MiracleLinux 7 : python-2.7.5-88.0.1.el7.AXS7 (AXSA:2020-4713:15)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-4713:15 advisory. python: Cookie domain check returns incorrect results CVE-2018-20852 python: email.utils.parseaddr wrongly parses email addresses CVE-2019-16056...

Advisory ROSA-SA-2023-2203

Software: python 2.7.5 OS: rosa-server79 packageevrstring: python-2.7.5-93.res7 CVE-ID: CVE-2023-24329 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A problem in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blacklisting methods by providing a URL that starts with empty...

Directory traversal

The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as...

python security and bug fix update

2.7.5-86.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-86 - Security fix for CVE-2019-10160 Resolves: rhbz1718388 2.7.5-85 - Security fix for CVE-2019-9948 Resolves: rhbz1704174 2.7.5-84 - Disallow control chars in http URLs - Fixes CVE-2019-9740 and CVE-2019-9947...

GetHead - HTTP Header Analysis Vulnerability Tool

gethead.py is a Python HTTP Header Analysis Vulnerability Tool. It identifies security vulnerabilities and the lack of protection in HTTP Headers. Usage: $ python gethead.py http://domain.com Changelog Version 0.1 - Initial Release Written in Python 2.7.5 Performs HTTP Header Analysis Reports...

Fedora 20 : python-2.7.5-16.fc20 (2015-6010)

Security fix for CVE-2013-1752 multiple unbound readline DoS flaws in python stdlib following fixes which all relates to this CVE are in this patch : - ftplib: Limit amount of data read by limiting the call to readline. 16038 - imaplib: limit line length in imaplib readline calls. 16039 - nntplib...

CVE-2014-4650

The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as...

Fedora 20 : python-2.7.5-10.fc20 (2014-2394)

Buffer overflow fix. See upstream issue: http://bugs.python.org/issue20246 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducin...