PSF-2021-2 ipaddress leading zeros in IPv4 address

In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This in some situations allows attackers to bypass access control that is based on IP addresses...

CVE-2021-29921

A flaw was found in python-ipaddress. Improper input validation of octal strings in stdlib ipaddress allows unauthenticated remote attackers to perform indeterminate SSRF, RFI, and LFI attacks on many programs that rely on Python stdlib ipaddress. The highest threat from this vulnerability is to...

FreeBSD : Python -- multiple vulnerabilities (bffa40db-ad50-11eb-86b8-080027846a02)

Python reports : bpo-43434: Creating a sqlite3.Connection object now also produces a sqlite3.connect auditing event. Previously this event was only produced by sqlite3.connect calls. Patch by Erlend E. Aasland. bpo-43882: The presence of newline or tab characters in parts of a URL could allow som...

Python 安全漏洞

Python is an open source, object-oriented programming language from the Python Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. A security vulnerability in Python stdlib ipaddress 3.10 and below allows unauthenticated, remote attackers to...

SUSE: Security Advisory (SUSE-SU-2020:2157-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:1920-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP3 : python-ipaddress (EulerOS-SA-2021-1115)

According to the version of the python-ipaddress package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow...

Huawei EulerOS: Security Advisory for python-ipaddress (EulerOS-SA-2021-1115)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exploit for Deserialization of Untrusted Data in Rubyonrails Rails

CVE-2020-8165.py A shell for CVE-2020-8...

Oracle Linux 7 : python3 (ELSA-2020-5010)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5010 advisory. - Avoid infinite loop when reading specially crafted TAR files CVE-2019-20907 Resolves: rhbz1856481 Tenable has extracted the preceding description blo...

python: DoS via inefficiency in IPv{4,6}Interface classes

A vulnerability was found in the way the ipaddress python module computes hash values in the IPv4Interface and IPv6Interface classes. This flaw allows an attacker to create many dictionary entries, due to the performance of a dictionary containing the IPv4Interface or IPv6Interface objects,...

Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects and this attacker can cause many dictionary entries to be created. This is fixed in: v3.5.10 v3.5.10rc1; v3.6.12; v3.7.9; v3.8.4 v3.8.4rc1 v3.8.5 v3.8.6 v3.8.6rc1; v3.9.0 v3.9.0b4 v3.9.0b5 v3.9.0rc1 v3.9.0rc2.

...

EulerOS Virtualization 3.0.6.6 : python-ipaddress (EulerOS-SA-2020-2472)

According to the version of the python-ipaddress package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes,...

Huawei EulerOS: Security Advisory for python-ipaddress (EulerOS-SA-2020-2472)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

python: DoS via inefficiency in IPv{4,6}Interface classes

A vulnerability was found in the way the ipaddress python module computes hash values in the IPv4Interface and IPv6Interface classes. This flaw allows an attacker to create many dictionary entries, due to the performance of a dictionary containing the IPv4Interface or IPv6Interface objects,...

python: DoS via inefficiency in IPv{4,6}Interface classes

A vulnerability was found in the way the ipaddress python module computes hash values in the IPv4Interface and IPv6Interface classes. This flaw allows an attacker to create many dictionary entries, due to the performance of a dictionary containing the IPv4Interface or IPv6Interface objects,...

Huawei EulerOS: Security Advisory for python-ipaddress (EulerOS-SA-2020-2438)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python-ipaddress (EulerOS-SA-2020-2420)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : python-ipaddress (EulerOS-SA-2020-2438)

According to the version of the python-ipaddress package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow...

EulerOS 2.0 SP9 : python-ipaddress (EulerOS-SA-2020-2420)

According to the version of the python-ipaddress package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow...