Python — высокоуровневый язык программирования общего назначения. Его философия дизайна делает акцент на читаемости кода.
Релизный цикл, информация об уязвимостях
График релизов
Количество 915
GHSA-wvcr-2gc8-63gg
In Python (aka CPython) through 3.10.4, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments).
CVE-2015-20107
In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9
CVE-2015-20107
In Python (aka CPython) up to 3.10.8, the mailcap module does not add ...
CVE-2015-20107
In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9
BDU:2022-03962
Уязвимость модуля mailcap интерпретатора языка программирования Python, позволяющая нарушителю выполнить произвольную команду
SUSE-SU-2022:1062-1
Security update for zlib
SUSE-SU-2022:14929-1
Security update for zlib
SUSE-SU-2022:1061-1
Security update for zlib
openSUSE-SU-2022:1061-1
Security update for zlib
SUSE-SU-2022:1043-1
Security update for zlib
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-wvcr-2gc8-63gg In Python (aka CPython) through 3.10.4, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). | CVSS3: 9.8 | 1% Низкий | почти 4 года назад |
 | CVE-2015-20107 In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9 | CVSS3: 7.6 | 1% Низкий | почти 4 года назад |
| CVE-2015-20107 In Python (aka CPython) up to 3.10.8, the mailcap module does not add ... | CVSS3: 7.6 | 1% Низкий | почти 4 года назад |
 | CVE-2015-20107 In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9 | CVSS3: 7.6 | 1% Низкий | почти 4 года назад |
 | BDU:2022-03962 Уязвимость модуля mailcap интерпретатора языка программирования Python, позволяющая нарушителю выполнить произвольную команду | CVSS3: 9.8 | 1% Низкий | почти 4 года назад |
 | SUSE-SU-2022:1062-1 Security update for zlib | 0% Низкий | почти 4 года назад | |
| SUSE-SU-2022:14929-1 Security update for zlib | 0% Низкий | почти 4 года назад | |
| SUSE-SU-2022:1061-1 Security update for zlib | 0% Низкий | почти 4 года назад | |
| openSUSE-SU-2022:1061-1 Security update for zlib | 0% Низкий | почти 4 года назад | |
| SUSE-SU-2022:1043-1 Security update for zlib | 0% Низкий | почти 4 года назад |
Уязвимостей на страницу