Astra Linux - уязвимость в python2.7

In Python 3.x through 3.9.1, there is a buffer overflow issue in the PyCArgrepr function within ctypes/callproc.c. This issue may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input. This was demonstrated by the use of the argument...

BIT-PYTHON-2021-3177

Python 3.x through 3.9.1 has a buffer overflow in PyCArgrepr in ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to cdouble.fromparam. This occurs because sprintf is...

NewStart CGSL MAIN 6.06 : python-jinja2 Multiple Vulnerabilities (NS-SA-2023-0137)

The remote NewStart CGSL host, running version MAIN 6.06, has python-jinja2 packages installed that are affected by multiple vulnerabilities: - psutil aka python-psutil through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts syste...

Advisory ROSA-SA-2023-2203

Software: python 2.7.5 OS: rosa-server79 packageevrstring: python-2.7.5-93.res7 CVE-ID: CVE-2023-24329 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A problem in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blacklisting methods by providing a URL that starts with empty...

python3 security update

3.6.8-19.0.1 - Remove the 'getfile' feature of pydoc Orabug: 33182027CVE-2021-3426 - Fix buffer overflow in PyCArgrepr Orabug: 32551171CVE-2021-3177 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-19 - Security fix for CVE-2023-24329 - Fix the test suite support for Expat =...

Scientific Linux Security Update : python on SL7.x i686/x86_64 (2022:5235)

The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:5235-1 advisory. - python: CRLF injection via HTTP request method in httplib/http.client CVE-2020-26116 - python-urllib3: CRLF injection via HTTP request method...

RHEL 7 : python (RHSA-2022:5235)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5235 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

Debian DLA-2919-1 : python2.7 - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2919 advisory. - Python 3.x through 3.9.1 has a buffer overflow in PyCArgrepr in ctypes/callproc.c, which may lead to remote code execution in certain Python applications that...

Python < 3.6.13, 3.7.x < 3.7.10, 3.8.x < 3.8.8, 3.9.x < 3.9.2 Python Issue (bpo-42938) - Windows

Python is prone to a buffer overflow vulnerability in SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescripti...

Python < 3.6.13, 3.7.x < 3.7.10, 3.8.x < 3.8.8, 3.9.x < 3.9.2 Python Issue (bpo-42938) - Mac OS X

Python is prone to a buffer overflow vulnerability in SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescripti...

CentOS 8 : python27:2.7 (CESA-2021:1761)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:1761 advisory. - python: CRLF injection via HTTP request method in httplib/http.client CVE-2020-26116 - python-urllib3: CRLF injection via HTTP request method...

python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c

A flaw was found in python. A stack-based buffer overflow was discovered in the ctypes module provided within Python. Applications that use ctypes without carefully validating the input passed to it may be vulnerable to this flaw, which would allow an attacker to overflow a buffer on the stack an...

EulerOS Virtualization 2.9.1 : python3 (EulerOS-SA-2021-1722)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and...

The vulnerability of the PyCArg_repr function (ctypes/callproc.c) in the Python interpreter allows a hacker to execute arbitrary code.

The vulnerability of the PyCArgrepr function ctypes/callproc.c in the Python interpreter is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

python38:3.8 security update

python38 3.8.3-3.0.1 - Fix buffer overflow in PyCArgrepr Orabug: 32551171CVE-2021-3177...

python27:2.7 security update

python2 2.7.17-2.0.2 - Fix buffer overflow in PyCArgrepr Orabug: 32551171CVE-2021-3177...

python security update

2.7.5-90.0.3 - Fix buffer overflow in PyCArgrepr Orabug: 32551171CVE-2021-3177...

python3 security update

3.6.8-18.0.3 - Fix buffer overflow in PyCArgrepr Orabug: 32551171CVE-2021-3177...

python3 security update

3.6.8-31.0.3 - Fix buffer overflow in PyCArgrepr Orabug: 32551171CVE-2021-3177...

OESA-2021-1066 python3 security update

Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...