resource-agents-aliyun (AlmaLinux:8) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:8 package resource-agents-aliyun, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (12)
CVE-2024-6345 — CVSS 8.8 (high): A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download…
CVE-2021-27291 — CVSS 7.5 (high): In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular…
CVE-2026-30922 — CVSS 7.5 (high): pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the `pyasn1` library is vulnerable to a Denial of Service (DoS) attack caused…
CVE-2025-66471 — CVSS 7.5 (high): urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles…
CVE-2026-21441 — CVSS 7.5 (high): urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by…
CVE-2026-23490 — CVSS 7.5 (high): pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Service issue has been found that leads to memory exhaustion from…
CVE-2021-20270 — CVSS 7.5 (high): An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a…
CVE-2025-66418 — CVSS 7.5 (high): urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the…
CVE-2023-52323 — CVSS 5.9 (medium): PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger attack.
CVE-2024-47081 — CVSS 5.3 (medium): Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for…
CVE-2024-37891 — CVSS 4.4 (medium): urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with `ProxyManager`, the…
CVE-2023-45803 — CVSS 4.2 (medium): urllib3 is a user-friendly HTTP client library for Python. urllib3 previously wouldn't remove the HTTP request body when an HTTP redirect…