Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2016-5636

Опубликовано: 02 сент. 2016
Источник: ubuntu
Приоритет: medium
EPSS Средний
CVSS2: 10
CVSS3: 9.8

Описание

Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negative data size value, which triggers a heap-based buffer overflow.

РелизСтатусПримечание
bionic

not-affected

2.7.12-3
devel

DNE

disco

not-affected

2.7.12-3
eoan

not-affected

2.7.12-3
esm-apps/focal

not-affected

2.7.12-3
esm-apps/jammy

not-affected

2.7.12-3
esm-infra-legacy/trusty

not-affected

2.7.6-8ubuntu0.3
esm-infra/bionic

not-affected

2.7.12-3
esm-infra/xenial

not-affected

2.7.12-1ubuntu0~16.04.1
focal

not-affected

2.7.12-3

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

not-affected

3.4.3-1ubuntu1~14.04.5
esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

not-affected

3.5.2-2ubuntu0~16.04.4~14.04.1
esm-infra/focal

DNE

esm-infra/xenial

not-affected

3.5.2-2ubuntu0~16.04.1
focal

DNE

groovy

DNE

hirsute

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 97%
0.44712
Средний

10 Critical

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

redhat логотип

CVE-2016-5636

CVSS3: 4.5
redhat
больше 9 лет назад

Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negative data size value, which triggers a heap-based buffer overflow.

nvd логотип

CVE-2016-5636

CVSS3: 9.8
nvd
почти 9 лет назад

Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negative data size value, which triggers a heap-based buffer overflow.

debian логотип

CVE-2016-5636

CVSS3: 9.8
debian
почти 9 лет назад

Integer overflow in the get_data function in zipimport.c in CPython (a ...

github логотип

GHSA-f5qq-9gj3-v9hw

CVSS3: 9.8
github
около 3 лет назад

Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negative data size value, which triggers a heap-based buffer overflow.

oracle-oval логотип

ELSA-2016-2586

oracle-oval
больше 8 лет назад

ELSA-2016-2586: python security, bug fix, and enhancement update (LOW)

EPSS

Процентиль: 97%
0.44712
Средний

10 Critical

CVSS2

9.8 Critical

CVSS3

Уязвимость CVE-2016-5636