Lucene search
UbuntuUSN-5519-1HistoryJul 14, 2022 - 12:00 a.m.
Python vulnerability
2022-07-1400:00:00
ubuntu.com
133
7.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
8.5 High
AI Score
Confidence
High
8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
COMPLETE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:C/A:P
0.001 Low
EPSS
Percentile
49.4%
Releases
- Ubuntu 22.04 LTS
- Ubuntu 21.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 ESM
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Packages
- python2.7 - An interactive high-level object-oriented language
- python3.10 - Interactive high-level object-oriented language (version 3.10)
- python3.4 - An interactive high-level object-oriented language
- python3.5 - An interactive high-level object-oriented language
- python3.6 - An interactive high-level object-oriented language
- python3.8 - An interactive high-level object-oriented language
- python3.9 - Interactive high-level object-oriented language (version 3.9)
Details
It was discovered that Python incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 22.04 | noarch | python3.10 | < 3.10.4-3ubuntu0.1 | UNKNOWN |
| Ubuntu | 22.04 | noarch | idle-python3.10 | < 3.10.4-3ubuntu0.1 | UNKNOWN |
| Ubuntu | 22.04 | noarch | libpython3.10 | < 3.10.4-3ubuntu0.1 | UNKNOWN |
| Ubuntu | 22.04 | noarch | libpython3.10-dbg | < 3.10.4-3ubuntu0.1 | UNKNOWN |
| Ubuntu | 22.04 | noarch | libpython3.10-dev | < 3.10.4-3ubuntu0.1 | UNKNOWN |
| Ubuntu | 22.04 | noarch | libpython3.10-minimal | < 3.10.4-3ubuntu0.1 | UNKNOWN |
| Ubuntu | 22.04 | noarch | libpython3.10-stdlib | < 3.10.4-3ubuntu0.1 | UNKNOWN |
| Ubuntu | 22.04 | noarch | libpython3.10-testsuite | < 3.10.4-3ubuntu0.1 | UNKNOWN |
| Ubuntu | 22.04 | noarch | python3.10-dbg | < 3.10.4-3ubuntu0.1 | UNKNOWN |
| Ubuntu | 22.04 | noarch | python3.10-dev | < 3.10.4-3ubuntu0.1 | UNKNOWN |
References
Related
nessus
nessus
SUSE SLED15 / SLES15 Security Update : python (SUSE-SU-2022:2344-1)
2022-07-12 00:00:00
CentOS 8 : python38:3.8 and python38-devel:3.8 (CESA-2022:7581)
2022-11-09 00:00:00
RHEL 8 : python38:3.8 and python38-devel:3.8 (RHSA-2022:7581)
2022-11-09 00:00:00
redos
redos
ROS-20230915-15
2023-09-15 00:00:00
oraclelinux
oraclelinux
python38:3.8 and python38-devel:3.8 security update
2022-11-15 00:00:00
python39:3.9 and python39-devel:3.9 security update
2022-11-15 00:00:00
python27:2.7 security update
2022-11-15 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2023-1577)
2023-03-23 00:00:00
Fedora: Security Advisory for pypy3.9 (FEDORA-2022-17a1bb7e78)
2022-07-09 00:00:00
Fedora: Security Advisory for pypy3.8 (FEDORA-2022-b499f2a9c6)
2022-07-09 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: python3.7-3.7.13-2.fc35
2022-06-19 00:51:30
[SECURITY] Fedora 36 Update: python3-docs-3.10.5-1.fc36
2022-06-20 00:40:23
[SECURITY] Fedora 36 Update: python2.7-2.7.18-22.fc36
2022-06-20 00:41:24
rocky
rocky
python27:2.7 security update
2022-11-08 06:23:47
python39:3.9 and python39-devel:3.9 security update
2022-11-08 06:23:46
python38:3.8 and python38-devel:3.8 security update
2022-11-08 06:23:36
cbl_mariner
cbl_mariner
CVE-2015-20107 affecting package python2 2.7.18-10
2022-10-13 00:40:13
CVE-2015-20107 affecting package python3 3.9.13-3
2022-09-16 06:05:37
CVE-2015-20107 affecting package python3 3.7.13-3
2022-10-13 00:40:13
ibm
ibm
Security Bulletin: IBM App Connect Enterprise Certified Container may be vulnerable to arbitrary code execution due to CVE-2015-20107
2022-12-01 16:39:02
debiancve
debiancve
CVE-2015-20107
2022-04-13 16:15:00
osv
osv
Moderate: python27:2.7 security update
2022-11-08 00:00:00
Moderate: python38:3.8 and python38-devel:3.8 security update
2022-11-08 06:23:36
Moderate: python39:3.9 and python39-devel:3.9 security update
2022-11-08 06:23:46
suse
suse
Security update for python3 (important)
2022-09-01 00:00:00
Security update for python3 (important)
2022-07-12 00:00:00
Security update for python310 (important)
2022-07-06 00:00:00
cve
cve
CVE-2015-20107
2022-04-13 16:15:00
ubuntucve
ubuntucve
CVE-2015-20107
2022-04-13 00:00:00
almalinux
almalinux
Moderate: python38:3.8 and python38-devel:3.8 security update
2022-11-08 00:00:00
Moderate: python39:3.9 and python39-devel:3.9 security update
2022-11-08 00:00:00
Moderate: python27:2.7 security update
2022-11-08 00:00:00
cloudfoundry
cloudfoundry
USN-5519-1: Python vulnerability | Cloud Foundry
2022-08-26 00:00:00
redhat
redhat
(RHSA-2022:7593) Moderate: python27:2.7 security update
2022-11-08 06:23:47
veracode
veracode
Command Injection
2022-07-15 16:59:03
prion
prion
Input validation
2022-04-13 16:15:00
alpinelinux
alpinelinux
CVE-2015-20107
2022-04-13 16:15:00
photon
photon
Critical Photon OS Security Update - PHSA-2022-0213
2022-07-15 00:00:00
Critical Photon OS Security Update - PHSA-2022-0524
2022-09-29 00:00:00
Important Photon OS Security Update - PHSA-2022-4.0-0213
2022-07-15 00:00:00
mageia
mageia
Updated python packages fix security vulnerability
2022-10-13 23:05:19
Updated python3 packages fix security vulnerability
2022-10-08 23:22:22
7.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
8.5 High
AI Score
Confidence
High
8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
COMPLETE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:C/A:P
0.001 Low
EPSS
Percentile
49.4%
Related for USN-5519-1