7 matches found
CVE-2020-15523
In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, and 3.9 through 3.9.0b4 on Windows, a Trojan horse python3.dll might be used in cases where CPython is embedded in a native application. This occurs because python3X.dll may use an invalid search path for python3.dll loading...
Python < 3.5.10, 3.6.x < 3.6.12, 3.7.x < 3.7.9, 3.8.x - 3.8.4rc1, 3.9.x - 3.9.0b4 Python Issue (bpo-29778) - Windows
Python is prone to an invalid search path vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...
FreeBSD : Python -- multiple vulnerabilities (3fcb70a4-e22d-11ea-98b2-080027846a02)
Python reports : bpo-29778: Ensure python3.dll is loaded from correct locations when Python is embedded CVE-2020-15523. bpo-41004: CVE-2020-14422: The hash methods of ipaddress.IPv4Interface and ipaddress.IPv6Interface incorrectly generated constant hash values of 32 and 128 respectively. This...
Python -- multiple vulnerabilities
Python reports: bpo-39603: Prevent http header injection by rejecting control characters in http.client.putrequest…. bpo-29778: Ensure python3.dll is loaded from correct locations when Python is embedded CVE-2020-15523. bpo-41004: CVE-2020-14422: The hash methods of ipaddress.IPv4Interface and...
Python DLL Loading Local Privilege Escalation
The version of Python installed on the remote Windows host is 3.6.x prior to 3.6.12, 3.7.x prior to 3.7.9, 3.8.x prior to 3.8.4, or 3.9.x prior to 3.9.0b5. It is, therefore, affected by an elevation of privilege vulnerability. A Trojan horse python3.dll might be used in cases where CPython is...
CVE-2020-15523
CVE-2020-15523 : On Windows, CPython embedded in a native app may load an attacker-controlled python3.dll due to an invalid search path for python3.dll after Py_SetPath. A Trojan horse python3.dll could be loaded for Python 3.6.0–3.6.10, 3.7.0–3.7.8, 3.8.0–3.8.4rc1, and 3.9.0–3.9.0b4, unless the ...
Python -- multiple vulnerabilities
Python reports: bpo-29778: Ensure python3.dll is loaded from correct locations when Python is embedded CVE-2020-15523. bpo-41004: CVE-2020-14422: The hash methods of ipaddress.IPv4Interface and ipaddress.IPv6Interface incorrectly generated constant hash values of 32 and 128 respectively. This...