Skip to main content

I'm wondering if anyone has a solution for upgrading Python? Our Vulnerability scans are picking up a vulnerability with older versions of Python on a number or our mac machines. It appears Python 3.9.4 resolves this.

When I install the package for 3.9.4, it installs, but leaves the older Python Launcher folder in /Applications, and I assume some framework stuff elsewhere?

I'm not a python user and am afraid to remove that older folder out of fear(and also believe there is more to python than just that folder) of "breaking" something. We have a lot of dev users in our environment.

Thanks for any input on how to accomplish this upgrade.

I submitted a ticket to Apple Enterprise support who informed me it was not a vulnerable application in the eyes if Apple, yet as mentioned on this thread Qualys sees the baked in version on Python installed via CLI or Xcode as a vulnerability. I think Homebrew too.

I could only defer the Vulnerabilities until Jan in the hope Ventura and Xcode 14.x update the version of python Apple use. 

**Update**

I am running Ventura and Xcode 14.1. The Python version located at /usr/bin/python is 3.9.6 which is an update from the 3.8 I had on a few months ago running Monterey.  
How long until Qualys sees 3.9.6 as a Vul?

Looking at our Qualys console the suggested solution is to update to Python 3.9.5 and above.  Looks like Qualys will eventually get to 3.9.6 and I will start to see Qualys Vulnerabilities again.  

This issue will never get permanently resolved.

An exert from Qualys Detection Summary:

Python 3.9.0 /usr/bin/python3

Affected Versions:
Python Versions 3.8.0 up to 3.8.11 and 3.9.0 up to 3.9.4

Solution:

Customers are advised to install python version 3.9.5 or newer.

I submitted a ticket to Apple Enterprise support who informed me it was not a vulnerable application in the eyes if Apple, yet as mentioned on this thread Qualys sees the baked in version on Python installed via CLI or Xcode as a vulnerability. I think Homebrew too.

I could only defer the Vulnerabilities until Jan in the hope Ventura and Xcode 14.x update the version of python Apple use. 

**Update**

I am running Ventura and Xcode 14.1. The Python version located at /usr/bin/python is 3.9.6 which is an update from the 3.8 I had on a few months ago running Monterey.  
How long until Qualys sees 3.9.6 as a Vul?


3.9.6 started showing up just a few days ago, unfortunately. Thankfully we don't have many of these and if Apple sees them as not an issue then it appears there is not much we can do. This is just one of those weird things that will sit in back of my head and always be a 'what if' scenario everytime I hear about a data breach. Oh well, who needs hair? :D

3.9.6 started showing up just a few days ago, unfortunately. Thankfully we don't have many of these and if Apple sees them as not an issue then it appears there is not much we can do. This is just one of those weird things that will sit in back of my head and always be a 'what if' scenario everytime I hear about a data breach. Oh well, who needs hair? :D


Bummer, thanks for update @Kevin_K   Guess I will be chatting to my boss and Security about this.  Co-workers believe Apple and Qualys should get on a call and discuss it. I still think eventually they will butt heads and nothing will come of it.

Terms & ConditionsCookie settingsAccessibility statement