Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog
Консоль
Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog

exploitDog

ubuntu Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2017-1000158

ΠžΠΏΡƒΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½ΠΎ: 17 нояб. 2017
Π˜ΡΡ‚ΠΎΡ‡Π½ΠΈΠΊ: ubuntu
ΠŸΡ€ΠΈΠΎΡ€ΠΈΡ‚Π΅Ρ‚: medium
EPSS Низкий
CVSS2: 7.5
CVSS3: 9.8

ОписаниС

CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
artful

not-affected

2.7.14-2ubuntu2
bionic

not-affected

devel

DNE

disco

not-affected

eoan

not-affected

esm-apps/focal

not-affected

esm-apps/jammy

not-affected

esm-infra-legacy/trusty

not-affected

2.7.6-8ubuntu0.4
esm-infra/bionic

not-affected

esm-infra/xenial

not-affected

2.7.12-1ubuntu0~16.04.2

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
artful

DNE

bionic

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

not-affected

3.4.3-1ubuntu1~14.04.6
esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
artful

DNE

bionic

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

not-affected

3.5.2-2ubuntu0~16.04.4~14.04.1
esm-infra/focal

DNE

esm-infra/xenial

not-affected

3.5.2-2ubuntu0~16.04.4
focal

DNE

groovy

DNE

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
artful

not-affected

code not present
bionic

not-affected

code not present
devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

code not present
esm-infra/focal

DNE

focal

DNE

groovy

DNE

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
artful

not-affected

code not present
bionic

not-affected

code not present
devel

DNE

disco

not-affected

code not present
eoan

not-affected

code not present
esm-apps/bionic

not-affected

code not present
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Бсылки Π½Π° источники

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 85%
0.02492
Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

БвязанныС уязвимости

redhat Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2017-1000158

CVSS3: 8.1
redhat
ΠΎΠΊΠΎΠ»ΠΎ 8 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)

nvd Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2017-1000158

CVSS3: 9.8
nvd
большС 7 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)

debian Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2017-1000158

CVSS3: 9.8
debian
большС 7 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow ...

suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

SUSE-SU-2018:0768-1

suse-cvrf
ΠΎΠΊΠΎΠ»ΠΎ 7 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Security update for python

github Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

GHSA-r68f-4xcm-3xr6

CVSS3: 9.8
github
ΠΎΠΊΠΎΠ»ΠΎ 3 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 85%
0.02492
Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ CVE-2017-1000158