Lucene search

K
freebsdFreeBSD0E561173-0FA9-11EC-A2FA-080027948C12
HistoryAug 30, 2021 - 12:00 a.m.

Python -- multiple vulnerabilities

2021-08-3000:00:00
vuxml.freebsd.org
11

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

76.9%

Python reports:

bpo-44394: Update the vendored copy of libexpat to 2.4.1 (from 2.2.8) to get the
fix for the CVE-2013-0340 β€œBillion Laughs” vulnerability. This copy is most used
on Windows and macOS.
bpo-43124: Made the internal putcmd function in smtplib sanitize input for
presence of \r and \n characters to avoid (unlikely) command injection.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchpython36<Β 3.6.15UNKNOWN
FreeBSDanynoarchpython37<Β 3.7.12UNKNOWN

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

76.9%