Msrc Cbl2 Python3 3.9.19-11 On Cbl Mariner 2.0 vulnerabilities

CVE-2024-9287 [MEDIUM] CWE-428 Virtual environment (venv) activation scripts don't quote paths Virtual environment (venv) activation scripts don't quote paths FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libra

CVE-2022-40897 [MEDIUM] CWE-1333 Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py. FAQ: Is Azure Lin