Threats Tagged 'cve-2024-9287'

Red Hat issued a moderate severity security advisory for python3 version 3.6.8 on Red Hat Enterprise Linux 8. The update addresses two vulnerabilities: CVE-2024-9287, where virtual environment (venv) activation scripts do not quote paths properly, and CVE-2024-11168, involving improper validation of IPv6 and IPvFuture addresses. These issues could potentially lead to security risks if exploited. The advisory provides updated packages to remediate these vulnerabilities.

Red Hat has issued a moderate security advisory for python3.9 version 3.9.21 addressing multiple vulnerabilities. The update fixes issues including unquoted paths in virtual environment activation scripts (CVE-2024-9287) and improper validation of IPv6 and IPvFuture addresses (CVE-2024-11168). These vulnerabilities affect Red Hat Enterprise Linux 9 and related variants. The advisory does not provide a CVSS score but rates the impact as moderate.

Two security vulnerabilities affecting the python3.12 package in Red Hat Enterprise Linux 9 have been addressed. The first vulnerability (CVE-2024-9287) involves virtual environment (venv) activation scripts that do not quote paths properly. The second vulnerability (CVE-2024-12254) concerns unbounded memory buffering in the SelectorSocketTransport.writelines() function. Red Hat has released an update to fix these issues in python3.12 packages for multiple architectures and variants of RHEL 9. The update is rated as important by Red Hat Product Security.

This advisory addresses two security vulnerabilities in Python 3.12 as packaged for Red Hat Enterprise Linux 9.4 Extended Update Support. The first vulnerability (CVE-2024-9287) involves virtual environment (venv) activation scripts that do not properly quote paths, potentially leading to security issues. The second vulnerability (CVE-2024-12254) concerns unbounded memory buffering in the SelectorSocketTransport.writelines() function. Red Hat has released updated python3.12 packages to fix these issues. The update is rated as Important by Red Hat Product Security.

Red Hat has issued a security update for python3.12 addressing two vulnerabilities: CVE-2024-9287, where virtual environment activation scripts do not quote paths, and CVE-2024-12254, involving unbounded memory buffering in SelectorSocketTransport.writelines(). These issues affect Red Hat Enterprise Linux 8 and related products. The update is rated as Important by Red Hat Product Security. No CVSS scores are provided in the advisory. The update is available and should be applied to affected systems.

A security update for python3.11 addresses a vulnerability where virtual environment (venv) activation scripts do not quote paths properly (CVE-2024-9287). This issue affects Red Hat Enterprise Linux 9.4 Extended Update Support and related variants. The vulnerability is rated as moderate in severity by Red Hat Product Security. The update fixes the path quoting issue in venv activation scripts to prevent potential security risks.