MiracleLinux 7 : python-virtualenv-15.1.0-7.el7 (AXSA:2022-3284:03)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3284:03 advisory. python-pip: directory traversal in downloadhttpurl function in src/pip/internal/download.py CVE-2019-20916 Tenable has extracted the preceding description...

MiracleLinux 8 : python39:3.9 and python39-devel:3.9 (AXSA:2024-8498:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8498:01 advisory. python39:3.9/python39: python: Path traversal on tempfile.TemporaryDirectory CVE-2023-6597 python39:3.9/python39: python: The zipfile module is...

MiracleLinux 9 : python3.11-PyMySQL-1.0.2-2.el9 (AXSA:2024-9378:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9378:02 advisory. python-pymysql: SQL injection if used with untrusted JSON input CVE-2024-36039 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : python-cryptography-36.0.1-4.el9 (AXSA:2023-6725:03)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-6725:03 advisory. python-cryptography: memory corruption via immutable objects CVE-2023-23931 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : python39:3.9 and python39-devel:3.9 (AXSA:2022-3597:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3597:01 advisory. python-lxml: HTML Cleaner allows crafted and SVG embedded scripts to pass through CVE-2021-43818 Tenable has extracted the preceding description block direct...

MiracleLinux 8 : python3.11-3.11.2-2.el8.2 (AXSA:2023-6479:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6479:04 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 9 : python3.11-3.11.7-1.el9_4.6 (AXSA:2024-8944:24)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8944:24 advisory. python: cpython: tarfile: ReDos via excessive backtracking while parsing header values CVE-2024-6232 Tenable has extracted the preceding description block...

MiracleLinux 8 : python-lxml-4.2.3-2.el8 (AXSA:2021-1839:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-1839:01 advisory. python-lxml: mXSS due to the use of improper parser CVE-2020-27783 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : python39:3.9 and python39-devel:3.9 (AXSA:2023-6552:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6552:01 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 9 : python3.11-3.11.7-1.el9_4.1 (AXSA:2024-8483:16)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8483:16 advisory. python: Path traversal on tempfile.TemporaryDirectory CVE-2023-6597 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : python38:3.8 and python38-devel:3.8 (AXSA:2022-2898:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-2898:01 advisory. python-psutil: Double free because of refcount mishandling CVE-2019-18874 python-jinja2: ReDoS vulnerability in the urlize filter CVE-2020-28493...

MiracleLinux 7 : rh-python38 (AXSA:2021-2383:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2383:01 advisory. python-cryptography: Bleichenbacher timing oracle attack against RSA decryption CVE-2020-25659 python: Unsafe use of eval on data retrieved via HTTP...

MiracleLinux 8 : python27:2.7 (AXSA:2021-2829:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2829:01 advisory. python: Unsafe use of eval on data retrieved via HTTP in the test suite CVE-2020-27619 python-jinja2: ReDoS vulnerability in the urlize filter...

MiracleLinux 8 : python3-3.6.8-45.el8.ML.1 (AXSA:2022-3487:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3487:01 advisory. python: ftplib should not use the host from the PASV response CVE-2021-4189 python: urllib: HTTP client possible infinite loop on a 100 Continue...

Debian dla-4445 : idle-python3.9 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4445 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4445-1 [email protected]...

MiracleLinux 9 : python3.9-3.9.14-1.el9.2 (AXSA:2023-5191:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5191:01 advisory. Python: CPU denial of service via inefficient IDNA decoder CVE-2022-45061 Tenable has extracted the preceding description block directly from the MiracleLinu...

MiracleLinux 8 : python27:2.7, scipy-1.0.0-21.module+el8+1607+03a96af2 (AXSA:2023-5943:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5943:01 advisory. Python: CPU denial of service via inefficient IDNA decoder CVE-2022-45061 Tenable has extracted the preceding description block directly from the MiracleLinu...

CVE-2025-56005

An undocumented and unsafe feature in the PLY Python Lex-Yacc library 3.11 allows Remote Code Execution RCE via the picklefile parameter in the yacc function. This parameter accepts a .pkl file that is deserialized with pickle.load without validation. Because pickle allows execution of embedded...

Security update for python-weasyprint (important)

openSUSE Security Update: Security update for python-weasyprint Announcement ID: openSUSE-SU-2026:0026-1 Rating: important References: 1256936 Cross-References: CVE-2025-68616 CVSS scores: CVE-2025-68616 SUSE: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: openSUSE Backports...

Security update for python-weasyprint (important)

openSUSE Security Update: Security update for python-weasyprint Announcement ID: openSUSE-SU-2026:0024-1 Rating: important References: 1256936 Cross-References: CVE-2025-68616 CVSS scores: CVE-2025-68616 SUSE: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: openSUSE Backports...