Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

NCPA Python vulnerabilities

https://support.nagios.com/forum/viewtopic.php?t=76808

Page 1 of 1

NCPA Python vulnerabilities

Posted: Wed Jan 28, 2026 12:14 pm
by proddan
Hi Everyone,

You're probably already aware, but the current version of NCPA contains a version of python which is affected by some recently published CVEs.

More details here.

https://github.com/NagiosEnterprises/ncpa/issues/1341


Hopefully we get a new version asap.

Thanks,


Peter.

Re: NCPA Python vulnerabilities

Posted: Wed Jan 28, 2026 2:23 pm
by cdietsch
Hi @proddan,

Thanks for bringing this to our attention.

NCPA 3.2.3 which was released last week, shipped with the latest version of python3.13 that is currently available 3.13.11. It is also not immediately clear if updating to 3.14.2 or 3.15.0 (pre-release) would fix the vulnerabilities as the affected python versions in the CVE's are unspecified.

It's going to be at least a month before the next NCPA release. In the meantime, you can always download the source code for NCPA and build your own binaries with whatever version of python you like.
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited