13 matches found
Oracle Linux 9 : python3.9 (ELSA-2026-18693)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-18693 advisory. - Security fixes for CVE-2026-4786 and CVE-2026-6100 Resolves: RHEL-167919, RHEL-168161 - Security fix for CVE-2026-4519 Resolves: RHEL-158117 Tenable has...
CLSA-2026-1777660524 python3.11: Fix of CVE-2026-6100
CVE-2026-6100 fix use-after-free in lzma/bz2 decompressor by clearing the dangling nextin pointer after MemoryError so a re-used decompressor cannot read or write through a stale buffer pointer...
CLSA-2026-1777568294 python2: Fix of CVE-2026-6100
CVE-2026-6100: defensively null bzs-nextin on the error path of BZ2Decompdecompress to align with upstream; the UAF window does not exist in Python 2.7 nextin is reassigned at function entry, lzma/gzip are not C extensions...
Oracle Linux 9 : python3.9 (ELSA-2026-10949)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-10949 advisory. - Security fixes for CVE-2026-4786 and CVE-2026-6100 Resolves: RHEL-168157, RHEL-167915 - Security fix for CVE-2026-4519 Resolves: RHEL-158052 Tenable...
Oracle Linux 9 : python3.11 (ELSA-2026-10774)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-10774 advisory. 3.11.13-5.3.0.1 - Remove upstream URL reference Orabug: 36073032 3.11.13-5.3 - Security fixes for CVE-2026-4786, CVE-2026-6100 Resolves: RHEL-167913,...
Oracle Linux 9 : python3.12 (ELSA-2026-10745)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-10745 advisory. - Security fixes for CVE-2026-4786, CVE-2026-6100 Resolves: RHEL-168156, RHEL-167914 - Security fix for CVE-2026-4519 Resolves: RHEL-158051 Tenable ha...
python3.11 security update
3.11.13-7.0.1 - Update rpm-macros description Orabug: 36024572 3.11.13-7 - Security fixes for CVE-2026-4786, CVE-2026-6100 Resolves: RHEL-168129, RHEL-167891...
python3.11 security update
3.11.13-5.3.0.1 - Remove upstream URL reference Orabug: 36073032 3.11.13-5.3 - Security fixes for CVE-2026-4786, CVE-2026-6100 Resolves: RHEL-167913, RHEL-168155...
Fedora 45 : python3.14 (2026-382df0cfce)
The remote Fedora 45 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-382df0cfce advisory. Automatic update for python3.14-3.14.4-2.fc45. Changelog Thu Apr 16 2026 Charalampos Stratakis - 3.14.4-2 - Security fixes for CVE-2026-1502,...
[SECURITY] [DLA 4532-1] python3.9 regression and security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4532-1 [email protected] https://www.debian.org/lts/security/ Arnaud Rebillout April 15, 2026 https://wiki.debian.org/LTS -...
BELL-CVE-2026-6100
Bulletin has no description...
DEBIAN-CVE-2026-6100
Use-after-free UAF was possible in the lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile when a memory allocation fails with a MemoryError and the decompression instance is re-used. This scenario can be triggered if the process is under memory pressure. The fix cleans up the dangling...
Linux Distros Unpatched Vulnerability : CVE-2026-6100
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free UAF was possible in the lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile when a memory allocation fails with a MemoryError and the...