Python — высокоуровневый язык программирования общего назначения. Его философия дизайна делает акцент на читаемости кода.
Релизный цикл, информация об уязвимостях
График релизов
Количество 915
SUSE-SU-2020:1920-1
Security update for python-ipaddress
CVE-2020-15801
In Python 3.8.4, sys.path restrictions specified in a python38._pth file are ignored, allowing code to be loaded from arbitrary locations. The <executable-name>._pth file (e.g., the python._pth file) is not affected.
BDU:2024-09146
Уязвимость файла python38._pth интерпретатора языка программирования Python, связанная с игнорированием ограничений sys.path, указанных в файле python38._pth, позволяющая нарушителю выполнить произвольный код
CVE-2019-20907
In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.
CVE-2019-20907
In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craf ...
CVE-2019-20907
In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.
openSUSE-SU-2020:0940-1
Security update for python3
openSUSE-SU-2020:0931-1
Security update for python3
CVE-2020-15523
In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, and 3.9 through 3.9.0b4 on Windows, a Trojan horse python3.dll might be used in cases where CPython is embedded in a native application. This occurs because python3X.dll may use an invalid search path for python3.dll loading (after Py_SetPath has been used). NOTE: this issue CANNOT occur when using python.exe from a standard (non-embedded) Python installation on Windows.
CVE-2020-15523
In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | SUSE-SU-2020:1920-1 Security update for python-ipaddress | 1% Низкий | больше 5 лет назад | |
 | CVE-2020-15801 In Python 3.8.4, sys.path restrictions specified in a python38._pth file are ignored, allowing code to be loaded from arbitrary locations. The <executable-name>._pth file (e.g., the python._pth file) is not affected. | CVSS3: 8.4 | 1% Низкий | больше 5 лет назад |
 | BDU:2024-09146 Уязвимость файла python38._pth интерпретатора языка программирования Python, связанная с игнорированием ограничений sys.path, указанных в файле python38._pth, позволяющая нарушителю выполнить произвольный код | CVSS3: 9.8 | 1% Низкий | больше 5 лет назад |
 | CVE-2019-20907 In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation. | CVSS3: 7.5 | 0% Низкий | больше 5 лет назад |
| CVE-2019-20907 In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craf ... | CVSS3: 7.5 | 0% Низкий | больше 5 лет назад |
 | CVE-2019-20907 In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation. | CVSS3: 7.5 | 0% Низкий | больше 5 лет назад |
| openSUSE-SU-2020:0940-1 Security update for python3 | 1% Низкий | больше 5 лет назад | |
| openSUSE-SU-2020:0931-1 Security update for python3 | 1% Низкий | больше 5 лет назад | |
| CVE-2020-15523 In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, and 3.9 through 3.9.0b4 on Windows, a Trojan horse python3.dll might be used in cases where CPython is embedded in a native application. This occurs because python3X.dll may use an invalid search path for python3.dll loading (after Py_SetPath has been used). NOTE: this issue CANNOT occur when using python.exe from a standard (non-embedded) Python installation on Windows. | CVSS3: 7.8 | 0% Низкий | больше 5 лет назад |
| CVE-2020-15523 In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, ... | CVSS3: 7.8 | 0% Низкий | больше 5 лет назад |
Уязвимостей на страницу