57 matches found
K15638: Python vulnerability CVE-2013-4238
Security Advisory Description The ssl.matchhostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL server...
SUSE CVE-2013-4238
The ssl.matchhostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate...
Plone Unauthorized Access Vulnerability
Accessing private content via str.format in through-the-web templates and scripts in Plone 2.5-5.1rc1. This improves an earlier hotfix. Since the format method was introduced in Python 2.6, this part of the hotfix is only relevant for Plone 4 and 5...
GHSA-QC57-H2F7-P4HX Plone Unauthorized Access Vulnerability
Accessing private content via str.format in through-the-web templates and scripts in Plone 2.5-5.1rc1. This improves an earlier hotfix. Since the format method was introduced in Python 2.6, this part of the hotfix is only relevant for Plone 4 and 5...
Uncompyle6 - A Cross-Version Python Bytecode Decompiler
A native Python cross-version decompiler and fragment decompiler. The successor to decompyle, uncompyle, and uncompyle2. Introduction uncompyle6 translates Python bytecode back into equivalent Python source code. It accepts bytecodes from Python version 1.3 to version 3.8, spanning over 24 years ...
SUSE-RU-2019:1703-1 Security update for SUSE Manager Server 3.2
This update fixes the following issues: cobbler: - Removes string replace for textmode fix bsc1134195 py26-compat-salt: - Avoid syntax error on yumpkg module running on Python 2.6 bsc1136250 - Use ThreadPool from multiprocessing.pool to avoid leakins when calculating FQDNs - Fix usermod options f...
Man-in-the-Middle (MitM)
python is vulnerable to man-in-the-middle MitM attacks. The vulnerability exists as the ssl.matchhostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a \0 character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows...
[SECURITY] Fedora 29 Update: python26-2.6.9-17.fc29
Python 2.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 2.6, see other distributions that support it, such as CentOS or RHEL 6...
[SECURITY] Fedora 28 Update: python26-2.6.9-17.fc28
Python 2.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 2.6, see other distributions that support it, such as CentOS or RHEL 6...
[SECURITY] Fedora 27 Update: python26-2.6.9-17.fc27
Python 2.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 2.6, see other distributions that support it, such as CentOS or RHEL 6...
CVE-2017-1000483
Accessing private content via str.format in through-the-web templates and scripts in Plone 2.5-5.1rc1. This improves an earlier hotfix. Since the format method was introduced in Python 2.6, this part of the hotfix is only relevant for Plone 4 and 5...
Sandbox Escape
AccessControl is vulnerable to sandbox escapes. Attackers can use the str.format function through web templates to access private content. Note: this is only relevant for projects using Python 2.6 or greater...
Format string
Accessing private content via str.format in through-the-web templates and scripts in Plone 2.5-5.1rc1. This improves an earlier hotfix. Since the format method was introduced in Python 2.6, this part of the hotfix is only relevant for Plone 4 and 5...
CVE-2017-1000483
Accessing private content via str.format in through-the-web templates and scripts in Plone 2.5-5.1rc1. This improves an earlier hotfix. Since the format method was introduced in Python 2.6, this part of the hotfix is only relevant for Plone 4 and 5...
CVE-2017-1000483
Accessing private content via str.format in through-the-web templates and scripts in Plone 2.5-5.1rc1. This improves an earlier hotfix. Since the format method was introduced in Python 2.6, this part of the hotfix is only relevant for Plone 4 and 5...
PYSEC-2018-72
Accessing private content via str.format in through-the-web templates and scripts in Plone 2.5-5.1rc1. This improves an earlier hotfix. Since the format method was introduced in Python 2.6, this part of the hotfix is only relevant for Plone 4 and 5...
CVE-2017-1000483
Accessing private content via str.format in through-the-web templates and scripts in Plone 2.5-5.1rc1. This improves an earlier hotfix. Since the format method was introduced in Python 2.6, this part of the hotfix is only relevant for Plone 4 and 5...
[SECURITY] Fedora 26 Update: python26-2.6.9-7.fc26
Python 2.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 2.6, see other distributions that support it, such as CentOS or RHEL 6...
[SECURITY] Fedora 27 Update: python26-2.6.9-10.fc27
Python 2.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 2.6, see other distributions that support it, such as CentOS or RHEL 6...
Debian DLA-1190-1 : python2.6 security update
A minor security vulnerability has been discovered in Python 2.7, an interactive high-level object-oriented language. CVE-2017-1000158 CPython the reference implementation of Python also commonly known as simply Python versions 2.6 and 2.7 are vulnerable to an integer overflow and heap corruption...