Ubuntu 18.04 LTS / 20.04 LTS : Python vulnerabilities (USN-4754-3)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4754-3 advisory. USN-4754-1 fixed vulnerabilities in Python. This update provides the corresponding updates for Ubuntu 18.04 and Ubuntu 20.04. In the case of...

USN-4754-3: Python vulnerabilities

USN-4754-1 fixed vulnerabilities in Python. This update provides the corresponding updates for Ubuntu 18.04 and Ubuntu 20.04. In the case of Python 2.7 for 20.04, these additional fixes are included: It was dicovered that Python allowed remote attackers to cause a denial of service resource...

Vulnerabilities fixed in Python

Vulnerabilities have been fixed in Python. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to sensitive data Python developers have indicated that the vulnerability with...

Fedora 32 : python27 (2021-17668e344a)

The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-17668e344a advisory. - Python 3.x through 3.9.1 has a buffer overflow in PyCArgrepr in ctypes/callproc.c, which may lead to remote code execution in certain Python...

Python: Multiple vulnerabilities

Background Python is an interpreted, interactive, object-oriented programming language. Description Multiple vulnerabilities have been discovered in Python. Please review the bugs referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of t...

Oracle Linux 8 : python3 (ELSA-2020-4433)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4433 advisory. - Avoid infinite loop when reading specially crafted TAR files CVE-2019-20907 Resolves: rhbz1856481 - Resolve hash collisions for Pv4Interface and...

Security Bulletin: IBM Security Guardium is affected by Python vulnerabilities

Summary IBM Security Guardium has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2019-9948 DESCRIPTION: Python could allow a remote attacker to bypass security restrictions, caused by improper input validation by the urllib. By sending a specially-crafted request, an...

OPENSUSE-SU-2020:1257-1 Security update for python

This update for python fixes the following issues: - CVE-2019-20907: Avoid a possible infinite loop caused by specifically crafted tarballs bsc1174091. This update was imported from the SUSE:SLE-15:Update update project...

USN-4428-1 python2.7, python3.4, python3.5, python3.6, python3.8 vulnerabilities

It was discovered that Python documentation had a misleading information. A security issue could be possibly caused by wrong assumptions of this information. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. CVE-2019-17514 It was discovered that...

Security Bulletin: Vulnerabilities in Python affect IBM SmartCloud Entry (CVE-2016-0772 CVE-2016-5699 CVE-2016-1000110)

Summary IBM SmartCloud Entry is vulnerable to Python vulnerabilities. Attackers could exploit these vulnerabilities to strip out the STARTTLS command without generating an exception on the python SMTP client application and prevent the establishment of the TLS layer, inject arbitrary HTTP headers...

Security Bulletin: Python vulnerabilities affect IBM SmartCloud Entry (CVE-2013-1752 CVE-2014-1912 CVE-2014-4650 CVE-2014-7185)

Summary IBM SmartCloud Entry is vulnerable to several Python vulnerabilities. Remote Attackers can exploit them to execute arbitrary code or obtain sensetive information. Vulnerability Details CVEID: CVE-2013-1752 DESCRIPTION: Python SSL module is vulnerable to denial of service, caused by an...

PT-2021-3603 · Python +9 · Python +9

Name of the Vulnerable Software and Affected Versions: Python versions prior to 3.8.9 Python versions prior to 3.9.3 Python versions prior to 3.10.0a7 Description: The issue is related to a flaw in Python 3's pydoc, which could allow a local or adjacent attacker to access sensitive information...

USN-4333-1: Python vulnerabilities

It was discovered that Python incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection. CVE-2019-18348 It was discovered that Python incorrectly handled certain HTTP requests. An attacker could possibly use this issue to cause a denia...

USN-4333-1 python2.7, python3.4, python3.5, python3.6, python3.7 vulnerabilities

It was discovered that Python incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection. CVE-2019-18348 It was discovered that Python incorrectly handled certain HTTP requests. An attacker could possibly use this issue to cause a denia...

RHEL 7 : python3 (RHSA-2020:1132)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1132 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

GLSA-202003-26 : Python: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202003-26 Python: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Python. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly perform a CRLF injection...

SUSE-SU-2020:0510-1 Security update for python

This update for python fixes the following issues: Security issues fixed: - CVE-2019-9674: Improved the documentation, warning about dangers of zip-bombs bsc1162825. - CVE-2020-8492: Fixed a regular expression in urrlib that was prone to denial of service via HTTP bsc1162367...

NewStart CGSL CORE 5.05 / MAIN 5.05 : python Multiple Vulnerabilities (NS-SA-2019-0229)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has python packages installed that are affected by multiple vulnerabilities: - An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509...

SUSE-SU-2019:3068-1 Security update for ardana-db, ardana-keystone, ardana-neutron, ardana-nova, crowbar-core, crowbar-openstack, crowbar-ui, openstack-barbican, openstack-heat-templates, openstack-keystone, openstack-neutron, openstack-neutron-gbp, openstack-neutron-lbaas, openstack-nova, openstack-octavia, openstack-sahara, python-psutil, release-notes-suse-openstack-cloud

This update for ardana-db, ardana-keystone, ardana-neutron, ardana-nova, crowbar-core, crowbar-openstack, crowbar-ui, openstack-barbican, openstack-heat-templates, openstack-keystone, openstack-neutron, openstack-neutron-gbp, openstack-neutron-lbaas, openstack-nova, openstack-octavia,...

OPENSUSE-SU-2019:2389-1 Security update for python

This update for python fixes the following issues: Security issues fixed: - CVE-2019-9947: Fixed an insufficient validation of URL paths with embedded whitespace or control characters that could allow HTTP header injections. bsc1130840 - CVE-2019-16056: Fixed a parser issue in the email module...