USN-7348-1: Python vulnerabilities

🗓️ 12 Mar 2025 14:36:24Reported by UbuntuType

ubuntu

ubuntu🔗 ubuntu.com👁 87 Views

Python vulnerabilities can lead to security issues in specific Ubuntu versions for IP and path handling.

Reporter	Title	Published	Views	Family All 1241
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Rapid Infrastructure Automation	28 May 202514:39	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM API Connect	15 Mar 202500:18	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge v5.1.1 is vulnerable to multiple Operator package issues	2 Apr 202517:43	–	ibm
IBM Security Bulletins	Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to regular expression DoS and command injection due to the python package (CVE-2024-6232, CVE-2024-9287)	23 Jul 202516:09	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates	4 Dec 202410:17	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Base OS issues	27 Sep 202422:50	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Maximo Application Suite - Iot Component uses axios 1.7.9 and Python-3.8.17 which is vulnerable to CVE-2023-40217, CVE-2024-6232, CVE-2022-40897, CVE-2024-6345, CVE-2023-5752 and CVE-2025-27152	25 Jun 202508:00	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps	25 Jun 202513:52	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to multiple Base OS issues	28 Aug 202521:17	–	ibm
IBM Security Bulletins	Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to several issues due to the Python package (CVE-2024-6232, CVE-2024-7592, CVE-2024-7592)	23 Jul 202513:31	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
Ubuntu	16.04	any	idle-python3.5	3.5.2-2ubuntu0~16.04.13+esm16	idle-python3.5_3.5.2-2ubuntu0~16.04.13+esm16_any.deb
Ubuntu	14.04	any	idle-python3.5	3.5.2-2ubuntu0~16.04.4~14.04.1+esm4	idle-python3.5_3.5.2-2ubuntu0~16.04.4~14.04.1+esm4_any.deb
Ubuntu	20.04	any	idle-python3.8	3.8.10-0ubuntu1~20.04.16	idle-python3.8_3.8.10-0ubuntu1~20.04.16_any.deb
Ubuntu	16.04	any	libpython3.5	3.5.2-2ubuntu0~16.04.13+esm16	libpython3.5_3.5.2-2ubuntu0~16.04.13+esm16_any.deb
Ubuntu	14.04	any	libpython3.5	3.5.2-2ubuntu0~16.04.4~14.04.1+esm4	libpython3.5_3.5.2-2ubuntu0~16.04.4~14.04.1+esm4_any.deb
Ubuntu	16.04	any	libpython3.5-dev	3.5.2-2ubuntu0~16.04.13+esm16	libpython3.5-dev_3.5.2-2ubuntu0~16.04.13+esm16_any.deb
Ubuntu	14.04	any	libpython3.5-dev	3.5.2-2ubuntu0~16.04.4~14.04.1+esm4	libpython3.5-dev_3.5.2-2ubuntu0~16.04.4~14.04.1+esm4_any.deb
Ubuntu	16.04	any	libpython3.5-minimal	3.5.2-2ubuntu0~16.04.13+esm16	libpython3.5-minimal_3.5.2-2ubuntu0~16.04.13+esm16_any.deb
Ubuntu	14.04	any	libpython3.5-minimal	3.5.2-2ubuntu0~16.04.4~14.04.1+esm4	libpython3.5-minimal_3.5.2-2ubuntu0~16.04.4~14.04.1+esm4_any.deb
Ubuntu	16.04	any	libpython3.5-stdlib	3.5.2-2ubuntu0~16.04.13+esm16	libpython3.5-stdlib_3.5.2-2ubuntu0~16.04.13+esm16_any.deb

12 Mar 2025 14:36Current

7.5High risk

Vulners AI Score7.5

CVSS 3.17.5 - 7.8

CVSS 46.3

EPSS0.01639

SSVC

python vulnerabilities ubuntu security server-side request forgery virtual environment security ip address parsing