urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen(‘local_file:///etc/passwd’) call.

CPENameOperatorVersion
cpythoneq1.0.2
cpythoneq3.1.2rc1
cpythoneq3.3.5
cpythoneq2.7b1
cpythoneq1.5b2
cpythoneq3.3.0b2
cpythoneq3.6.0a3
cpythoneq3.2.1rc2
cpythoneq2.1c1
cpythoneq3.8.0a4

Name	Operator	Version
cpython	eq	1.0.2
cpython	eq	3.1.2rc1
cpython	eq	3.3.5
cpython	eq	2.7b1
cpython	eq	1.5b2
cpython	eq	3.3.0b2
cpython	eq	3.6.0a3
cpython	eq	3.2.1rc2
cpython	eq	2.1c1
cpython	eq	3.8.0a4

Rows per page:

1-10 of 2551

References

bugs.python.org/issue35907

nessus 50

alpinelinux 1

osv 7

prion 1

openvas 28

veracode 1

mageia 2

debian 4

f5 1

redhatcve 1

debiancve 1

cve 1

ubuntucve 1

amazon 3

suse 2

ibm 9

freebsd 2

photon 7

fedora 4

redhat 8

slackware 1

myhack58 1

centos 1

oraclelinux 3

gentoo 1

rocky 1

almalinux 1

ubuntu 2

cloudfoundry 1

threatpost 1

ics 1

nessus

Amazon Linux 2 : python (ALAS-2019-1291)

2019-09-20 00:00:00

F5 Networks BIG-IP : Python vulnerability (K28622040)

2022-02-01 00:00:00

Photon OS 3.0: Python2 PHSA-2019-3.0-0009

2019-07-02 00:00:00

alpinelinux

CVE-2019-9948

2019-03-23 18:29:00

osv

python3.4 - security update

2019-07-10 00:00:00

CVE-2019-9948

2019-03-23 18:29:02

Moderate: python27:2.7 security and bug fix update

2019-11-05 17:32:12

prion

Design/Logic Flaw

2019-03-23 18:29:00

openvas

Python 2.x < 2.7.17, 3.5.x < 3.5.8, 3.6.x < 3.6.9, 3.7.x < 3.7.4 Protection Bypass Vulnerability (bpo-35907) - Windows

2021-09-12 00:00:00

Mageia: Security Advisory (MGASA-2019-0165)

2022-01-28 00:00:00

Python 2.x < 2.7.17, 3.5.x < 3.5.8, 3.6.x < 3.6.9, 3.7.x < 3.7.4 Protection Bypass Vulnerability (bpo-35907) - Linux

2021-09-12 00:00:00

veracode

Authorization Bypass

2019-07-15 00:07:30

mageia

Updated python packages fix security vulnerability

2019-05-12 12:35:33

Updated python packages fix security vulnerabilities

2019-11-08 02:36:48

debian

[SECURITY] [DLA 1852-1] python3.4 security update

2019-07-11 17:09:14

[SECURITY] [DLA 1834-1] python2.7 security update

2019-06-25 03:40:12

[SECURITY] [DLA 2337-1] python2.7 security update

2020-08-22 14:48:43

K28622040 : Python vulnerability CVE-2019-9948

2022-02-02 00:00:00

redhatcve

CVE-2019-9948

2020-04-04 11:04:53

debiancve

CVE-2019-9948

2019-03-23 18:29:00

cve

CVE-2019-9948

2019-03-23 18:29:00

ubuntucve

CVE-2019-9948

2019-03-23 00:00:00

amazon

Medium: python

2019-09-13 23:21:00

Important: python27

2019-08-07 23:02:00

Important: python34

2019-11-19 17:31:00

suse

Security update for python (important)

2019-06-18 00:00:00

Security update for python (important)

2019-04-25 00:00:00

ibm

Security Bulletin: Resilient is vulnerable to using Python component with known vulnerabilities in RHEL 7

2020-04-08 18:33:24

Security Bulletin: [All] Python (Publicly disclosed vulnerability)

2020-09-16 16:02:03

Security Bulletin: Resilient is vulnerable to using Python component with known vulnerabilities in RHEL 7

2020-04-08 18:30:03

freebsd

python 3.6 -- multiple vulnerabilities

2019-03-13 00:00:00

python 3.7 -- multiple vulnerabilities

2019-03-13 00:00:00

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0146

2019-03-29 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-1.0-0220

2019-03-29 00:00:00

Critical Photon OS Security Update - PHSA-2019-0220

2019-03-29 00:00:00

fedora

[SECURITY] Fedora 29 Update: python3-docs-3.7.4-1.fc29

2019-08-05 01:41:24

[SECURITY] Fedora 30 Update: python3-3.7.4-1.fc30

2019-07-29 01:08:31

[SECURITY] Fedora 30 Update: python3-docs-3.7.4-1.fc30

2019-07-29 01:08:32

redhat

(RHSA-2019:1700) Important: python27-python security update

2019-07-08 10:38:49

(RHSA-2020:1462) Moderate: python security update

2020-04-14 14:34:05

(RHSA-2019:3520) Moderate: python3 security and bug fix update

2019-11-05 17:55:39

slackware

[slackware-security] python

2019-10-20 20:16:04

myhack58

Cisco release a lot of patches, fixes IOS XE, and small business routing vulnerability-vulnerability warning-the black bar safety net

2019-03-30 00:00:00

centos

python, tkinter security update

2019-08-30 04:00:52

oraclelinux

python3 security and bug fix update

2019-11-14 00:00:00

python27:2.7 security and bug fix update

2019-11-14 00:00:00

python security and bug fix update

2019-08-13 00:00:00

gentoo

Python: Multiple vulnerabilities

2020-03-15 00:00:00

rocky

python27:2.7 security and bug fix update

2019-11-05 17:32:12

almalinux

Moderate: python27:2.7 security and bug fix update

2019-11-05 17:32:12

ubuntu

Python vulnerabilities

2019-09-09 00:00:00

Python vulnerabilities

2019-09-10 00:00:00

cloudfoundry

USN-4127-1: Python vulnerabilities | Cloud Foundry

2019-09-30 00:00:00

threatpost

Cisco Releases Flood of Patches for IOS XE, But Leaves Some Routers Open to Attack

2019-03-27 21:48:15

ics

Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1

2023-12-14 12:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

9.2 High

AI Score

Confidence

High

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.005 Low

EPSS

Percentile

74.9%

JSON

Related for OSV:PSF-2019-12