Lucene search
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLELINUX_ELSA-2024-2985.NASLHistoryMay 28, 2024 - 12:00 a.m.
Oracle Linux 8 : python39:3.9 / and / python39-devel:3.9 (ELSA-2024-2985)
2024-05-2800:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
18
oracle linux 8
mod_wsgi
vulnerabilities
elsa-2024-2985
python39
python39-devel
remote host
security advisory
package
rebuild
core dumped
file upload
fedora
python 3.9
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
8.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N
AI Score
8.4
Confidence
High
EPSS
0.016
Percentile
87.7%
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2985 advisory.
- Update to 3.5 to fix CVE-2014-0240 (#1101863)
- Fix CVE-2014-1858, CVE-2014-1859: #1062009, #1062359
- Security fix for CVE-2023-27043 Resolves: RHEL-5561
python3x-pip
- Fix for CVE-2022-40897 Resolves: RHEL-9764
- Fix CVE-2023-49083: NULL-dereference when loading PKCS7 certificates [Orabug: 36143834]
- Fix CVE-2023-23931: Don't allow update_into to mutate immutable objects,
- Security fix for CVE-2021-43818 Resolves: rhbz#2032569
- Security fix for CVE-2021-28957 Resolves: rhbz#1941534
- Fixes CVE-2020-27783 and another vulnerability in the HTML Cleaner
- Security fix for CVE-2023-32681 Resolves: rhbz#2209469
- Remove patch for CVE-2015-2296, now included in the upstream release.
- Backport fix for CVE-2015-2296.
- Security fix for CVE-2023-43804 Resolves: RHEL-11997
- Fix for CVE-2021-33503 Catastrophic backtracking in URL authority parser Resolves: rhbz#1968074
Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Oracle Linux Security Advisory ELSA-2024-2985.
##
include('compat.inc');
if (description)
{
script_id(197993);
script_version("1.2");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/07/09");
script_cve_id(
"CVE-2022-40897",
"CVE-2023-23931",
"CVE-2023-27043",
"CVE-2023-43804"
);
script_xref(name:"IAVA", value:"2023-A-0442");
script_name(english:"Oracle Linux 8 : python39:3.9 / and / python39-devel:3.9 (ELSA-2024-2985)");
script_set_attribute(attribute:"synopsis", value:
"The remote Oracle Linux host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the
ELSA-2024-2985 advisory.
- Update to 3.5 to fix CVE-2014-0240 (#1101863)
- Fix CVE-2014-1858, CVE-2014-1859: #1062009, #1062359
- Security fix for CVE-2023-27043
Resolves: RHEL-5561
python3x-pip
- Fix for CVE-2022-40897
Resolves: RHEL-9764
- Fix CVE-2023-49083: NULL-dereference when loading PKCS7 certificates [Orabug: 36143834]
- Fix CVE-2023-23931: Don't allow update_into to mutate immutable objects,
- Security fix for CVE-2021-43818
Resolves: rhbz#2032569
- Security fix for CVE-2021-28957
Resolves: rhbz#1941534
- Fixes CVE-2020-27783 and another vulnerability in the HTML Cleaner
- Security fix for CVE-2023-32681
Resolves: rhbz#2209469
- Remove patch for CVE-2015-2296, now included in the upstream release.
- Backport fix for CVE-2015-2296.
- Security fix for CVE-2023-43804
Resolves: RHEL-11997
- Fix for CVE-2021-33503 Catastrophic backtracking in URL authority parser
Resolves: rhbz#1968074
Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://linux.oracle.com/errata/ELSA-2024-2985.html");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:N");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-43804");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/12/13");
script_set_attribute(attribute:"patch_publication_date", value:"2024/05/24");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/05/28");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:linux:8:10:appstream_base");
script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:linux:8:9:appstream_base");
script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:linux:8::appstream");
script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:linux:8::codeready_builder");
script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:8");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-Cython");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-PyMySQL");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-attrs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-cffi");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-chardet");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-cryptography");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-debug");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-idle");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-idna");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-iniconfig");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-lxml");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-mod_wsgi");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-more-itertools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-numpy");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-numpy-doc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-numpy-f2py");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-packaging");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-pip");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-pip-wheel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-pluggy");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-ply");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-psutil");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-psycopg2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-psycopg2-doc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-psycopg2-tests");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-py");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-pybind11");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-pybind11-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-pycparser");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-pyparsing");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-pysocks");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-pytest");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-pyyaml");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-requests");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-rpm-macros");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-scipy");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-setuptools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-setuptools-wheel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-six");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-test");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-tkinter");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-toml");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-urllib3");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-wcwidth");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-wheel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python39-wheel-wheel");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Oracle Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/local_checks_enabled");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');
var os_release = get_kb_item("Host/RedHat/release");
if (isnull(os_release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:os_release)) audit(AUDIT_OS_NOT, 'Oracle Linux');
var os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');
os_ver = os_ver[1];
if (! preg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);
if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);
var module_ver = get_kb_item('Host/RedHat/appstream/python39');
if (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module python39:3.9');
if ('3.9' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module python39:' + module_ver);
var appstreams = {
'python39:3.9': [
{'reference':'python39-3.9.18-3.module+el8.10.0+90269+2fa22b99', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-Cython-0.29.21-5.module+el8.9.0+90016+9c2d6573', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-PyMySQL-0.10.1-2.module+el8.9.0+90016+9c2d6573', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-attrs-20.3.0-2.module+el8.9.0+90016+9c2d6573', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-cffi-1.14.3-2.module+el8.9.0+90016+9c2d6573', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-chardet-3.0.4-19.module+el8.9.0+90016+9c2d6573', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-cryptography-3.3.1-3.0.1.module+el8.10.0+90269+2fa22b99', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-debug-3.9.18-3.module+el8.10.0+90269+2fa22b99', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-devel-3.9.18-3.module+el8.10.0+90269+2fa22b99', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-idle-3.9.18-3.module+el8.10.0+90269+2fa22b99', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-idna-2.10-3.module+el8.9.0+90016+9c2d6573', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-iniconfig-1.1.1-2.module+el8.9.0+90016+9c2d6573', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-libs-3.9.18-3.module+el8.10.0+90269+2fa22b99', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-lxml-4.6.5-1.module+el8.9.0+90016+9c2d6573', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-mod_wsgi-4.7.1-7.module+el8.9.0+90016+9c2d6573', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-more-itertools-8.5.0-2.module+el8.9.0+90016+9c2d6573', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-numpy-1.19.4-3.module+el8.9.0+90016+9c2d6573', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-numpy-doc-1.19.4-3.module+el8.9.0+90016+9c2d6573', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-numpy-f2py-1.19.4-3.module+el8.9.0+90016+9c2d6573', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-packaging-20.4-4.module+el8.9.0+90016+9c2d6573', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-pip-20.2.4-9.module+el8.10.0+90269+2fa22b99', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-pip-wheel-20.2.4-9.module+el8.10.0+90269+2fa22b99', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-pluggy-0.13.1-3.module+el8.9.0+90016+9c2d6573', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-ply-3.11-10.module+el8.9.0+90016+9c2d6573', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-psutil-5.8.0-4.module+el8.9.0+90016+9c2d6573', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-psycopg2-2.8.6-3.module+el8.10.0+90269+2fa22b99', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-psycopg2-doc-2.8.6-3.module+el8.10.0+90269+2fa22b99', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-psycopg2-tests-2.8.6-3.module+el8.10.0+90269+2fa22b99', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-py-1.10.0-1.module+el8.9.0+90016+9c2d6573', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-pybind11-2.7.1-1.module+el8.9.0+90016+9c2d6573', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-pybind11-devel-2.7.1-1.module+el8.9.0+90016+9c2d6573', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-pycparser-2.20-3.module+el8.9.0+90016+9c2d6573', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-pyparsing-2.4.7-5.module+el8.9.0+90016+9c2d6573', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-pysocks-1.7.1-4.module+el8.9.0+90016+9c2d6573', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-pytest-6.0.2-2.module+el8.9.0+90016+9c2d6573', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-pyyaml-5.4.1-1.module+el8.9.0+90016+9c2d6573', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-requests-2.25.0-3.module+el8.9.0+90016+9c2d6573', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-rpm-macros-3.9.18-3.module+el8.10.0+90269+2fa22b99', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-scipy-1.5.4-5.module+el8.9.0+90016+9c2d6573', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-setuptools-50.3.2-5.module+el8.10.0+90269+2fa22b99', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-setuptools-wheel-50.3.2-5.module+el8.10.0+90269+2fa22b99', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-six-1.15.0-3.module+el8.9.0+90016+9c2d6573', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-test-3.9.18-3.module+el8.10.0+90269+2fa22b99', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-tkinter-3.9.18-3.module+el8.10.0+90269+2fa22b99', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-toml-0.10.1-5.module+el8.9.0+90016+9c2d6573', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-urllib3-1.25.10-5.module+el8.10.0+90269+2fa22b99', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-wcwidth-0.2.5-3.module+el8.9.0+90016+9c2d6573', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-wheel-0.35.1-4.module+el8.9.0+90016+9c2d6573', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'python39-wheel-wheel-0.35.1-4.module+el8.9.0+90016+9c2d6573', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'python39-3.9.18-3.module+el8.10.0+90269+2fa22b99', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-Cython-0.29.21-5.module+el8.9.0+90016+9c2d6573', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-cffi-1.14.3-2.module+el8.9.0+90016+9c2d6573', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-cryptography-3.3.1-3.0.1.module+el8.10.0+90269+2fa22b99', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-debug-3.9.18-3.module+el8.10.0+90269+2fa22b99', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-devel-3.9.18-3.module+el8.10.0+90269+2fa22b99', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-idle-3.9.18-3.module+el8.10.0+90269+2fa22b99', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-libs-3.9.18-3.module+el8.10.0+90269+2fa22b99', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-lxml-4.6.5-1.module+el8.9.0+90016+9c2d6573', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-mod_wsgi-4.7.1-7.module+el8.9.0+90016+9c2d6573', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-numpy-1.19.4-3.module+el8.9.0+90016+9c2d6573', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-numpy-f2py-1.19.4-3.module+el8.9.0+90016+9c2d6573', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-psutil-5.8.0-4.module+el8.9.0+90016+9c2d6573', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-psycopg2-2.8.6-3.module+el8.10.0+90269+2fa22b99', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-psycopg2-doc-2.8.6-3.module+el8.10.0+90269+2fa22b99', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-psycopg2-tests-2.8.6-3.module+el8.10.0+90269+2fa22b99', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-pybind11-2.7.1-1.module+el8.9.0+90016+9c2d6573', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-pybind11-devel-2.7.1-1.module+el8.9.0+90016+9c2d6573', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-pyyaml-5.4.1-1.module+el8.9.0+90016+9c2d6573', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-scipy-1.5.4-5.module+el8.9.0+90016+9c2d6573', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-test-3.9.18-3.module+el8.10.0+90269+2fa22b99', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python39-tkinter-3.9.18-3.module+el8.10.0+90269+2fa22b99', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}
]
};
var flag = 0;
var appstreams_found = 0;
foreach var module (keys(appstreams)) {
var appstream = NULL;
var appstream_name = NULL;
var appstream_version = NULL;
var appstream_split = split(module, sep:':', keep:FALSE);
if (!empty_or_null(appstream_split)) {
appstream_name = appstream_split[0];
appstream_version = appstream_split[1];
if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);
}
if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {
appstreams_found++;
foreach var package_array ( appstreams[module] ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = 'EL' + package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (reference && _release) {
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
}
}
if (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module python39:3.9');
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python39 / python39-Cython / python39-PyMySQL / etc');
}
Related
oraclelinux
oraclelinux
python39:3.9 and python39-devel:3.9 security update
2024-05-24 00:00:00
python3.11-cryptography security update
2024-01-18 00:00:00
python-cryptography security update
2024-03-20 00:00:00
almalinux
almalinux
Moderate: python39:3.9 and python39-devel:3.9 security update
2024-05-22 00:00:00
Moderate: python3.11-cryptography security update
2024-05-22 00:00:00
rocky
rocky
python39:3.9 and python39-devel:3.9 security update
2024-06-14 13:59:30
python-lxml security update
2021-11-09 08:26:20
osv
osv
Moderate: python39:3.9 and python39-devel:3.9 security update
2024-05-22 00:00:00
Moderate: python39:3.9 and python39-devel:3.9 security update
2024-06-14 13:59:30
python-cryptography vulnerabilities
2023-12-06 15:22:41
redhat
redhat
nessus
nessus
RHEL 8 : python39:3.9 and python39-devel:3.9 (RHSA-2024:2985)
2024-05-23 00:00:00
Rocky Linux 8 : python39:3.9 and python39-devel:3.9 (RLSA-2024:2985)
2024-06-14 00:00:00
openSUSE 15 Security Update : python-lxml (SUSE-SU-2022:3836-1)
2023-01-20 00:00:00
openvas
openvas
openSUSE: Security Advisory for python-lxml (openSUSE-SU-2022:0803-1)
2022-03-23 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:0803-1)
2022-03-11 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:0895-1)
2022-03-18 00:00:00
suse
suse
Security update for python-lxml (moderate)
2022-11-01 00:00:00
Security update for python-lxml (important)
2022-03-10 00:00:00
amazon
amazon
Important: python-lxml
2023-03-17 15:53:00
Low: numpy
2014-03-10 09:40:00
Medium: python-pip
2015-06-11 08:08:00
fedora
fedora
[SECURITY] Fedora 19 Update: numpy-1.7.2-8.fc19
2014-02-22 00:36:33
[SECURITY] Fedora 20 Update: numpy-1.8.0-4.fc20
2014-02-15 07:04:20
[SECURITY] Fedora 21 Update: python-requests-2.5.3-2.fc21
2015-03-29 04:51:40
securityvulns
securityvulns
python-numpy symbolic links vulnerability
2015-04-20 00:00:00
[ MDVSA-2015:077 ] python-numpy
2015-04-20 00:00:00
[USN-2531-1] Requests vulnerability
2015-03-18 00:00:00
mageia
mageia
Updated python-numpy packages fix security vulnerabilities
2014-02-21 22:16:13
Updated python-requests packages fix security vulnerability
2015-03-28 00:12:10
ibm
ibm
photon
photon
Moderate Photon OS Security Update - PHSA-2021-0072
2021-07-28 00:00:00
Moderate Photon OS Security Update - PHSA-2021-4.0-0072
2021-07-29 00:00:00
Important Photon OS Security Update - PHSA-2021-0266
2021-07-12 00:00:00
ubuntu
ubuntu
python-cryptography vulnerabilities
2023-12-06 00:00:00
Requests vulnerability
2015-03-16 00:00:00
lxml vulnerability
2020-12-09 00:00:00
cloudfoundry
cloudfoundry
USN-6539-1: python-cryptography vulnerabilities | Cloud Foundry
2024-04-04 00:00:00
gentoo
gentoo
lxml: Multiple Vulnerabilities
2022-08-10 00:00:00
cryptography: Multiple Vulnerabilities
2024-07-01 00:00:00
ubuntucve
ubuntucve
cve
cve
debiancve
debiancve
github
github
Python Requests Session Fixation
2022-05-13 01:11:23
lxml vulnerable to Cross-Site Scripting
2021-03-22 16:53:53
cvelist
cvelist
CVE-2015-2296
2015-03-18 16:00:00
CVE-2021-33503
2021-06-29 10:55:35
cbl_mariner
cbl_mariner
CVE-2021-33503 affecting package python-urllib3 1.25.9-2
2021-08-11 06:39:25
CVE-2020-27783 affecting package python-lxml 4.2.4-7
2021-08-11 06:39:25
prion
prion
Open redirect
2021-06-29 11:15:00
Cross site scripting
2021-03-21 05:15:00
Session fixation
2015-03-18 16:59:00
redos
redos
ROS-20220125-01
2022-01-25 00:00:00
redhatcve
redhatcve
CVE-2021-33503
2021-06-06 01:54:37
CVE-2023-49083
2023-12-20 11:10:52
alpinelinux
alpinelinux
CVE-2021-28957
2021-03-21 05:15:13
archlinux
archlinux
[ASA-202106-25] python-urllib3: denial of service
2021-06-09 00:00:00
nvd
nvd
CVE-2015-2296
2015-03-18 16:59:03
CVE-2014-1858
2018-01-08 19:29:00
cgr
cgr
CVE-2023-49083 vulnerabilities
2024-05-19 03:07:16
debian
debian
[SECURITY] [DLA 3331-1] python-cryptography security update
2023-02-22 20:00:30
[SECURITY] [DSA 4810-1] lxml security update
2020-12-13 18:19:20
[SECURITY] [DLA 2467-2] lxml regression update
2020-12-18 13:14:42
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
8.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N
AI Score
8.4
Confidence
High
EPSS
0.016
Percentile
87.7%
Related for ORACLELINUX_ELSA-2024-2985.NASL