vulnerability
Alma Linux: CVE-2024-5642: Moderate: python3.9 security update (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:L/Au:N/C:P/I:N/A:P) | Dec 17, 2025 | Dec 23, 2025 | Dec 24, 2025 |
Severity
6
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:P)
Published
Dec 17, 2025
Added
Dec 23, 2025
Modified
Dec 24, 2025
Description
CPython 3.9 and earlier doesn't disallow configuring an empty list ("[]") for SSLContext.set_npn_protocols() which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used (see CVE-2024-5535 for OpenSSL). This vulnerability is of low severity due to NPN being not widely used and specifying an empty list likely being uncommon in-practice (typically a protocol name would be configured).
Solutions
alma-upgrade-python-unversioned-commandalma-upgrade-python3alma-upgrade-python3-debugalma-upgrade-python3-develalma-upgrade-python3-idlealma-upgrade-python3-libsalma-upgrade-python3-testalma-upgrade-python3-tkinteralma-upgrade-python39alma-upgrade-python39-attrsalma-upgrade-python39-cffialma-upgrade-python39-chardetalma-upgrade-python39-cryptographyalma-upgrade-python39-cythonalma-upgrade-python39-debugalma-upgrade-python39-develalma-upgrade-python39-idlealma-upgrade-python39-idnaalma-upgrade-python39-iniconfigalma-upgrade-python39-libsalma-upgrade-python39-lxmlalma-upgrade-python39-mod_wsgialma-upgrade-python39-more-itertoolsalma-upgrade-python39-numpyalma-upgrade-python39-numpy-docalma-upgrade-python39-numpy-f2pyalma-upgrade-python39-packagingalma-upgrade-python39-pipalma-upgrade-python39-pip-wheelalma-upgrade-python39-pluggyalma-upgrade-python39-plyalma-upgrade-python39-psutilalma-upgrade-python39-psycopg2alma-upgrade-python39-psycopg2-docalma-upgrade-python39-psycopg2-testsalma-upgrade-python39-pyalma-upgrade-python39-pybind11alma-upgrade-python39-pybind11-develalma-upgrade-python39-pycparseralma-upgrade-python39-pymysqlalma-upgrade-python39-pyparsingalma-upgrade-python39-pysocksalma-upgrade-python39-pytestalma-upgrade-python39-pyyamlalma-upgrade-python39-requestsalma-upgrade-python39-rpm-macrosalma-upgrade-python39-scipyalma-upgrade-python39-setuptoolsalma-upgrade-python39-setuptools-wheelalma-upgrade-python39-sixalma-upgrade-python39-testalma-upgrade-python39-tkinteralma-upgrade-python39-tomlalma-upgrade-python39-urllib3alma-upgrade-python39-wcwidthalma-upgrade-python39-wheelalma-upgrade-python39-wheel-wheel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.