MiracleLinux 7 : python-2.7.5-92.0.1.el7.AXS7 (AXSA:2022-3427:14)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3427:14 advisory. python: CRLF injection via HTTP request method in httplib/http.client CVE-2020-26116 python-urllib3: CRLF injection via HTTP request method...

BIT-LIBPYTHON-2021-3177

Python 3.x through 3.9.1 has a buffer overflow in PyCArgrepr in ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to cdouble.fromparam. This occurs because sprintf is...

python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c

A flaw was found in python. A stack-based buffer overflow was discovered in the ctypes module provided within Python. Applications that use ctypes without carefully validating the input passed to it may be vulnerable to this flaw, which would allow an attacker to overflow a buffer on the stack an...

python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c

A flaw was found in python. A stack-based buffer overflow was discovered in the ctypes module provided within Python. Applications that use ctypes without carefully validating the input passed to it may be vulnerable to this flaw, which would allow an attacker to overflow a buffer on the stack an...

Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.

...