MiracleLinux 8 : nodejs:10 (AXSA:2021-1501:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1501:01 advisory. libuv: buffer overflow in realpath CVE-2020-8252 nodejs-npm-user-validate: improper input validation when validating user emails leads to ReDoS...

AlmaLinux 8 : python39:3.9 (ALSA-2025:23530)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23530 advisory. python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used CVE-2024-5642 python: Virtual environment venv activation scripts don't...

RockyLinux 8 : python39:3.9 (RLSA-2025:23530)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:23530 advisory. python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used CVE-2024-5642 python: Virtual environment venv activation scripts don'...

Important: python39:3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

EUVD-2006-0051

Malware in sbrugna...

EUVD-2018-6821

Malware in sbrugna...

EUVD-2020-29122

Malware in sbrugna...

EUVD-2009-1144

Malware in sbrugna...

EUVD-2018-0059

Malware in sbrugna...

EUVD-2021-27188

Malware in sbrugna...

EUVD-2018-3276

Malware in sbrugna...

python3.12 security update

An update is available for python3.12. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming languag...

RLSA-2025:10148 Important: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

RockyLinux 9 : python3.11 (RLSA-2025:10148)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:10148 advisory. cpython: Tarfile extracts filtered members when errorlevel=0 CVE-2025-4435 cpython: Bypass extraction filter to modify file metadata outside extraction...

RockyLinux 9 : python3.12 (RLSA-2025:10189)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:10189 advisory. cpython: Tarfile extracts filtered members when errorlevel=0 CVE-2025-4435 cpython: Bypass extraction filter to modify file metadata outside extraction...

RLSA-2025:10140 Important: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

Linux Distros Unpatched Vulnerability : CVE-2018-14338

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realpath function on POSIX platforms other than Apple platforms where glibc is not used, possib...

Arbitrary writes via tarfile realpath overflow

...

python: cpython: Arbitrary writes via tarfile realpath overflow

A flaw was found in the CPython tarfile module. This vulnerability allows arbitrary filesystem writes outside the extraction directory via extracting untrusted tar archives using the TarFile.extractall or TarFile.extract methods with the extraction filter parameter set to "data" or "tar"...

python: cpython: Arbitrary writes via tarfile realpath overflow

A flaw was found in the CPython tarfile module. This vulnerability allows arbitrary filesystem writes outside the extraction directory via extracting untrusted tar archives using the TarFile.extractall or TarFile.extract methods with the extraction filter parameter set to "data" or "tar"...