VIR Vulnerability Intelligence Relay

CVE-2023-43804

medium
Published 2023-12-12 · Modified 2024-05-29
CVSS v3
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
CVSS v2
VIR risk
5.5

Description

Moderate: python39:3.9 and python39-devel:3.9 security update

Predictions

Exploit likelihood
30%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2024-2985.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2196183

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2171817

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2024:2985

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2024-2987.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2257854

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2249755

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2240059

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2158559

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2024:2987

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2023-7753.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2024-0133.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2226586

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2024:0133

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2024-0464.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2024-2159.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2024-2986.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2024:2986

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2024-0116.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2246840

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2242493

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2024:0116

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2023-43804

vendor Authored 2026-05-27

Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2023-43804.html

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2024:2986

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2024:2985

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2024:2987

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2024:2159

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2024:0464

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2023:7753

OS impact
OSVersionStatusFixed in
redhat rhel9fixed
rockylinux rocky8fixed
suse slesaffected
debian debianbookwormfixed1.26.12-1+deb12u1
debian debianbullseyefixed1.26.5-1~exp1+deb11u1
debian debianforkyfixed1.26.17-1
debian debiansidfixed1.26.17-1
debian debiantrixiefixed1.26.17-1

Package impact
EcosystemPackageVulnerableFixed
python PyPIurllib3>=2.0.0,<2.0.62.0.6
python PyPIurllib3<1.26.171.26.17
python PyPIurllib3<01220354d389cd05474713f8c982d05c9b17aafb||<1.26.17644124ecd0b6e417c527191f866daa05a5a2056d

References

Verify integrity in audit chain (admin only). AS-IS.