EulerOS 2.0 SP11 : python3 (EulerOS-SA-2026-1616)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The 'zipfile' module would not check the validity of the ZIP64 End ofCentral Directory EOCD Locator record offset value would not be used to loca...

EulerOS 2.0 SP11 : python3 (EulerOS-SA-2026-1588)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The 'zipfile' module would not check the validity of the ZIP64 End ofCentral Directory EOCD Locator record offset value would not be used to loca...

EulerOS 2.0 SP12 : python3 (EulerOS-SA-2026-1407)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic...

Security update for python

This update for python fixes the following issues: CVE-2025-8291: check validity of the ZIP64 End of Central Directory EOCD in the 'zipfile' module bsc1251305. CVE-2025-12084: prevent quadratic behavior in node ID cache clearing bsc1254997. CVE-2025-13836: prevent reading an HTTP response from a...

SUSE SLES15 Security Update : python311 (SUSE-SU-2025:4257-2)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4257-2 advisory. Update to 3.11.14: - CVE-2025-6075: Fixed simple quadratic complexity vulnerabilities of os.path.expandvars bsc1252974 -...

SUSE-SU-2025:4352-1 Security update for python310

This update for python310 fixes the following issues: Update to 3.10.19: - CVE-2025-6075: Fixed simple quadratic complexity vulnerabilities of os.path.expandvars. bsc1252974 - CVE-2025-8291: Check the validity the ZIP64 End of Central Directory EOCD. bsc1251305...

openSUSE Security Advisory (SUSE-SU-2025:4313-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 / openSUSE 15 Security Update : python (SUSE-SU-2025:4313-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:4313-1 advisory. - CVE-2025-8291: Check the validity the ZIP64 End of Central Directory EOCD. bsc1251305 Tenable has extracted the preceding description...

USN-7886-2 python3.13 vulnerabilities

USN-7886-1 fixed vulnerabilities in Python. This update provides the corresponding updates for python3.13 in Ubuntu 25.04 and Ubuntu 25.10. Original advisory details: It was discovered that Python inefficiently handled expanding system environment variables. An attacker could possibly use this...

SUSE-SU-2025:4221-1 Security update for python39

This update for python39 fixes the following issues: Updated to 3.9.24: - CVE-2025-6075: Fixed simple quadratic complexity vulnerabilities of os.path.expandvars bsc1252974 - CVE-2025-8291: Fixed validity of the ZIP64 End of Central Directory EOCD not checked by the 'zipfile' module bsc1251305...

Amazon Linux 2023 : python3.13, python3.13-devel, python3.13-freethreading (ALAS2023-2025-1235)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1235 advisory. The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record...

Python 'zipfile' Module Vulnerability (Oct 2025) - Linux

Python is prone to a vulnerability in the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescription...

Python 'zipfile' Module Vulnerability (Oct 2025) - Mac OS X

Python is prone to a vulnerability in the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescription...

CVE-2025-8291

The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create Z...