Summary

Tenable has updated the Python package enumeration plugins to reduce false positives and to better identify vulnerabilities when multiple packages are present on the scan target.

Change

Before this update, the Python package enumeration plugins did not attempt to associate detected packages with an RPM or DEB package managed by the Linux distribution. This would cause some packages to report vulnerabilities both based on a Linux distribution vendor’s advisory and a CVE advisory from the Python package maintainer.

In addition, some Python packages present through symbolic links (“symlinks”) on a scan target’s filesystem would report as separate files, instead of a single actual file.

Finally, some vulnerability plugins did not correctly report when multiple vulnerable Python packages were present on a scan target.

After this update, these issues have been addressed. Vulnerable Python packages on Linux assets will be assessed to determine if they are managed by a Linux distribution’s package manager, and if so, will be marked as “Managed” and will not report a vulnerability, unless the Show potential false alarms setting is enabled for the scan. 

Vulnerable Python packages detected will be assessed to determine if they are files or symlinks, and only the actual file will be reported. However, if multiple actual files are present, vulnerability detection plugins will correctly report all instances.

Impact

Most customers will notice a reduction in the volume of Python package vulnerabilities reported. Some scan results may show an increase in detected vulnerabilities if multiple independent installs of a Python package are present on a scan target, but this is much less likely.

Detection plugins

181215 Python Installed Packages (Windows)

164122 Python Installed Packages (Linux/UNIX)

186173 Apache Superset Installed (Linux / Unix)  

196906 AI/LLM Software Report 

171433 Apache Airflow Installed (Linux / Unix) 

201192 Horovod Detection  

198067 Intel Neural Compressor Library Detection  

201189 Keras Detection  

201190 NumPy Detection  

205587 H2O Detection  

205584 LangChain Detection  

205585 LLama.cpp Python Bindings Detection  

206880 MLflow Detection  

205586 OpenAi Detection  

214312 AWS RedShift Python Connector Detection  

205590 Seaborn Detection  

205589 Tensorboard Detection  

205588 Theano Detection  

237200 Tornado Detection  

206027 ZenML Detection  

200977 PyTorch Detection  

201193 Ray Dashboard Detection  

201191 Scikit-learn Detection  

195192 TensorFlow Detection  

195203 Microsoft Azure Command-Line Interface (CLI) Installed (Linux)   

208299 DeepSpeed Detection  

208127 AIM Detection  

208134 BentoML Detection  

208126 Google AI Platform (VertexAI SDK) Detection  

213710 Gradio Detection  

208129 H2O-3 Detection  

208135 H2OGPT Detection  

208137 Kedro Detection  

241433 Model Context Protocol (MCP) Detection  

208131 MLRun Detection  

208132 Neptune AI SDK Detection  

208140 Ollama Detection  

208136 Prefect Detection  

208139 PySpark Detection  

208138 Microsoft RD-Agent Detection  

208141 Tensorflow-hub Detection  

208130 NVIDIA TensorRT Detection  

208133 Weights & Biases Detection 

208128 Weights & Biases Weave Detection 

Vulnerability plugins

210056 NumPy 1.9.x < 1.21.0 Buffer Overflow
210055 NumPy < 1.22.0 Vulnerability - CVE-2021-34141
210057 NumPy < 1.22.2 Null Pointer Dereference
210054 NumPy < 1.19 DoS
213084 Pandas DataFrame.query Code Injection (Unpatched)
211464 torchgeo Python Library < 0.6.1 RCE
192941 Dnspython < 2.6.0rc1 DoS
193912 aioHTTP < 3.9.4 XSS
211644 aioHTTP 3.10.6 < 3.10.11 Memory Leak
211645 aioHTTP < 3.10.11 Request Smuggling
206721 Jupyterlab Python Library < 3.6.8 / 4.0 < 4.2.5 (CVE-2024-43805)
206977 LangChain Experimental Python Library <= 0.0.14 (CVE-2023-44467)
206722 Jupyter Notebook Python Library 7.0.0 < 7.2.2 (CVE-2024-43805)
212710 Pdoc Python Library <= 14.5.1 (CVE-2024-38526)
187972 PyCryptodome < 3.19.1 Side Channel Leak
193202 PyMongo < 4.6.3 Out-of-bounds Read
213287 python-libarchive Python Library <= 4.2.1 Directory Traversal (CVE-2024-55587)
204790 Python Library Certifi < 2024.07.04 Untrusted Root Certificate
206676 Python Library Django 4.2.x < 4.2.16 / 5.0.x < 5.0.9 / 5.1.x < 5.1.1 Multiple Vulnerabilities
214945 Python Library Django 4.2.x < 4.2.18 / 5.0.x < 5.0.11 / 5.1.x < 5.1.5 DoS
237889 Python Library Django 4.2.x < 4.2.22 / 5.1.x < 5.1.10 / 5.2.x < 5.2.2 Log Injection
194476 SAP BTP Python Library sap-xssec < 4.1.0 Privilege Escalation
200807 urllib3 Python Library < 1.26.19, < 2.2.2 (CVE-2024-37891)
242322 aioHTTP < 3.12.14 Request Smuggling (CVE-2025-53643)
234572 Microsoft Azure Promptflow Python Library promptflow-core < 1.17.2 RCE
234573 Microsoft Azure Promptflow Python Library promptflow-tools < 1.6.0 RCE
241329 Python Library Pillow 11.2.x < 11.3.0 Write Buffer Overflow

Target Release Date

November 10, 2025