CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/SC:N/VI:N/SI:N/VA:H/SA:N/S:N/AU:N/R:U/RE:L
An update is available for python3.12.
This update affects Rocky Linux 8.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.12 package provides the “python3.12” executable: the reference interpreter for the Python language, version 3. The majority of its standard library is provided in the python3.12-libs package, which should be installed automatically along with python3.12. The remaining parts of the Python standard library are broken out into the python3.12-tkinter and python3.12-test packages, which may need to be installed separately. Documentation for Python is provided in the python3.12-docs package. Packages containing additional libraries for Python are generally named with the “python3.12-” prefix. For the unversioned “python” executable, see manual page “unversioned-python”.
Security Fix(es):
python: incorrect IPv4 and IPv6 private ranges (CVE-2024-4032)
cpython: python: email module doesn’t properly quotes newlines in email headers, allowing header injection (CVE-2024-6923)
python: cpython: Iterating over a malicious ZIP file may lead to Denial of Service (CVE-2024-8088)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
rocky | 8 | aarch64 | python3.12 | < 3.12.5-2.el8_10 | python3.12-0:3.12.5-2.el8_10.aarch64.rpm |
rocky | 8 | i686 | python3.12 | < 3.12.5-2.el8_10 | python3.12-0:3.12.5-2.el8_10.i686.rpm |
rocky | 8 | x86_64 | python3.12 | < 3.12.5-2.el8_10 | python3.12-0:3.12.5-2.el8_10.x86_64.rpm |
rocky | 8 | aarch64 | python3.12-debug | < 3.12.5-2.el8_10 | python3.12-debug-0:3.12.5-2.el8_10.aarch64.rpm |
rocky | 8 | i686 | python3.12-debug | < 3.12.5-2.el8_10 | python3.12-debug-0:3.12.5-2.el8_10.i686.rpm |
rocky | 8 | x86_64 | python3.12-debug | < 3.12.5-2.el8_10 | python3.12-debug-0:3.12.5-2.el8_10.x86_64.rpm |
rocky | 8 | aarch64 | python3.12-debuginfo | < 3.12.5-2.el8_10 | python3.12-debuginfo-0:3.12.5-2.el8_10.aarch64.rpm |
rocky | 8 | i686 | python3.12-debuginfo | < 3.12.5-2.el8_10 | python3.12-debuginfo-0:3.12.5-2.el8_10.i686.rpm |
rocky | 8 | x86_64 | python3.12-debuginfo | < 3.12.5-2.el8_10 | python3.12-debuginfo-0:3.12.5-2.el8_10.x86_64.rpm |
rocky | 8 | aarch64 | python3.12-debugsource | < 3.12.5-2.el8_10 | python3.12-debugsource-0:3.12.5-2.el8_10.aarch64.rpm |
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/SC:N/VI:N/SI:N/VA:H/SA:N/S:N/AU:N/R:U/RE:L