Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2021-3177

Опубликовано: 19 янв. 2021
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 7.5
CVSS3: 9.8

Описание

Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.

РелизСтатусПримечание
bionic

released

2.7.17-1~18.04ubuntu1.6
devel

DNE

esm-apps/focal

released

2.7.18-1~20.04.1
esm-apps/jammy

not-affected

2.7.18-4
esm-infra-legacy/trusty

not-affected

2.7.6-8ubuntu0.6+esm10
esm-infra/bionic

not-affected

2.7.17-1~18.04ubuntu1.6
esm-infra/xenial

not-affected

2.7.12-1ubuntu0~16.04.18
focal

released

2.7.18-1~20.04.1
groovy

ignored

end of life
hirsute

not-affected

2.7.18-4

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

not-affected

3.4.3-1ubuntu1~14.04.7+esm10
esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

jammy

DNE

kinetic

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

not-affected

3.5.2-2ubuntu0~16.04.4~14.04.1+esm1
esm-infra/focal

DNE

esm-infra/xenial

not-affected

3.5.2-2ubuntu0~16.04.13
focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

jammy

DNE

Показывать по

РелизСтатусПримечание
bionic

released

3.6.9-1~18.04ubuntu1.4
devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

3.6.9-1~18.04ubuntu1.4
esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

jammy

DNE

Показывать по

РелизСтатусПримечание
bionic

released

3.7.5-2~18.04.4
devel

DNE

esm-apps/bionic

released

3.7.5-2~18.04.4
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

jammy

DNE

Показывать по

РелизСтатусПримечание
bionic

released

3.8.0-3~18.04.1
devel

DNE

esm-apps/bionic

released

3.8.0-3~18.04.1
esm-infra-legacy/trusty

DNE

esm-infra/focal

not-affected

3.8.5-1~20.04.2
focal

released

3.8.5-1~20.04.2
groovy

released

3.8.6-1ubuntu0.2
hirsute

DNE

impish

DNE

jammy

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-apps/focal

released

3.9.5-3~20.04.1
esm-infra-legacy/trusty

DNE

focal

released

3.9.5-3~20.04.1
groovy

released

3.9.5-3~20.10.1
hirsute

not-affected

3.9.1-3
impish

not-affected

3.9.1-3
jammy

DNE

kinetic

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 8%
0.00032
Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

redhat логотип

CVE-2021-3177

CVSS3: 5.9
redhat
больше 4 лет назад

Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.

nvd логотип

CVE-2021-3177

CVSS3: 9.8
nvd
больше 4 лет назад

Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.

msrc логотип

CVE-2021-3177

CVSS3: 9.8
msrc
больше 4 лет назад

Описание отсутствует

debian логотип

CVE-2021-3177

CVSS3: 9.8
debian
больше 4 лет назад

Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctyp ...

github логотип

GHSA-hc96-xw56-vfwh

CVSS3: 9.8
github
около 3 лет назад

Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.

EPSS

Процентиль: 8%
0.00032
Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3