35 matches found
Fedora 33 : python3.6 (2021-7547ad987f)
The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-7547ad987f advisory. - Python 3.x through 3.9.1 has a buffer overflow in PyCArgrepr in ctypes/callproc.c, which may lead to remote code execution in certain Python...
Fedora 33 : python3.7 (2021-f4fd9372c7)
The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-f4fd9372c7 advisory. - Python 3.x through 3.9.1 has a buffer overflow in PyCArgrepr in ctypes/callproc.c, which may lead to remote code execution in certain Python...
Fedora 33 : python2.7 (2021-66547ff92d)
The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-66547ff92d advisory. - Python 3.x through 3.9.1 has a buffer overflow in PyCArgrepr in ctypes/callproc.c, which may lead to remote code execution in certain Python...
SUSE SLED15 / SLES15 Security Update : python (SUSE-SU-2021:0355-1)
This update for python fixes the following issues : buffer overflow in PyCArgrepr in ctypes/callproc.c, which may lead to remote code execution bsc1181126, CVE-2021-3177. Provide the newest setuptools wheel bsc1176262, CVE-2019-20916 in their correct form bsc1180686. Note that Tenable Network...
Fedora 32 : python3 (2021-076a2dccba)
The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-076a2dccba advisory. - Python 3.x through 3.9.1 has a buffer overflow in PyCArgrepr in ctypes/callproc.c, which may lead to remote code execution in certain Python...
Fedora 33 : python3.8 (2021-cc3ff94cfc)
The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-cc3ff94cfc advisory. - Python 3.x through 3.9.1 has a buffer overflow in PyCArgrepr in ctypes/callproc.c, which may lead to remote code execution in certain Python...
Internet Bug Bounty: Buffer overflow in PyCArg_repr in _ctypes/callproc.c for Python 3.x to 3.9.1
TL;DR Description Python 3.x through 3.9.1 has a buffer overflow in PyCArgrepr in ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to cdouble.fromparam. This occurs...
CVE-2021-3177
Python 3.x through 3.9.1 has a buffer overflow in PyCArgrepr in ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to cdouble.fromparam. This occurs because sprintf is...
CVE-2021-3177
Python 3.x through 3.9.1 has a buffer overflow in PyCArgrepr in ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to cdouble.fromparam. This occurs because sprintf is...
Buffer overflow
Python 3.x through 3.9.1 has a buffer overflow in PyCArgrepr in ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to cdouble.fromparam. This occurs because sprintf is...
UBUNTU-CVE-2021-3177
Python 3.x through 3.9.1 has a buffer overflow in PyCArgrepr in ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to cdouble.fromparam. This occurs because sprintf is...
Python Buffer Error Vulnerability
Python is an open source, object-oriented programming language from the Python Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. Python 3.x through 3.9.1 suffers from a buffer error vulnerability that originates in PyCArgrepr in...
CVE-2021-3177
CVE-2021-3177: A buffer overflow in PyCArg_repr of Python’s ctypes (_ctypes/callproc.c) may allow remote code execution when untrusted floating-point input is passed (e.g., 1e300 to c_double.from_param) due to unsafe use of sprintf. Affected: Python 3.x up to 3.9.1. Remediation exists in multiple...
CVE-2021-3177
Python 3.x through 3.9.1 has a buffer overflow in PyCArgrepr in ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to cdouble.fromparam. This occurs because sprintf is...
PSF-2021-3 ctypes: Buffer overflow in PyCArg_repr
Python 3.x through 3.9.1 has a buffer overflow in PyCArgrepr in ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to cdouble.fromparam. This occurs because sprintf is...