34 matches found
MiracleLinux 7 : python-2.7.5-34.0.1.el7.AXS7 (AXSA:2015-803:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-803:01 advisory. IPy is a Python module for handling IPv4 and IPv6 Addresses and Networks in a fashion similar to perl's Net::IP and friends. The IP class allows a...
K000151520: Python vulnerabilities CVE-2018-20852, CVE-2014-4616, and CVE-2013-7040
Security Advisory Description CVE-2018-20852 http.cookiejar.DefaultPolicy.domainreturnok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong server. An attacker may abuse this flaw by using a server...
Linux Distros Unpatched Vulnerability : CVE-2014-4616
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Array index error in the scanstring function in the json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read...
RHEL 6 : python33-python (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - python: missing boundary check in JSON module CVE-2014-4616 Note that Nessus has not tested for this issue but has...
SUSE CVE-2014-4616
Array index error in the scanstring function in the json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the rawdecode function...
Mageia: Security Advisory (MGASA-2014-0286)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2014-0285)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Python < 2.7.7, 3.2.x < 3.2.6, 3.3.x < 3.3.6, 3.4.x < 3.4.1 JSONDecoder.raw_decode (bpo-21529) - Linux
Python is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescription...
Security Bulletin: A security vulnerability has been identified in the version of Python shipped with the IBM Resilient virtual appliance (CVE-2017-1000158, CVE-2014-4616)
Summary Security Bulletin: A security vulnerability has been identified in the version of Python shipped with the IBM Resilient virtual appliance CVE-2017-1000158, CVE-2014-4616 Vulnerability Details Title A security vulnerability has been identified in the version of Python shipped with the IBM...
Sensitive Information Leakage
Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 collection provide a stable release of Python 2.7 with a number of additional utilities and database connectors f...
Improper Input Validation
Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 collection provide a stable release of Python 2.7 with a number of additional utilities and database connectors f...
CVE-2014-4616
Array index error in the scanstring function in the json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the rawdecode function...
CVE-2014-4616
CVE-2014-4616 affects Python’s json implementation: the scanstring function in the _json module (and in simplejson prior to 2.6.1) has an array index error that can be triggered by a negative idx in raw_decode. Affected: Python 2.7–3.5 and simplejson
CVE-2014-4616
Array index error in the scanstring function in the json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the rawdecode function...
Oracle: Security Advisory (ELSA-2015-1064)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
python, tkinter security update
CentOS Errata and Security Advisory CESA-2015:2101 Updated python packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common...
Oracle: Security Advisory (ELSA-2015-2101)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 7 : python (ELSA-2015-2101)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-2101 advisory. - Fixed CVE-2013-1753, CVE-2013-1752, CVE-2014-4616, CVE-2014-4650, CVE-2014-7185 Resolves: rhbz1206574 Tenable has extracted the preceding description...
python security, bug fix, and enhancement update
2.7.5-34.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-34 - Revert fix for rhbz1117751 as it leads to regressions Resolves: rhbz1117751 2.7.5-33 - Only restore SIGPIPE when Popen called with restoresigpipe Resolves: rhbz1117751 2.7.5-32 - Backport SSLSocket.version...
Ubuntu 14.04 LTS : Python vulnerabilities (USN-2653-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2653-1 advisory. It was discovered that multiple Python protocol libraries incorrectly limited certain data when connecting to servers. A malicious ftp, http, imap, nntp,...