MiracleLinux 9 : python-jinja2-2.11.3-8.el9_5 (AXSA:2025-9829:04)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-9829:04 advisory. jinja2: Jinja sandbox breakout through attr filter selecting format method CVE-2025-27516 Tenable has extracted the preceding description block directly from...

MiracleLinux 9 : python-requests-2.25.1-9.el9 (AXSA:2025-10115:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10115:02 advisory. requests: subsequent requests to the same host ignore cert verification CVE-2024-35195 Tenable has extracted the preceding description block directly from t...

MiracleLinux 9 : python3.11-3.11.11-2.el9_6.1 (AXSA:2025-10624:06)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10624:06 advisory. cpython: Tarfile extracts filtered members when errorlevel=0 CVE-2025-4435 cpython: Bypass extraction filter to modify file metadata outside...

MiracleLinux 8 : python3.12-3.12.11-1.el8_10 (AXSA:2025-10429:06)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10429:06 advisory. cpython: Tarfile extracts filtered members when errorlevel=0 CVE-2025-4435 cpython: Bypass extraction filter to modify file metadata outside...

MiracleLinux 9 : python-requests-2.25.1-10.el9_6 (AXSA:2025-10695:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10695:03 advisory. requests: Requests vulnerable to .netrc credentials leak via malicious URLs CVE-2024-47081 Tenable has extracted the preceding description block directly fr...

MiracleLinux 7 : libxml2-2.9.1-6.6.0.3.el7.AXS7 (AXSA:2025-9971:06)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9971:06 advisory. CVE-2025-32414: fix out-of-bounds memory access CVE-2025-32415: fix heap buffer overflow in xmlSchemaIDCFillNodeTables CVEs: CVE-2025-32414 In libxm...

MiracleLinux 9 : lasso-2.7.0-11.el9.3 (AXSA:2025-11104:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11104:02 advisory. lasso: Type confusion in Entr'ouvert Lasso CVE-2025-47151 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : idm:DL1 (AXSA:2025-11169:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11169:01 advisory. python-kdcproxy: Unauthenticated SSRF via Realm?Controlled DNS SRV CVE-2025-59088 python-kdcproxy: Remote DoS via unbounded TCP upstream buffering...

MiracleLinux 9 : python3.9-3.9.21-2.el9 (AXSA:2025-10382:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10382:01 advisory. python: cpython: URL parser allowed square brackets in domain names CVE-2025-0938 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : python-jinja2-2.7.2-4.0.1.el7.AXS7 (AXSA:2025-11572:05)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-11572:05 advisory. CVE-2024-56326: fix format string vulnerability impacting users of applications which execute untrusted template CVEs: CVE-2024-56326 Jinja is an extensible...

MiracleLinux 9 : python3.11-3.11.9-7.el9_5.3 (AXSA:2025-9841:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9841:01 advisory. cpython: python: Uncontrolled CPU resource consumption when in http.cookies module CVE-2024-7592 Tenable has extracted the preceding description block direct...

MiracleLinux 9 : python3.12-setuptools-68.2.2-5.el9_6 (AXSA:2025-10714:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10714:02 advisory. setuptools: Path Traversal Vulnerability in setuptools PackageIndex CVE-2025-47273 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : python-cryptography-36.0.1-5.el9_6 (AXSA:2025-10863:02)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-10863:02 advisory. python-cryptography: NULL-dereference when loading PKCS7 certificates CVE-2023-49083 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : python3.11-3.11.13-1.el8_10 (AXSA:2025-10428:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10428:04 advisory. cpython: Tarfile extracts filtered members when errorlevel=0 CVE-2025-4435 cpython: Bypass extraction filter to modify file metadata outside...

MiracleLinux 9 : python3.12-3.12.5-2.el9_5.3 (AXSA:2025-9842:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9842:01 advisory. cpython: python: Uncontrolled CPU resource consumption when in http.cookies module CVE-2024-7592 Tenable has extracted the preceding description block direct...

MiracleLinux 8 : python3.11-setuptools-65.5.1-4.el8_10 (AXSA:2025-10503:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10503:01 advisory. setuptools: Path Traversal Vulnerability in setuptools PackageIndex CVE-2025-47273 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : python-tornado-6.4.2-2.el9_6.2 (AXSA:2025-10491:02)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-10491:02 advisory. tornado: Tornado Multipart Form-Data Denial of Service CVE-2025-47287 Tenable has extracted the preceding description block directly from the MiracleLinux...

PT-2026-2765

Name of the Vulnerable Software and Affected Versions Azure Core shared client library for Python affected versions not specified Description The deserialization of untrusted data in the Azure Core shared client library for Python allows an authorized attacker to execute code over a network. This...

GuardDog 路径遍历漏洞

GuardDog is a CLI tool in GuardDog open source that allows identifying malicious PyPI packages. A path traversal vulnerability exists in GuardDog versions prior to 2.7.1, which stems from the presence of path traversal in the safeextract function, which could lead to arbitrary file overwriting an...

MiracleLinux 8 : python39:3.9 (AXSA:2025-9939:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9939:01 advisory. modwsgi: Trusted Proxy Headers Removing Bypass CVE-2022-2255 Tenable has extracted the preceding description block directly from the MiracleLinux security...