinux 9 : python3.11-urllib3-1.26.12-2.el9_5.2 (AXSA:2024-9498:06)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-9498:06 advisory. urllib3: Request body not stripped after redirect from 303 status changes request method to GET CVE-2023-45803 Tenable has extracted the preceding descriptio...