Astra Linux - уязвимость в python3.7

A issue was discovered in the CPython tempfile.TemporaryDirectory class, affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, 3.8.18, and earlier versions. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means that users who can...

MiracleLinux 8 : python3-3.6.8-62.el8.ML.1 (AXSA:2024-8353:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8353:03 advisory. python: Path traversal on tempfile.TemporaryDirectory CVE-2023-6597 python: The zipfile module is vulnerable to zip-bombs leading to denial of servi...

MiracleLinux 7 : python3-3.6.8-21.0.1.el7.AXS7 (AXSA:2024-8626:04)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8626:04 advisory. CVE-2023-6597: prevent tempfile.TemporaryDirectory class dereference symlinks CVEs: CVE-2023-6597 Tenable has extracted the preceding description block...

Linux Distros Unpatched Vulnerability : CVE-2023-6597

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The...

CLSA-2025-1740645307 Fix CVE(s): CVE-2023-6597

SECURITY UPDATE: Ability to modify permissions with privileged programs - debian/patches/CVE-2023-6597.patch: Prevent tempfile.TemporaryDirectory class dereference symlinks - CVE-2023-6597...

CLSA-2025-1740479778 python3.11: Fix of CVE-2023-6597

CVE-2023-6597: fix symlink dereferencing in TemporaryDirectory cleanup process...

BIT-PYTHON-MIN-2023-6597

An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged...

BIT-PYTHON-2023-6597

An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.10)

The version of AOS installed on the remote host is prior to 6.10. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.10 advisory. - squashfsopendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. ...

OESA-2024-2193 python3 security update

Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...

OESA-2024-2191 python3 security update

Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...

OESA-2024-2190 python3 security update

Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...

python: Path traversal on tempfile.TemporaryDirectory

A flaw was found in the tempfile.TemporaryDirectory class in python3/cpython3. The class may dereference symbolic links during permission-related errors, resulting in users that run privileged programs being able to modify permissions of files referenced by the symbolic link...

EulerOS Virtualization 2.11.0 : python3 (EulerOS-SA-2024-2198)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18...

ROS-20240709-02

Vulnerability in the tempfile.TemporaryDirectory component of the Python programming language interpreter CPython is related to dereferencing symbolic links while clearing permission-related errors. Exploitation of the vulnerability could allow an attacker to increase their privileges...

CLSA-2024-1720548714 python3: Fix of CVE-2023-6597

CVE-2023-6597: prevent tempfile.TemporaryDirectory class dereference symlinks...

CLSA-2024-1720548691 python3: Fix of 2 CVEs

CVE-2023-6597: Prevent tempfile.TemporaryDirectory class dereference symlinks - CVE-2024-0450: Make zipfile module reject zip archives which overlap entries in the archive. Prevent “quoted-overlap” zip-bombs exploit...

CLSA-2024-1720547879 python3.9: Fix of CVE-2023-6597

CVE-2023-6597: prevent tempfile.TemporaryDirectory class dereference symlinks - Fix expat regression tests for xmletree...

CLSA-2024-1720178532 python3: Fix of 2 CVEs

CVE-2023-6597: Prevent tempfile.TemporaryDirectory class dereference symlinks - CVE-2024-0450: Make zipfile module reject zip archives which overlap entries in the archive. Prevent “quoted-overlap” zip-bombs exploit...

An issue was found in the CPython `tempfile.TemporaryDirectory` class affecting versions 3.12.1 3.11.7 3.10.13 3.9.18 and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged programs are potentially able to modify permissions of files referenced by symlinks in some circumstances.

...