Amazon Linux 2 : python (ALAS-2019-1230)

A NULL pointer dereference vulnerability was found in the certificate parsing code in Python. This causes a denial of service to applications when parsing specially crafted certificates. This vulnerability is unlikely to be triggered if application enables SSL/TLS certificate validation and accep...

Important: Red Hat Security Advisory: python27-python and python27-python-jinja2 security and bug fix update

An update for python27-python and python27-python-jinja2 is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib

A flaw was found in the way catastrophic backtracking was implemented in python's difflib.ISLINEJUNK method. An attacker could use this flaw to cause denial of service...

Denial Of Service (DoS)

Python is vulnerable to denial of serviceDoS attacks. This is because the implementation of catastrophic backtracking. A remote authenticated user could trigger a denial of service condition via backtracking in 'difflib.ISLINEJUNK' method in difflib which may leads to a application crash...

EulerOS Virtualization for ARM 64 3.0.1.0 : python (EulerOS-SA-2019-1403)

According to the versions of the python packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding with an...

EulerOS Virtualization 2.5.3 : python (EulerOS-SA-2019-1246)

According to the versions of the python packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way catastrophic backtracking was implemented in python's pop3lib's apop method. An attacker could use th...

EulerOS Virtualization 2.5.4 : python (EulerOS-SA-2019-1248)

According to the versions of the python packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way catastrophic backtracking was implemented in python's pop3lib's apop method. An attacker could use th...

EulerOS 2.0 SP5 : python (EulerOS-SA-2019-1072)

According to the versions of the python packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - python: DOS via regular expression backtracking in difflib.ISLINEJUNK method in difflib CVE-2018-1061 - python: DOS via regular expression...

EulerOS 2.0 SP2 : python (EulerOS-SA-2019-1055)

According to the versions of the python packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - python: DOS via regular expression backtracking in difflib.ISLINEJUNK method in difflib CVE-2018-1061 - python: DOS via regular expression...

Fedora 28 : python34 (2018-c3a2174314)

Security update to 3.4.9 with fix for CVE-2018-1060: difflib and poplib catastrophic backtracking. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...

RHEL 7 : python (RHSA-2018:3041)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3041 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

Moderate: Red Hat Security Advisory: python security and bug fix update

An update for python is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib

A flaw was found in the way catastrophic backtracking was implemented in python's difflib.ISLINEJUNK method. An attacker could use this flaw to cause denial of service...

Debian DSA-4306-1 : python2.7 - security update

Multiple security issues were discovered in Python: ElementTree failed to initialise Expat's hash salt, two denial of service issues were found in difflib and poplib and the shutil module was affected by a command injection vulnerability. C Tenable Network Security, Inc. The descriptive text and...

[SECURITY] [DSA 4306-1] python2.7 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4306-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 27, 2018 https://www.debian.org/security/faq -...

Fedora 27 : python34 (2018-875afebb87)

Security update to 3.4.9 with fix for CVE-2018-1060: difflib and poplib catastrophic backtracking. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...

Fedora 27 : python35 (2018-04d49a1804)

Security update to 3.5.6 with fix for CVE-2018-1060: difflib and poplib catastrophic backtracking. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...

python denial of service vulnerability (CNVD-2018-24286)

Python is an open source, object-oriented programming language from the Python Software Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. A security vulnerability exists in the difflib.ISLINEJUNK method in Python. An attacker can exploit this...

CVE-2018-1061

python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.ISLINEJUNK method. An attacker could use this flaw to cause denial of service...

DEBIAN-CVE-2018-1061

python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.ISLINEJUNK method. An attacker could use this flaw to cause denial of service...