Lucene search
K

14 matches found

OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.20 views

Mageia: Security Advisory (MGASA-2020-0249)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.03255EPSS
Exploits0References4
Mageia
Mageia
added 2020/06/10 10:26 p.m.30 views

Updated python-typed-ast packages fix security vulnerability

Updated python-typed-ast package fixes security vulnerabilities: typedast 1.3.0 and 1.3.1 has a handlekeywordonlyargs out-of-bounds read. An attacker with the ability to cause a Python interpreter to parse Python source but not necessarily execute it may be able to crash the interpreter process...

7.5CVSS4.6AI score0.03255EPSS
Exploits0References2
OSV
OSV
added 2020/05/04 10:13 a.m.7 views

OPENSUSE-SU-2020:0609-1 Security update for python-typed-ast

This update for python-typed-ast fixes the following issues: python-typed-ast was reverted to version 1.3.1 because it broke another package bsc1163532. Security issues fixed: - CVE-2019-19274: Fixed an out-of-bounds read bsc1161562. - CVE-2019-19275: Fixed an out-of-bounds read bsc1161563. This...

7.5CVSS7.5AI score0.03255EPSS
Exploits0References6
OPENSUSE Linux
OPENSUSE Linux
added 2020/05/04 12:0 a.m.34 views

Security update for python-typed-ast (low)

openSUSE Security Update: Security update for python-typed-ast Announcement ID: openSUSE-SU-2020:0609-1 Rating: low References: 1161562 1161563 1163532 Cross-References: CVE-2019-19274 CVE-2019-19275 Affected Products: openSUSE Backports SLE-15-SP1 An update that solves two vulnerabilities and ha...

7.5CVSS7.8AI score0.03255EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/05/04 12:0 a.m.30 views

openSUSE Security Update : python-typed-ast (openSUSE-2020-567)

This update for python-typed-ast fixes the following issues : python-typed-ast was reverted to version 1.3.1 because it broke another package bsc1163532. Security issues fixed : - CVE-2019-19274: Fixed an out-of-bounds read bsc1161562. - CVE-2019-19275: Fixed an out-of-bounds read bsc1161563. C...

7.5CVSS7.1AI score0.03255EPSS
Exploits0References5
OSV
OSV
added 2020/05/01 4:19 a.m.9 views

OPENSUSE-SU-2020:0567-1 Security update for python-typed-ast

This update for python-typed-ast fixes the following issues: python-typed-ast was reverted to version 1.3.1 because it broke another package bsc1163532. Security issues fixed: - CVE-2019-19274: Fixed an out-of-bounds read bsc1161562. - CVE-2019-19275: Fixed an out-of-bounds read bsc1161563...

7.5CVSS7.5AI score0.03255EPSS
Exploits0References6
OPENSUSE Linux
OPENSUSE Linux
added 2020/05/01 12:0 a.m.95 views

Security update for python-typed-ast (low)

openSUSE Security Update: Security update for python-typed-ast Announcement ID: openSUSE-SU-2020:0567-1 Rating: low References: 1161562 1161563 1163532 Cross-References: CVE-2019-19274 CVE-2019-19275 Affected Products: openSUSE Leap 15.1 An update that solves two vulnerabilities and has one errat...

7.5CVSS7.8AI score0.03255EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2020/03/15 12:0 a.m.18 views

Fedora: Security Advisory for python3-typed_ast (FEDORA-2020-9b3dabc21c)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.5AI score0.03255EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2019/12/02 6:2 p.m.8 views

filecrawl (>=1.0.0 <=1.0.0b2), hackingtools (>=0.9.94 <=2.0.3) +2 more potentially affected by CVE-2019-19274 via typed-ast (=1.3.1)

typed-ast PYPI version =1.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on typed-ast and may be impacted: - filecrawl =1.0.0, =0.9.94, =0.0.9, =0.0.1, =0.0.3 Source cves: CVE-2019-19274 Source advisory: OSV:GHSA-M3JW-62M7-JJCM...

7.5CVSS7.1AI score0.03255EPSS
Exploits0
Hacker One
Hacker One
added 2019/11/26 5:21 p.m.27 views

Internet Bug Bounty: Two out-of-bounds array reads in Python AST builder (Re-opening 520612 with CVEs)

I'm re-submitting 520612 after getting CVEs issued, as instructed in an automated email from November 17th. Getting CVEs issued took a while, but here they are: - https://vulners.com/cve/CVE-2019-19274 - https://vulners.com/cve/CVE-2019-19275 Impact A service that takes Python snippets as payload...

5CVSS7.3AI score0.03255EPSS
Exploits0
OSV
OSV
added 2019/11/26 3:15 p.m.17 views

CVE-2019-19274

typedast 1.3.0 and 1.3.1 has a handlekeywordonlyargs out-of-bounds read. An attacker with the ability to cause a Python interpreter to parse Python source but not necessarily execute it may be able to crash the interpreter process. This could be a concern, for example, in a web-based service that...

7.5CVSS7.4AI score
Exploits0References6
OSV
OSV
added 2019/11/26 3:15 p.m.4 views

UBUNTU-CVE-2019-19274

typedast 1.3.0 and 1.3.1 has a handlekeywordonlyargs out-of-bounds read. An attacker with the ability to cause a Python interpreter to parse Python source but not necessarily execute it may be able to crash the interpreter process. This could be a concern, for example, in a web-based service that...

7.5CVSS7.1AI score0.03255EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2019/11/26 2:8 p.m.34 views

CVE-2019-19274

typedast 1.3.0 and 1.3.1 has a handlekeywordonlyargs out-of-bounds read. An attacker with the ability to cause a Python interpreter to parse Python source but not necessarily execute it may be able to crash the interpreter process. This could be a concern, for example, in a web-based service that...

7.5CVSS7.4AI score0.03255EPSS
Exploits0
CVE
CVE
added 2019/11/26 2:8 p.m.168 views

CVE-2019-19274

CVE-2019-19274 concerns typed_ast versions 1.3.0 and 1.3.1 with a handle_keywordonly_args out-of-bounds read. The vulnerability could crash a Python interpreter that parses Python source (without execution), e.g., in web-based parsing services. Several advisories note fixes for CVE-2019-19274 (an...

7.5CVSS7.2AI score0.03255EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder