GHSA-J3J3-JRFH-CM2W Django Denial-of-service possibility with strip_tags

The utils.html.striptags function in Django 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1, when using certain versions of Python, allows remote attackers to cause a denial of service infinite loop by increasing the length of the input string...

DEBIAN-CVE-2015-20107

In Python aka CPython up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input if they lack validation of user-provided...

OESA-2022-1566 python3 security update

Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...

A flaw was found in Python specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an attacker to input a crafted URL leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1 3.9.5 3.8.11 3.7.11 and 3.6.14.

...

Execution with Unnecessary Privileges in ipython

We’d like to disclose an arbitrary code execution vulnerability in IPython that stems from IPython executing untrusted files in CWD. This vulnerability allows one user to run code as another. Proof of concept User1: mkdir -m 777 /tmp/profiledefault mkdir -m 777 /tmp/profiledefault/startup echo...

Python < 2.7.10, 3.x < 3.3.7, 3.4.x < 3.4.4 HTTP Header Injection Vulnerability (bpo-22928) - Linux

Python is prone to a HTTP header injection vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...

UBUNTU-CVE-2021-3426

There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to...

CVE-2021-3426

There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to...

CVE-2021-3426

There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to...

PYSEC-2021-34

models/metadata.py in the pikepdf package 1.3.0 through 2.9.2 for Python allows XXE when parsing XMP metadata entries...

OESA-2021-1066 python3 security update

Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...

AZL-6827 CVE-2021-23336 affecting package python2 for versions less than 2.7.18-8

The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can...

PT-2021-3621 · Apache +10 · Apache Tomcat +10

Name of the Vulnerable Software and Affected Versions: python/cpython versions 0 through 3.6.13 python/cpython versions 3.7.0 through 3.7.10 python/cpython versions 3.8.0 through 3.8.8 python/cpython versions 3.9.0 through 3.9.2 Description: The issue is related to Web Cache Poisoning via...

ALPINE-CVE-2021-3177

Python 3.x through 3.9.1 has a buffer overflow in PyCArgrepr in ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to cdouble.fromparam. This occurs because sprintf is...

UBUNTU-CVE-2021-3177

Python 3.x through 3.9.1 has a buffer overflow in PyCArgrepr in ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to cdouble.fromparam. This occurs because sprintf is...

DEBIAN-CVE-2020-27619

In Python 3 through 3.9.0, the Lib/test/multibytecodecsupport.py CJK codec tests call eval on content retrieved via HTTP...

commix

This is a PoC exploit for command injection attacks, specifically targeting web-based applications. The tool, named Commix, is designed to automate the process of testing web applications for command injection vulnerabilities. It can be used by web developers, penetration testers, or security...

python: email.utils.parseaddr wrongly parses email addresses

An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To header...

python: CRLF injection via the query part of the url passed to urlopen()

An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n specifically in the query string after a ? charact...

python: email.utils.parseaddr wrongly parses email addresses

An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To header...