Red Hat Security Advisory 2023-6885-01 - An update for python is now available for Red Hat Enterprise Linux 7. Issues addressed include a bypass vulnerability.
73907e36e7bfd30d9c846ffc48be5d485f187642ae721c967bb4557a04f44a41
Red Hat Security Advisory 2023-6793-01 - An update for rh-python38-python is now available for Red Hat Software Collections. Issues addressed include bypass, denial of service, and traversal vulnerabilities.
f0f08cb3f3c4209c1d7481c125ba32ca7c6e8c583f668e920f22fa6acdeb8b3b
Red Hat Security Advisory 2023-6712-01 - An update for python-wheel is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
6f09d58e67c37a819156dc4d2138a76a7b961164caa0ae2b6e262dcaa2d2c14d
Red Hat Security Advisory 2023-6694-01 - An update for python-pip is now available for Red Hat Enterprise Linux 9. Issues addressed include a traversal vulnerability.
304f36b2ae0d72cd1e434b7f8b3c90b47ff802cad909c070b8dc41b64b7b2b16
Red Hat Security Advisory 2023-6615-01 - An update for python-cryptography is now available for Red Hat Enterprise Linux 9.
b838e09d860a9b353ad251a959176b6ab69b1300a1af329169931845236c1d27
Red Hat Security Advisory 2023-6523-01 - An update for python-tornado is now available for Red Hat Enterprise Linux 9. Issues addressed include an open redirection vulnerability.
8609d5bfa92c8cd4ec4be435b40ea0824c2c07a35ab341a51cc56163dc8ea88a
Red Hat Security Advisory 2023-6290-01 - An update for python is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Issues addressed include a bypass vulnerability.
cd2a326770e59111ee1a401f38207606c73e2d9e7b29ea7eb7e4ff7dcfcbc0b7
Red Hat Security Advisory 2023-5969-01 - An update for collectd-libpod-stats, etcd, and python-octavia-tests-tempest is now available for Red Hat OpenStack Platform 17.1.1. Issues addressed include a denial of service vulnerability.
2a6846f7c835b7440e8384fb112271bd4be75879f8d6c3d8c2c64d6e912f0916
Red Hat Security Advisory 2023-5790-01 - Python-reportlab is a library used for generation of PDF documents. Issues addressed include a code execution vulnerability.
2aba26472dc75efcb7e9b94efe64b337a5c0342b54d7355cae925209cd0b60d9
Red Hat Security Advisory 2023-5789-01 - Python-reportlab is a library used for generation of PDF documents. Issues addressed include a code execution vulnerability.
753246f6be0009ce22f52d57d564e61fc96345dcf8fcb6a7b7cdccb99a41cb25
Red Hat Security Advisory 2023-5788-01 - Python-reportlab is a library used for generation of PDF documents. Issues addressed include a code execution vulnerability.
cab516b2d9db442bef3789039f046f415ddabae334ee753525328ba8808f7ea3
Red Hat Security Advisory 2023-5787-01 - Python-reportlab is a library used for generation of PDF documents. Issues addressed include a code execution vulnerability.
150cb2d97aa150d7600c698aa16d2861291855ee5cd3481d426131773eac6284
Red Hat Security Advisory 2023-5786-01 - Python-reportlab is a library used for generation of PDF documents. Issues addressed include a code execution vulnerability.
0d5f0aa99be04ced55b2baea204c358506a55b7b9428fa5fba74940fa51837c8
Ubuntu Security Notice 6394-2 - USN-6394-1 fixed a vulnerability in Python. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that Python incorrectly handled certain scripts. An attacker could possibly use this issue to execute arbitrary code or cause a crash.
d38a75206389008d3e1ad14a50564e60d915ccb7b901100a133baef1458072fe
Apache Superset versions 2.0.0 and below utilize Flask with a known default secret key which is used to sign HTTP cookies. These cookies can therefore be forged. If a user is able to login to the site, they can decode the cookie, set their user_id to that of an administrator, and re-sign the cookie. This valid cookie can then be used to login as the targeted user. From there the Superset database is mounted, and credentials are pulled. A dashboard is then created. Lastly a pickled python payload can be set for that dashboard within Superset's database which will trigger the remote code execution. An attempt to clean up ALL of the dashboard key values and reset them to their previous values happens during the cleanup phase.
0cf3211c0a88b94f22c56bd68535a69b15419a4e9c97ce50b1d180e75e44b6be
Red Hat Security Advisory 2023-5616-01 - Python-reportlab is a library used for generation of PDF documents. Issues addressed include a code execution vulnerability.
2dd35d1d563fa4f4686f2465d398d4434e278f814a90ce88a33008b776002409
Red Hat Security Advisory 2023-5528-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
a7809e9736bc296be97737d0134acf6fa48d78add499ff1793c34d58165a458a
Red Hat Security Advisory 2023-5531-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
a3ac08590b81392419d53e56814ac2bc5993d0b96b4d0fc7fbc90e5d72562f06
Red Hat Security Advisory 2023-5472-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
9c1907fc55798106e0bd3a59d0c393769c3b9106a4a9363b9744bc3077648583
Red Hat Security Advisory 2023-5456-01 - Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. Issues addressed include a bypass vulnerability.
f09181b9b7be43158cca59a700da7461f491ae25644238faaf8b1279d3ca31f1
Red Hat Security Advisory 2023-5462-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
313f06d9ee1fe6f102aed74238c4b3de0da9f76aea3b0cec8d71f5838548559b
Red Hat Security Advisory 2023-5463-01 - Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. Issues addressed include a bypass vulnerability.
952e2fc910e9d17614ddee9613f6122dd79884b41702c86e0566f6059e098cc8
Ubuntu Security Notice 6400-1 - It was discovered that Python did not properly provide constant-time processing for a crypto operation. An attacker could possibly use this issue to perform a timing attack and recover sensitive information.
78f05f302971fdd61c41b154c5089eddceaa4838a9b6ffba2b409c27fe5f9ad4
Ubuntu Security Notice 6394-1 - It was discovered that Python incorrectly handled certain scripts. An attacker could possibly use this issue to execute arbitrary code or cause a crash.
5e2657b51ce71bc1d6b8b0ec757dad995dd0b33e1ab6d102daa7f5cf3f0ac2b4
Packers and Movers Management System version 1.0 suffers from a remote blind SQL injection vulnerability. Proof of concept exploit written in python included.
392e218592b7d81bc0c0a1e2e699e9fe38ca587052d6e6393e97b66c59ab44ea