CVE-2024-39205

An issue in pyload-ng v0.5.0b3.dev85 running under python3.11 or below allows attackers to execute arbitrary code via a crafted HTTP request...

PT-2024-7641 · Python +2 · Python +2

Name of the Vulnerable Software and Affected Versions: pyload-ng version 0.5.0b3.dev85 pyload running under python3.11 or below Description: The issue is related to insufficient input validation in the pyload software, allowing a remote attacker to execute arbitrary code by sending a specially...

AZL-47860 CVE-2024-7592 affecting package python3 for versions less than 3.9.19-4

There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing cookies that contained backslashes for quoted characters in the cookie value, the parser would use an algorithm with quadratic complexity, resulting in excess CPU resourc...

AZL-6828 CVE-2007-4559 affecting package python3 for versions less than 3.9.19-1

Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. dot dot sequence in filenames in a TAR archive, a related issue to CVE-2001-1267...