rpm package
suse/python311&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP5
pkg:rpm/suse/python311&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5
Vulnerabilities (22)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-12718 | Med | 5.3 | < 3.11.13-150400.9.60.1 | 3.11.13-150400.9.60.1 | Jun 3, 2025 | Allows modifying some file metadata (e.g. last modified) with filter="data" or file permissions (chmod) with filter="tar" of files outside the extraction directory. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile. | |
| CVE-2025-4516 | Med | — | < 3.11.13-150400.9.60.1 | 3.11.13-150400.9.60.1 | May 15, 2025 | There is an issue in CPython when using `bytes.decode("unicode_escape", error="ignore|replace")`. If you are not using the "unicode_escape" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap th |
- affected < 3.11.13-150400.9.60.1fixed 3.11.13-150400.9.60.1
Allows modifying some file metadata (e.g. last modified) with filter="data" or file permissions (chmod) with filter="tar" of files outside the extraction directory. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.
- affected < 3.11.13-150400.9.60.1fixed 3.11.13-150400.9.60.1
There is an issue in CPython when using `bytes.decode("unicode_escape", error="ignore|replace")`. If you are not using the "unicode_escape" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap th
Page 2 of 2