EulerOS Virtualization 2.10.1 : python3 (EulerOS-SA-2026-1141)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : There is a defect in the CPython 'tarfile' module affecting the 'TarFile' extraction and entry enumeration APIs. The tar...

EulerOS Virtualization 2.10.0 : python3 (EulerOS-SA-2026-1192)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : There is a defect in the CPython 'tarfile' module affecting the 'TarFile' extraction and entry enumeration APIs. The tar...

MiracleLinux 8 : python27:2.7 (AXSA:2021-1555:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1555:01 advisory. python: infinite loop in the tarfile module via crafted TAR archive CVE-2019-20907 python-pip: directory traversal in downloadhttpurl function in...

MiracleLinux 8 : python3-3.6.8-31.el8 (AXSA:2021-1204:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1204:01 advisory. python: XSS vulnerability in the documentation XML-RPC server in servertitle field CVE-2019-16935 python: infinite loop in the tarfile module via...

EulerOS 2.0 SP10 : python3 (EulerOS-SA-2026-1057)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : There is a defect in the CPython 'tarfile' module affecting the 'TarFile' extraction and entry enumeration APIs. The tar implementation would...

MiracleLinux 8 : python39:3.9 (AXSA:2025-10818:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10818:01 advisory. setuptools: Path Traversal Vulnerability in setuptools PackageIndex CVE-2025-47273 cpython: Cpython infinite loop when parsing a tarfile...

EulerOS Virtualization 2.13.1 : python3 (EulerOS-SA-2025-2628)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the...

EulerOS 2.0 SP11 : python3 (EulerOS-SA-2025-2469)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself ...

RLSA-2025:15010 Moderate: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

Moderate: python39:3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

Moderate: Red Hat Security Advisory: python3.12 security update

An update for python3.12 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

AZL-6825 CVE-2019-20907 affecting package python2 for versions less than 2.7.18-8

In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because procpax lacks header validation...