AlmaLinux 8 : python36:3.6 (ALSA-2025:8419)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:8419 advisory. python-pymongo: Out-of-bounds read in bson module CVE-2024-5629 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory...

python311-3.11.12-4.1 on GA media (moderate)

python311-3.11.12-4.1 on GA media Announcement ID: openSUSE-SU-2025:15191-1 Rating: moderate Cross-References: CVE-2025-4516 CVSS scores: CVE-2025-4516 SUSE : 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-4516 SUSE : 5.9...

Fedora 41 : python-tornado (2025-db6e9bb7fb)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-db6e9bb7fb advisory. This contains the backported fix for CVE-2024-52804 cookie parsing DoS vuln Tenable has extracted the preceding description block directly from the Fedora...

python312-3.12.10-4.1 on GA media (moderate)

python312-3.12.10-4.1 on GA media Announcement ID: openSUSE-SU-2025:15163-1 Rating: moderate Cross-References: CVE-2025-4516 CVSS scores: CVE-2025-4516 SUSE : 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-4516 SUSE : 5.9...

SUSE SLES15 Security Update : python-Django (SUSE-SU-2025:01523-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:01523-1 advisory. - CVE-2025-32873: Fixed denial-of-service possibility in striptags bsc1242210 Tenable has extracted the preceding description block directly from the...

Fedora: Security Advisory (FEDORA-2024-9283a3b879)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHSA-2025:7536 Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (python-h11) security update

Bulletin has no description...

RLSA-2024:4260 Moderate: python-idna security update

The hsakmt packages include a thunk library for AMD's Heterogeneous System Architecture HSA Linux kernel driver amdkfd. Security Fixes: python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651 For more details about the security issues, includi...

[BSA-123] Security Update for python-django

Colin Watson uploaded new packages for python-django which fixed the following security problems: CVE-2025-26699 Potential denial-of-service vulnerability in django.utils.text.wrap. The wrap method and wordwrap template filter were subject to a potential denial-of-service attack when used with ve...

Medium: python

Issue Overview: Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. dot dot sequence in filenames in a TAR archive, a related issue to CVE-2001-1267. CVE-2007-4559...

SUSE-SU-2025:0514-1 Security update for python

This update for python fixes the following issues: - CVE-2025-0938: functions urllib.parse.urlsplit and urlparse accept domain names including square brackets bsc1236705...

SUSE-SU-2024:4429-1 Security update for python-grpcio

This update for python-grpcio fixes the following issues: - CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 - CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919...

[SECURITY] Fedora 41 Update: python3.13-3.13.1-2.fc41

Python 3.13 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries...

Medium: python-pip

Issue Overview: Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to th...

Medium: python3

Issue Overview: The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which...

SUSE-SU-2024:3810-1 Security update for python-Werkzeug

This update for python-Werkzeug fixes the following issues: - CVE-2024-49767: Fixed possible resource exhaustion when parsing file data in forms bsc1232449...

Medium: python-dns

Issue Overview: eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. In other words, dnspython does not have the preferred...

Security update for python-Django (important)

openSUSE Security Update: Security update for python-Django Announcement ID: openSUSE-SU-2024:0282-1 Rating: important References: 1229823 1229824 Cross-References: CVE-2024-45230 CVE-2024-45231 CVSS scores: CVE-2024-45230 SUSE: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2024-45231 SUSE...

Security update for python-Django (important)

openSUSE Security Update: Security update for python-Django Announcement ID: openSUSE-SU-2024:0272-1 Rating: important References: 1228629 1228630 1228631 1228632 Cross-References: CVE-2024-41989 CVE-2024-41990 CVE-2024-41991 CVE-2024-42005 CVSS scores: CVE-2024-41989 NVD : 7.5...

Security update for python-nltk (important)

openSUSE Security Update: Security update for python-nltk Announcement ID: openSUSE-SU-2024:0221-1 Rating: important References: 1227174 Cross-References: CVE-2024-39705 Affected Products: openSUSE Backports SLE-15-SP6 An update that fixes one vulnerability is now available. Description: This...