Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2023:3780

Опубликовано: 24 июн. 2023
Источник: rocky
Оценка: Important

Описание

Important: python27:2.7 security update

Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for MySQL and PostgreSQL.

Security Fix(es):

  • python: urllib.parse url blocklisting bypass (CVE-2023-24329)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
babelnoarch10.module+el8.5.0+706+735ec4b3babel-2.5.1-10.module+el8.5.0+706+735ec4b3.noarch.rpm
python2-attrsnoarch10.module+el8.5.0+706+735ec4b3python2-attrs-17.4.0-10.module+el8.5.0+706+735ec4b3.noarch.rpm
python2-babelnoarch10.module+el8.5.0+706+735ec4b3python2-babel-2.5.1-10.module+el8.5.0+706+735ec4b3.noarch.rpm
python2-backportsx86_6416.module+el8.4.0+403+9ae17a31python2-backports-1.0-16.module+el8.4.0+403+9ae17a31.x86_64.rpm
python2-backports-ssl_match_hostnamenoarch12.module+el8.4.0+403+9ae17a31python2-backports-ssl_match_hostname-3.5.0.1-12.module+el8.4.0+403+9ae17a31.noarch.rpm
python2-chardetnoarch10.module+el8.5.0+706+735ec4b3python2-chardet-3.0.4-10.module+el8.5.0+706+735ec4b3.noarch.rpm
python2-coveragex86_644.module+el8.5.0+706+735ec4b3python2-coverage-4.5.1-4.module+el8.5.0+706+735ec4b3.x86_64.rpm
python2-Cythonx86_647.module+el8.5.0+706+735ec4b3python2-Cython-0.28.1-7.module+el8.5.0+706+735ec4b3.x86_64.rpm
python2-dnsnoarch10.module+el8.7.0+1062+663ba31cpython2-dns-1.15.0-10.module+el8.7.0+1062+663ba31c.noarch.rpm
python2-docsnoarch2.module+el8.4.0+403+9ae17a31python2-docs-2.7.16-2.module+el8.4.0+403+9ae17a31.noarch.rpm

Показывать по

Связанные CVE

CVE-2023-24329

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2023-24329

CVSS3: 7.5
ubuntu
почти 3 года назад

An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.

redhat логотип

CVE-2023-24329

CVSS3: 7.5
redhat
почти 3 года назад

An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.

nvd логотип

CVE-2023-24329

CVSS3: 7.5
nvd
почти 3 года назад

An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.

msrc логотип

CVE-2023-24329

CVSS3: 7.5
msrc
почти 3 года назад

Описание отсутствует

debian логотип

CVE-2023-24329

CVSS3: 7.5
debian
почти 3 года назад

An issue in the urllib.parse component of Python before 3.11.4 allows ...