MiracleLinux 7 : python-idna-2.4-1.0.1.el7.AXS7 (AXSA:2025-11498:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-11498:01 advisory. CVE-2024-3651: more efficient resolution of joiner contexts in idna library to avoid quadratic complexity that leads to a DoS condition CVEs: CVE-2024-3651 ...

MiracleLinux 9 : python3.12-3.12.9-1.el9_6.1 (AXSA:2025-10625:08)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10625:08 advisory. cpython: Tarfile extracts filtered members when errorlevel=0 CVE-2025-4435 cpython: Bypass extraction filter to modify file metadata outside...

MiracleLinux 9 : python3.12-cryptography-41.0.7-2.el9_6.1 (AXSA:2025-10844:02)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-10844:02 advisory. python-cryptography: NULL pointer dereference with pkcs12.serializekeyandcertificates when called with a non-matching certificate and private key and an...

MiracleLinux 8 : python39:3.9 (AXSA:2025-9939:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9939:01 advisory. modwsgi: Trusted Proxy Headers Removing Bypass CVE-2022-2255 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 9 : python-requests-2.25.1-10.el9_6 (AXSA:2025-10695:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10695:03 advisory. requests: Requests vulnerable to .netrc credentials leak via malicious URLs CVE-2024-47081 Tenable has extracted the preceding description block directly fr...

MiracleLinux 8 : python3.12-3.12.11-1.el8_10 (AXSA:2025-10429:06)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10429:06 advisory. cpython: Tarfile extracts filtered members when errorlevel=0 CVE-2025-4435 cpython: Bypass extraction filter to modify file metadata outside...

MiracleLinux 8 : python3.12-setuptools-68.2.2-5.el8_10 (AXSA:2025-10501:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10501:01 advisory. setuptools: Path Traversal Vulnerability in setuptools PackageIndex CVE-2025-47273 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : python3.9-3.9.21-2.el9_6.2 (AXSA:2025-10822:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10822:03 advisory. cpython: Cpython infinite loop when parsing a tarfile CVE-2025-8194 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : python3.11-3.11.13-2.el8_10 (AXSA:2025-10802:08)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10802:08 advisory. cpython: Cpython infinite loop when parsing a tarfile CVE-2025-8194 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : python39:3.9 (AXSA:2025-10818:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10818:01 advisory. setuptools: Path Traversal Vulnerability in setuptools PackageIndex CVE-2025-47273 cpython: Cpython infinite loop when parsing a tarfile...

MiracleLinux 9 : python3.12-3.12.9-1.el9_6.2 (AXSA:2025-10825:11)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10825:11 advisory. cpython: Cpython infinite loop when parsing a tarfile CVE-2025-8194 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : python-jinja2-2.10.1-6.el8_10 (AXSA:2025-9599:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-9599:02 advisory. jinja2: Jinja has a sandbox breakout through indirect reference to format method CVE-2024-56326 Tenable has extracted the preceding description block directl...

MiracleLinux 9 : python-jinja2-2.11.3-7.el9_5 (AXSA:2025-9579:01)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-9579:01 advisory. jinja2: Jinja has a sandbox breakout through indirect reference to format method CVE-2024-56326 Tenable has extracted the preceding description block directl...

MiracleLinux 7 : python-jinja2-2.7.2-4.0.1.el7.AXS7 (AXSA:2025-11572:05)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-11572:05 advisory. CVE-2024-56326: fix format string vulnerability impacting users of applications which execute untrusted template CVEs: CVE-2024-56326 Jinja is an extensible...

MiracleLinux 9 : python3.9-3.9.25-2.el9_7 (AXSA:2025-11589:05)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11589:05 advisory. python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used CVE-2024-5642 cpython: Python HTMLParser quadratic complexity...

MiracleLinux 8 : python39:3.9 (AXSA:2025-11636:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11636:01 advisory. python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used CVE-2024-5642 python: Virtual environment venv activation scripts...

MiracleLinux 9 : lasso-2.7.0-11.el9.3 (AXSA:2025-11104:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11104:02 advisory. lasso: Type confusion in Entr'ouvert Lasso CVE-2025-47151 Tenable has extracted the preceding description block directly from the MiracleLinux security...

3m (>=0.1.0 <=0.1.3), aap-llamaindex (>=0.1.1.dev1 <=0.2.0) +347 more potentially affected by CVE-2024-14021 via llama-index (>=0.10.0 <=0.9.48)

llama-index PYPI version =0.10.0, =0.1.0, =0.1.1.dev1, =0.1.8, =0.0.2, =1.4.3, =0.1.0a0.dev0, =0.2.0a0, =0.1.0, =0.1.0a1, =0.0.1, =1.1.0, =3.0.0, =3.1.14 and more Source cves: CVE-2024-14021 Source advisory: SNYK:PYTHON-LLAMAINDEX-14917171...

3m (>=0.1.0 <=0.1.3), aap-llamaindex (>=0.1.1.dev1 <=0.2.0) +347 more potentially affected by CVE-2024-58339 via llama-index (>=0.10.0 <=0.9.48)

llama-index PYPI version =0.10.0, =0.1.0, =0.1.1.dev1, =0.1.8, =0.0.2, =1.4.3, =0.1.0a0.dev0, =0.2.0a0, =0.1.0, =0.1.0a1, =0.0.1, =1.1.0, =3.0.0, =3.1.14 and more Source cves: CVE-2024-58339 Source advisory: SNYK:PYTHON-LLAMAINDEX-14917160...

MAL-2026-237 Malicious code in formater (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 71f6a751b5ff98dceeee5863086a2d9988640b93d96ccef9d50fb0d0d1dd116c During importing the package automatically downloads a script that uses a Telegram bot to perform remote control over the computer --- Category: MALICIOUS - Th...