Lucene search

K
gentooGentoo FoundationGLSA-202104-04
HistoryApr 30, 2021 - 12:00 a.m.

Python: Multiple vulnerabilities

2021-04-3000:00:00
Gentoo Foundation
security.gentoo.org
41
python
vulnerabilities
upgrade
latest versions
cve identifiers
workaround
resolution
users
interpreted language
object-oriented.

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:P/A:P

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H

EPSS

0.001

Percentile

49.9%

Background

Python is an interpreted, interactive, object-oriented programming language.

Description

Multiple vulnerabilities have been discovered in Python. Please review the CVE identifiers referenced below for details.

Impact

Please review the referenced CVE identifiers for details.

Workaround

There is no known workaround at this time.

Resolution

All Python 2.7 users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=dev-lang/python-2.7.18_p8"

All Python 3.6 users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=dev-lang/python-3.6.13_p1"

All Python 3.7 users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=dev-lang/python-3.7.10_p1"

All Python 3.8 users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=dev-lang/python-3.8.8_p1"

All Python 3.9 users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=dev-lang/python-3.9.2_p1"
OSVersionArchitecturePackageVersionFilename
Gentooanyalldev-lang/python< 3.9.2_p1UNKNOWN

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:P/A:P

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H

EPSS

0.001

Percentile

49.9%