Upgrade RHEL:7 kernel-rt-trace-kvm to version 0:3.10.0-693.rt56.617.el7 or higher. This issue was patched in RHSA-2017:2077 .

python-nose-docs vulnerabilities

Known vulnerabilities in the python-nose-docs package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
H Arbitrary Command Injection	<0:1.3.7-31.module+el8.10.0+90473+c30184f9
M Cross-site Scripting (XSS)	<0:1.3.7-31.module+el8.9.0+90013+b7cb8eec
M XML External Entity (XXE) Injection	<0:1.3.7-31.module+el8.9.0+90013+b7cb8eec
M Use After Free	<0:1.3.7-31.module+el8.9.0+90013+b7cb8eec
M Inefficient Regular Expression Complexity	<0:1.3.7-31.module+el8.9.0+90013+b7cb8eec
M CVE-2023-43804	<0:1.3.7-31.module+el8.9.0+90013+b7cb8eec
M Information Exposure	<0:1.3.7-31.module+el8.9.0+90013+b7cb8eec
H CVE-2023-40217	<0:1.3.7-31.module+el8.5.0+20361+8a9d3d27
H Improper Input Validation	<0:1.3.7-31.module+el8.5.0+20361+8a9d3d27
M Algorithmic Complexity	<0:1.3.7-31.module+el8.5.0+20361+8a9d3d27
M Arbitrary Command Injection	<0:1.3.7-31.module+el8.5.0+20361+8a9d3d27
M Unchecked Return Value	<0:1.3.7-31.module+el8.5.0+20361+8a9d3d27
M Arbitrary Code Injection	<0:1.3.7-31.module+el8.5.0+20361+8a9d3d27
M Arbitrary Code Injection	<0:1.3.7-31.module+el8.5.0+20361+8a9d3d27
M Resource Exhaustion	<0:1.3.7-31.module+el8.5.0+20361+8a9d3d27
M CVE-2021-20095	<0:1.3.7-31.module+el8.5.0+20361+8a9d3d27
M Resource Exhaustion	<0:1.3.7-31.module+el8.5.0+20361+8a9d3d27
M Inefficient Regular Expression Complexity	<0:1.3.7-31.module+el8.5.0+20329+5c5719bc
M Cross-site Scripting (XSS)	<0:1.3.7-31.module+el8.5.0+20361+8a9d3d27
M Loop with Unreachable Exit Condition ('Infinite Loop')	<0:1.3.7-31.module+el8.5.0+20361+8a9d3d27
M Directory Traversal	<0:1.3.7-31.module+el8.5.0+20361+8a9d3d27
M Resource Exhaustion	<0:1.3.7-31.module+el8.5.0+20361+8a9d3d27
M HTTP Request Smuggling	<0:1.3.7-31.module+el8.5.0+20361+8a9d3d27
H Buffer Overflow	<0:1.3.7-30.module+el8.3.0+7833+4aaf98ce
M Cross-site Scripting (XSS)	<0:1.3.7-30.module+el8.3.0+7833+4aaf98ce
M CVE-2020-27619	<0:1.3.7-31.module+el8.5.0+20361+8a9d3d27
M Arbitrary Code Injection	<0:1.3.7-30.module+el8.3.0+7833+4aaf98ce
M Arbitrary Code Injection	<0:1.3.7-30.module+el8.3.0+7833+4aaf98ce
M Loop with Unreachable Exit Condition ('Infinite Loop')	<0:1.3.7-30.module+el8.3.0+7833+4aaf98ce
M Directory Traversal	<0:1.3.7-30.module+el8.3.0+7833+4aaf98ce
M CVE-2019-16056	<0:1.3.7-30.module+el8.2.0+5577+bb63ba72
M Improper Input Validation	<0:1.3.7-30.module+el8.2.0+5577+bb63ba72
M Improper Certificate Validation	<0:1.3.7-30.module+el8.2.0+5577+bb63ba72
M Deserialization of Untrusted Data	<0:1.3.7-30.module+el8.1.0+5396+a4103ad2
M CVE-2018-20060	<0:1.3.7-30.module+el8.2.0+5577+bb63ba72
M CRLF Injection	<0:1.3.7-30.module+el8.2.0+5577+bb63ba72
M Insufficiently Protected Credentials	<0:1.3.7-30.module+el8.2.0+5577+bb63ba72
M CRLF Injection	<0:1.3.7-30.module+el8.1.0+5396+a4103ad2
M Directory Traversal	<0:1.3.7-30.module+el8.1.0+5396+a4103ad2
M CRLF Injection	<0:1.3.7-30.module+el8.1.0+5396+a4103ad2
H SQL Injection	<0:1.3.7-30.module+el8.0.0+5233+93973c75
H SQL Injection	<0:1.3.7-30.module+el8.0.0+5233+93973c75
H CVE-2019-9636	<0:1.3.7-30.module+el8.0.0+5233+93973c75

Vulnerability

Vulnerable Version

Arbitrary Command Injection

<0:1.3.7-31.module+el8.10.0+90473+c30184f9

Cross-site Scripting (XSS)

<0:1.3.7-31.module+el8.9.0+90013+b7cb8eec

XML External Entity (XXE) Injection

<0:1.3.7-31.module+el8.9.0+90013+b7cb8eec

Use After Free

<0:1.3.7-31.module+el8.9.0+90013+b7cb8eec

Inefficient Regular Expression Complexity

<0:1.3.7-31.module+el8.9.0+90013+b7cb8eec