20 matches found
Photon OS 2.0: Python3 PHSA-2018-2.0-0037
An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2018-2.0-0037. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CVE-2017-18207 affecting package python2 for versions less than 2.7.18-8
CVE-2017-18207 affecting package python2 for versions less than 2.7.18-8. A patched version of the package is available...
Mageia: Security Advisory (MGASA-2018-0270)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:0114-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:0302-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:0934-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2017-18207 affecting package python2 2.7.18-14
CVE-2017-18207 affecting package python2 2.7.18-14. A patched version of the package is available...
Huawei EulerOS: Security Advisory for python (EulerOS-SA-2020-1427)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.6.0 : python2 (EulerOS-SA-2020-1344)
According to the versions of the python2 packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A ZIP bomb attack was found in the Python zipfile module. A remote attacker could abuse this flaw by providing a...
Huawei EulerOS: Security Advisory for python2 (EulerOS-SA-2020-1344)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for python2 (EulerOS-SA-2020-1295)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : python36 (SUSE-SU-2020:0302-1)
This update for python36 to version 3.6.10 fixes the following issues : CVE-2017-18207: Fixed a denial of service in Waveread.readfmtchunk bsc1083507. CVE-2019-16056: Fixed an issue where email parsing could fail for multiple @ signs bsc1149955. CVE-2019-15903: Fixed a heap-based buffer over-read...
SUSE-SU-2020:0302-1 Security update for python36
This update for python36 to version 3.6.10 fixes the following issues: - CVE-2017-18207: Fixed a denial of service in Waveread.readfmtchunk bsc1083507. - CVE-2019-16056: Fixed an issue where email parsing could fail for multiple @ signs bsc1149955. - CVE-2019-15903: Fixed a heap-based buffer...
openSUSE: Security Advisory for python3 (openSUSE-SU-2020:0086_1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : python3 (openSUSE-2020-86) (BEAST) (httpoxy)
This update for python3 to version 3.6.10 fixes the following issues : - CVE-2017-18207: Fixed a denial of service in Waveread.readfmtchunk bsc1083507. - CVE-2019-16056: Fixed an issue where email parsing could fail for multiple @ bsc1149955. - CVE-2019-15903: Fixed a heap-based buffer over-read ...
Security update for python3 (important)
openSUSE Security Update: Security update for python3 Announcement ID: openSUSE-SU-2020:0086-1 Rating: important References: 1027282 1029377 1029902 1040164 1042670 1070853 1079761 1081750 1083507 1086001 1088004 1088009 1088573 1094814 1107030 1109663 1109847 1120644 1122191 1129346 1130840...
Security Bulletin: Vulnerabilities in Python affect IBM BladeCenter Advanced Management Module (AMM)
Summary IBM BladeCenter Advanced Management Module AMM has addressed the following vulnerabilities in Python. Vulnerability Details CVEID: CVE-2017-18207 DESCRIPTION: Python is vulnerable to a denial of service, caused by a divide-by-zero in the Waveread.readfmtchunk function in Lib/wave.py. By...
SUSE SLED12 / SLES12 Security Update : python (SUSE-SU-2018:2040-1)
This update for python fixes the following issues: The following security vulnerabilities were addressed : - Add a check to Lib/wave.py that verifies that at least one channel is provided. Prior to this, attackers could cause a denial of service via a crafted wav format audio file. bsc1083507,...
openSUSE Security Update : python3 (openSUSE-2018-372)
This update for python3 fixes the following issues : Security issue fixed : - CVE-2017-18207: Fixed possible denial of service vulnerability by adding a check to Lib/wave.py that verifies that at least one channel is provided bsc1083507. This update was imported from the SUSE:SLE-12:Update update...
CVE-2017-18207
CVE-2017-18207 affects Python’s CPython before or up to 3.6.4, where the Wave_read._read_fmt_chunk implementation may not ensure a nonzero channel value, enabling a denial of service through a crafted WAV file (divide-by-zero/exception). The root cause is in Lib/wave.py; exploitation details are ...