Medium: nodejs24

Issue Overview: @isaacs/brace-expansion is a hybrid CJS/ESM TypeScript fork of brace-expansion. Prior to version 5.0.1, @isaacs/brace-expansion is vulnerable to a denial of service DoS issue caused by unbounded brace range expansion. When an attacker provides a pattern containing repeated numeric...

MiracleLinux 8 : nodejs:20 (AXSA:2024-8725:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8725:01 advisory. node-tar: denial of service while parsing a tar file due to lack of folders depth validation CVE-2024-28863 nodejs: Bypass network import restrictio...

SUSE-SU-2025:02802-1 Security update for python3

This update for python3 fixes the following issues: - CVE-2025-6069: Fixed worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser bsc1244705 - CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets bsc1247249 Other fixes: -...

Security update for python311

This update for python311 fixes the following issues: CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets bsc1247249. CVE-2025-6069: Avoid worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser bsc1244705. CVE-2025-4435:...