fence-agents-mpath (AlmaLinux:8) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:8 package fence-agents-mpath, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (15)
CVE-2024-6345 — CVSS 8.8 (high): A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download…
CVE-2026-32597 — CVSS 7.5 (high): PyJWT is a JSON Web Token implementation in Python. Prior to 2.12.0, PyJWT does not validate the crit (Critical) Header Parameter defined…
CVE-2025-66418 — CVSS 7.5 (high): urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the…
CVE-2025-66471 — CVSS 7.5 (high): urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles…
CVE-2026-21441 — CVSS 7.5 (high): urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by…
CVE-2026-23490 — CVSS 7.5 (high): pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Service issue has been found that leads to memory exhaustion from…
CVE-2026-30922 — CVSS 7.5 (high): pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the `pyasn1` library is vulnerable to a Denial of Service (DoS) attack caused…
CVE-2023-37920 — CVSS 7.5 (high): Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of…
CVE-2026-26007 — CVSS 6.5 (medium): cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the…
CVE-2023-43804 — CVSS 5.9 (medium): urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the `Cookie` HTTP header special or provide any helpers…
CVE-2023-52323 — CVSS 5.9 (medium): PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger attack.
CVE-2024-22195 — CVSS 5.4 (medium): Jinja is an extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax. It is possible…
CVE-2024-47081 — CVSS 5.3 (medium): Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for…
CVE-2024-37891 — CVSS 4.4 (medium): urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with `ProxyManager`, the…
CVE-2023-45803 — CVSS 4.2 (medium): urllib3 is a user-friendly HTTP client library for Python. urllib3 previously wouldn't remove the HTTP request body when an HTTP redirect…