English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.856346
Category:openSUSE Local Security Checks
Title:openSUSE Security Advisory (SUSE-SU-2024:1862-1)
Summary:The remote host is missing an update for the 'python' package(s) announced via the SUSE-SU-2024:1862-1 advisory.
Description:Summary:
The remote host is missing an update for the 'python' package(s) announced via the SUSE-SU-2024:1862-1 advisory.

Vulnerability Insight:
This update for python fixes the following issues:

- CVE-2023-52425: Fixed using the system libexpat (bsc#1219559).
- CVE-2023-27043: Modifed fix for unicode string handling in email.utils.parseaddr() (bsc#1222537).
- CVE-2022-48560: Fixed use-after-free in Python via heappushpop in heapq (bsc#1214675).
- CVE-2024-0450: Detect the vulnerability of the 'quoted-overlap' zipbomb (bsc#1221854).

Bug fixes:

- Switch off tests. ONLY FOR FACTORY!!! (bsc#1219306).
- Build with -std=gnu89 to build correctly with gcc14 (bsc#1220970).
- Switch from %patchN style to the %patch -P N one.

Affected Software/OS:
'python' package(s) on openSUSE Leap 15.5, openSUSE Leap 15.6.

Solution:
Please install the updated package(s).

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2022-48560
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZ5OOBWNYWXFTZDMCGHJVGDLDTHLWITJ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VO7Y2YZSDK3UYJD2KBGLXRTGNG6T326J/
https://bugs.python.org/issue39421
https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html
https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html
Common Vulnerability Exposure (CVE) ID: CVE-2023-27043
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HXYVPEZUA3465AEFX5JVFVP7KIFZMF3N/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SOX7BCN6YL7B3RFPEEXPIU5CMTEHJOKR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWMBD4LNHWEXRI6YVFWJMTJQUL5WOFTS/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PU6Y2S5CBN5BWCBDAJFTGIBZLK3S2G3J/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PHVGRKQAGANCSGFI3QMYOCIMS4IFOZA5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RDDC2VOX7OQC6OHMYTVD4HLFZIV6PYBC/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/75DTHSTNOFFNAWHXKMDXS7EJWC6W2FUC/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4ZAEFSFZDNBNJPNOUTLG5COISGQDLMGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ORLXS5YTKN65E2Q2NWKXMFS5FWQHRNZW/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ARI7VDSNTQVXRQFM6IK5GSSLEIYV4VZH/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NEUNZSZ3CVSM2QWVYH3N2XGOCDWNYUA3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SINP4OVYNB2AGDYI2GS37EMW3H3F7XPZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P2W2BZQIHMCKRI5FNBJERFYMS5PK6TAH/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VZXC32CJ7TWDPJO6GY2XIQRO7JZX5FLP/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YQVY5C5REXWJIORJIL2FIL3ALOEJEF72/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6M5I6OQHJABNEYY555HUMMKX3Y4P25Z/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P2MAICLFDDO3QVNHTZ2OCERZQ34R2PIC/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QDRDDPDN3VFIYXJIYEABY6USX5EU66AG/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BQAKLUJMHFGVBRDPEY57BJGNCE5UUPHW/
http://python.org
https://github.com/python/cpython/issues/102988
Common Vulnerability Exposure (CVE) ID: CVE-2023-52425
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WNUBSGZFEZOBHJFTAD42SAN4ATW2VEMV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PNRIHC7DVVRAIWFRGV23Y6UZXFBXSQDB/
https://github.com/libexpat/libexpat/pull/789
https://lists.debian.org/debian-lts-announce/2024/04/msg00006.html
http://www.openwall.com/lists/oss-security/2024/03/20/5
Common Vulnerability Exposure (CVE) ID: CVE-2024-0450
https://github.com/python/cpython/commit/30fe5d853b56138dbec62432d370a1f99409fc85
https://github.com/python/cpython/commit/66363b9a7b9fe7c99eba3a185b74c5fdbf842eba
https://github.com/python/cpython/commit/70497218351ba44bffc8b571201ecb5652d84675
https://github.com/python/cpython/commit/a2c59992e9e8d35baba9695eb186ad6c6ff85c51
https://github.com/python/cpython/commit/a956e510f6336d5ae111ba429a61c3ade30a7549
https://github.com/python/cpython/commit/d05bac0b74153beb541b88b4fca33bf053990183
https://github.com/python/cpython/commit/fa181fcf2156f703347b03a3b1966ce47be8ab3b
https://github.com/python/cpython/issues/109858
https://lists.debian.org/debian-lts-announce/2024/03/msg00024.html
https://lists.debian.org/debian-lts-announce/2024/03/msg00025.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T3IGRX54M7RNCQOXVQO5KQKTGWCOABIM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5VHWS52HGD743C47UMCSAK2A773M2YE/
https://mail.python.org/archives/list/security-announce@python.org/thread/XELNUX2L3IOHBTFU7RQHCY6OUVEWZ2FG/
https://www.bamsoftware.com/hacks/zipbomb/
CopyrightCopyright (C) 2024 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.