USN-5342-1: Python vulnerabilities

🗓️ 28 Mar 2022 09:39:26Reported by UbuntuType

ubuntu

ubuntu🔗 ubuntu.com👁 151 Views

Python vulnerabilities in Ubunt

Reporter	Title	Published	Views	Family All 533
IBM Security Bulletins	Security Bulletin: IBM Security SOAR is using a component with known vulnerabilities (CVE-2022-0391)	1 Jun 202210:29	–	ibm
IBM Security Bulletins	Security Bulletin: Python (Publicly disclosed vulnerability) in IBM Tivoli Application Dependency Discovery Manager (CVE-2022-0391)	18 Nov 202212:26	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Netezza for Cloud Pak for Data is vulnerable to injection attack due to urllib package in Python3 (CVE-2022-0391)	9 Aug 202205:52	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cognos Analytics has addressed multiple vulnerabilities (CVE-2022-34339, CVE-2021-3712, CVE-2021-3711, CVE-2021-4160, CVE-2021-29425, CVE-2021-3733, CVE-2021-3737, CVE-2022-0391, CVE-2021-43138, CVE-2022-24758)	26 Mar 202502:27	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM includes components with known vulnerabilities	6 Jul 202318:48	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities	16 Jun 202315:20	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Celery, Golang Go, and Python affect IBM Spectrum Protect Plus Container Backup and Restore for Kubernetes and Red Hat OpenShift	12 Mar 202203:21	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in the Linux Kernel, Docker, Python, and NGINX affect IBM Spectrum Protect Plus	10 Dec 202118:57	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security Verify Access Appliance includes components with known vulnerabilities (CVE-2022-29154, CVE-2022-0391)	3 Apr 202321:42	–	ibm
IBM Security Bulletins	Security Bulletin: A vulnerability in Python affects IBM Elastic Storage System (CVE-2022-0391)	15 Dec 202209:21	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
Ubuntu	16.04	any	idle-python2.7	2.7.12-1ubuntu0~16.04.18+esm1	idle-python2.7_2.7.12-1ubuntu0~16.04.18+esm1_any.deb
Ubuntu	14.04	any	idle-python3.4	3.4.3-1ubuntu1~14.04.7+esm12	idle-python3.4_3.4.3-1ubuntu1~14.04.7+esm12_any.deb
Ubuntu	16.04	any	idle-python3.5	3.5.2-2ubuntu0~16.04.13+esm2	idle-python3.5_3.5.2-2ubuntu0~16.04.13+esm2_any.deb
Ubuntu	16.04	any	libpython2.7	2.7.12-1ubuntu0~16.04.18+esm1	libpython2.7_2.7.12-1ubuntu0~16.04.18+esm1_any.deb
Ubuntu	16.04	any	libpython2.7-dev	2.7.12-1ubuntu0~16.04.18+esm1	libpython2.7-dev_2.7.12-1ubuntu0~16.04.18+esm1_any.deb
Ubuntu	16.04	any	libpython2.7-minimal	2.7.12-1ubuntu0~16.04.18+esm1	libpython2.7-minimal_2.7.12-1ubuntu0~16.04.18+esm1_any.deb
Ubuntu	16.04	any	libpython2.7-stdlib	2.7.12-1ubuntu0~16.04.18+esm1	libpython2.7-stdlib_2.7.12-1ubuntu0~16.04.18+esm1_any.deb
Ubuntu	16.04	any	libpython2.7-testsuite	2.7.12-1ubuntu0~16.04.18+esm1	libpython2.7-testsuite_2.7.12-1ubuntu0~16.04.18+esm1_any.deb
Ubuntu	14.04	any	libpython3.4	3.4.3-1ubuntu1~14.04.7+esm12	libpython3.4_3.4.3-1ubuntu1~14.04.7+esm12_any.deb
Ubuntu	14.04	any	libpython3.4-dev	3.4.3-1ubuntu1~14.04.7+esm12	libpython3.4-dev_3.4.3-1ubuntu1~14.04.7+esm12_any.deb

28 Mar 2022 09:39Current

7.8High risk

Vulners AI Score7.8

CVSS 25

CVSS 3.17.5

EPSS0.01214

SSVC

ubuntu 20.04 lts ubuntu 18.04 esm ubuntu 16.04 esm ubuntu 14.04 esm python2.7 python3.4 python3.5 python3.6 python3.8 sensitive information exposure ftp requests arbitrary code execution cve-2021-3426 cve-2021-4189 cve-2022-0391