Amazon Linux AMI : python27, python35, python36 (ALAS-2020-1342)

The version of python27 installed on the remote host is prior to 2.7.16-1.131. The version of python35 installed on the remote host is prior to 3.5.7-1.25. The version of python36 installed on the remote host is prior to 3.6.10-1.16. It is, therefore, affected by a vulnerability as referenced in...

RHEL 8 : python27:2.7 (RHSA-2019:3335)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3335 advisory. Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic...

Moderate: Red Hat Security Advisory: python27:2.7 security and bug fix update

An update for the python27:2.7 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

python27:2.7 security and bug fix update

An update is available for python-pymongo, python2-rpm-macros, python-docutils, pytest, python-psycopg2, python-PyMySQL, python-lxml, PyYAML, python-pytest-mock, python-attrs, python-jinja2, python-docs, python-mock, python-ipaddress, python-funcsigs, python-py, python-chardet, python-markupsafe,...

CVE-2019-13404

The MSI installer for Python through 2.7.16 on Windows defaults to the C:\Python27 directory, which makes it easier for local users to deploy Trojan horse code. This also affects old 3.x releases before 3.5. NOTE: the vendor's position is that it is the user's responsibility to ensure C:\Python27...

Directory traversal

DISPUTED The MSI installer for Python through 2.7.16 on Windows defaults to the C:\Python27 directory, which makes it easier for local users to deploy Trojan horse code. This also affects old 3.x releases before 3.5. NOTE: the vendor's position is that it is the user's responsibility to ensure...

CVE-2019-13404

The MSI installer for Python through 2.7.16 on Windows defaults to the C:\Python27 directory, which makes it easier for local users to deploy Trojan horse code. This also affects old 3.x releases before 3.5. NOTE: the vendor's position is that it is the user's responsibility to ensure C:\Python27...

Important: Red Hat Security Advisory: python27-python and python27-python-jinja2 security and bug fix update

An update for python27-python and python27-python-jinja2 is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Important: Red Hat Security Advisory: python27:2.7 security update

An update for the python27:2.7 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

python27:2.7 security update

An update is available for python2-rpm-macros, python-docutils, pytest, python-psycopg2, python-PyMySQL, python-lxml, PyYAML, python-pytest-mock, python-attrs, python-jinja2, python-mock, python-ipaddress, python-funcsigs, python-py, python-chardet, python-markupsafe, python-pluggy,...

RLSA-2019:0981 Important: python27:2.7 security update

Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. SQLAlchemy is an Object Relational Mapper ORM that provides a flexible, high-level interface to SQL databases. Security Fixes:...

Improper Input Validation

Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 collection provide a stable release of Python 2.7 with a number of additional utilities and database connectors f...

Improper Input Validation

Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 collection provide a stable release of Python 2.7 with a number of additional utilities and database connectors f...

Amazon Linux AMI : python27 / python34,python35,python36 (ALAS-2019-1169)

A NULL pointer dereference vulnerability was found in the certificate parsing code in Python. This causes a denial of service to applications when parsing specially crafted certificates. This vulnerability is unlikely to be triggered if application enables SSL/TLS certificate validation and accep...

Man-in-the-Middle (MitM)

python27-python is vulnerable to man-in-the-middle MitM attacks. The vulnerability exists as the HTTP clients in the 1 httplib, 2 urllib, 3 urllib2, and 4 xmlrpclib libraries in CPython aka Python 2.x before 2.7.9 and 3.x before 3.4.3, when accessing an HTTPS URL, do not a check the certificate...

Amazon Linux AMI : python27 (ALAS-2018-1108)

A flaw was found in the way catastrophic backtracking was implemented in python's pop3lib's apop method. An attacker could use this flaw to cause denial of service.CVE-2018-1060 A flaw was found in the way catastrophic backtracking was implemented in python's difflib.ISLINEJUNK method. An attacke...

Medium: python27

Issue Overview: A flaw was found in the way catastrophic backtracking was implemented in python's pop3lib's apop method. An attacker could use this flaw to cause denial of service.CVE-2018-1060 A flaw was found in the way catastrophic backtracking was implemented in python's difflib.ISLINEJUNK...

Medium: python34, python35, python36, python27

Issue Overview: DOS via regular expression catastrophic backtracking in apop method in pop3lib A flaw was found in the way catastrophic backtracking was implemented in python's pop3lib's apop method. An attacker could use this flaw to cause denial of service. CVE-2018-1060 DOS via regular...

Amazon Linux AMI : python27 (ALAS-2018-945)

Integer overflow in PyStringDecodeEscape results in heap-base buffer overflow CPython aka Python is vulnerable to an integer overflow in the PyStringDecodeEscape function in stringobject.c, resulting in heap-based buffer overflow and possible arbitrary code execution CVE-2017-1000158 C Tenable...

Medium: python27

Issue Overview: Integer overflow in PyStringDecodeEscape results in heap-base buffer overflow CPython aka Python is vulnerable to an integer overflow in the PyStringDecodeEscape function in stringobject.c, resulting in heap-based buffer overflow and possible arbitrary code execution...