Python — высокоуровневый язык программирования общего назначения. Его философия дизайна делает акцент на читаемости кода.
Релизный цикл, информация об уязвимостях
График релизов
Количество 870
CVE-2008-2316
Integer overflow in _hashopenssl.c in the hashlib module in Python 2.5 ...
CVE-2008-2315
Multiple integer overflows in Python 2.5.2 and earlier allow context-d ...
CVE-2008-3144
Multiple integer overflows in the PyOS_vsnprintf function in Python/my ...
CVE-2008-3143
Multiple integer overflows in Python before 2.5.2 might allow context- ...
CVE-2008-3142
Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platfor ...
CVE-2008-3144
Multiple integer overflows in the PyOS_vsnprintf function in Python/mysnprintf.c in Python 2.5.2 and earlier allow context-dependent attackers to cause a denial of service (memory corruption) or have unspecified other impact via crafted input to string formatting operations. NOTE: the handling of certain integer values is also affected by related integer underflows and an off-by-one error.
CVE-2008-3143
Multiple integer overflows in Python before 2.5.2 might allow context-dependent attackers to have an unknown impact via vectors related to (1) Include/pymem.h; (2) _csv.c, (3) _struct.c, (4) arraymodule.c, (5) audioop.c, (6) binascii.c, (7) cPickle.c, (8) cStringIO.c, (9) cjkcodecs/multibytecodec.c, (10) datetimemodule.c, (11) md5.c, (12) rgbimgmodule.c, and (13) stropmodule.c in Modules/; (14) bufferobject.c, (15) listobject.c, and (16) obmalloc.c in Objects/; (17) Parser/node.c; and (18) asdl.c, (19) ast.c, (20) bltinmodule.c, and (21) compile.c in Python/, as addressed by "checks for integer overflows, contributed by Google."
CVE-2008-2316
Integer overflow in _hashopenssl.c in the hashlib module in Python 2.5.2 and earlier might allow context-dependent attackers to defeat cryptographic digests, related to "partial hashlib hashing of data exceeding 4GB."
CVE-2008-2315
Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and (8) mmapmodule modules. NOTE: The expandtabs integer overflows in stringobject and unicodeobject in 2.5.2 are covered by CVE-2008-5031.
CVE-2008-3142
Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicode_resize function and the PyMem_RESIZE macro.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2008-2316 Integer overflow in _hashopenssl.c in the hashlib module in Python 2.5 ... | CVSS2: 7.5 | 2% Низкий | почти 17 лет назад |
| CVE-2008-2315 Multiple integer overflows in Python 2.5.2 and earlier allow context-d ... | CVSS2: 7.5 | 1% Низкий | почти 17 лет назад |
| CVE-2008-3144 Multiple integer overflows in the PyOS_vsnprintf function in Python/my ... | CVSS2: 5 | 3% Низкий | почти 17 лет назад |
| CVE-2008-3143 Multiple integer overflows in Python before 2.5.2 might allow context- ... | CVSS2: 7.5 | 1% Низкий | почти 17 лет назад |
| CVE-2008-3142 Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platfor ... | CVSS2: 7.5 | 1% Низкий | почти 17 лет назад |
 | CVE-2008-3144 Multiple integer overflows in the PyOS_vsnprintf function in Python/mysnprintf.c in Python 2.5.2 and earlier allow context-dependent attackers to cause a denial of service (memory corruption) or have unspecified other impact via crafted input to string formatting operations. NOTE: the handling of certain integer values is also affected by related integer underflows and an off-by-one error. | CVSS2: 5 | 3% Низкий | почти 17 лет назад |
| CVE-2008-3143 Multiple integer overflows in Python before 2.5.2 might allow context-dependent attackers to have an unknown impact via vectors related to (1) Include/pymem.h; (2) _csv.c, (3) _struct.c, (4) arraymodule.c, (5) audioop.c, (6) binascii.c, (7) cPickle.c, (8) cStringIO.c, (9) cjkcodecs/multibytecodec.c, (10) datetimemodule.c, (11) md5.c, (12) rgbimgmodule.c, and (13) stropmodule.c in Modules/; (14) bufferobject.c, (15) listobject.c, and (16) obmalloc.c in Objects/; (17) Parser/node.c; and (18) asdl.c, (19) ast.c, (20) bltinmodule.c, and (21) compile.c in Python/, as addressed by "checks for integer overflows, contributed by Google." | CVSS2: 7.5 | 1% Низкий | почти 17 лет назад |
| CVE-2008-2316 Integer overflow in _hashopenssl.c in the hashlib module in Python 2.5.2 and earlier might allow context-dependent attackers to defeat cryptographic digests, related to "partial hashlib hashing of data exceeding 4GB." | CVSS2: 7.5 | 2% Низкий | почти 17 лет назад |
| CVE-2008-2315 Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and (8) mmapmodule modules. NOTE: The expandtabs integer overflows in stringobject and unicodeobject in 2.5.2 are covered by CVE-2008-5031. | CVSS2: 7.5 | 1% Низкий | почти 17 лет назад |
| CVE-2008-3142 Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicode_resize function and the PyMem_RESIZE macro. | CVSS2: 7.5 | 1% Низкий | почти 17 лет назад |
Уязвимостей на страницу