SUSE CVE-2014-3539

🗓️ 15 Feb 2023 05:28:46Reported by Suse CVEType

susecve

susecve🔗 www.suse.com👁 2 Views

SUSE Rope library flaw in CPython allows remote code execution via unsafe pickle.load.

Reporter	Title	Published	Views	Family All 22
CVE	CVE-2014-3539	6 Apr 201816:00	–	cve
Cvelist	CVE-2014-3539	6 Apr 201816:00	–	cvelist
Debian CVE	CVE-2014-3539	6 Apr 201816:00	–	debiancve
EUVD	EUVD-2018-0132	7 Oct 202500:30	–	euvd
Github Security Blog	Code injection in rope	26 Jul 201816:08	–	github
Mageia	Updated python-rope packages fix security vulnerabilities	1 Apr 201512:13	–	mageia
NVD	CVE-2014-3539	6 Apr 201816:29	–	nvd
Tenable Nessus	openSUSE Security Update : python-rope (openSUSE-2015-190)	5 Mar 201500:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2014-3539	24 Aug 202500:00	–	nessus
OpenVAS	Mageia: Security Advisory (MGASA-2015-0122)	28 Jan 202200:00	–	openvas

OS	OS Version	Architecture	Package	Package Version	Filename
OpenSUSE Tumbleweed	–	any	python-rope	0.10.2-2.2	python-rope-0.10.2-2.2.noarch.rpm
OpenSUSE Tumbleweed	–	any	python310-rope	1.12.0-1.3	python310-rope-1.12.0-1.3.noarch.rpm
OpenSUSE Tumbleweed	–	any	python311-rope	1.12.0-1.3	python311-rope-1.12.0-1.3.noarch.rpm
OpenSUSE Tumbleweed	–	any	python312-rope	1.12.0-1.3	python312-rope-1.12.0-1.3.noarch.rpm
OpenSUSE Tumbleweed	–	any	python36-rope	0.19.0-1.3	python36-rope-0.19.0-1.3.noarch.rpm
OpenSUSE Tumbleweed	–	any	python38-rope	0.19.0-1.3	python38-rope-0.19.0-1.3.noarch.rpm
OpenSUSE Tumbleweed	–	any	python39-rope	0.19.0-1.3	python39-rope-0.19.0-1.3.noarch.rpm

Source	Link
suse	www.suse.com/security/cve/CVE-2014-3539
suse	www.suse.com/support/security/rating/
bugzilla	www.bugzilla.suse.com/916890

16 Mar 2025 12:15Current

8High risk

Vulners AI Score8

CVSS 3.19.8

EPSS0.0228

rope library unsafe pickle load remote code execution cpython unix