Python — высокоуровневый язык программирования общего назначения. Его философия дизайна делает акцент на читаемости кода.
Релизный цикл, информация об уязвимостях
График релизов
Количество 887
CVE-2007-4559
Directory traversal vulnerability in the (1) extract and (2) extractal ...
CVE-2007-4559
Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.
BDU:2022-05975
Уязвимость функций extract и extractall модуля tarfile интерпретатора языка программирования Python, позволяющая нарушителю выполнить произвольный код
CVE-2007-4559
Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.
CVE-2007-2052
Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown manipulations that trigger a buffer over-read due to missing null termination.
CVE-2007-2052
Off-by-one error in the PyLocale_strxfrm function in Modules/_localemo ...
CVE-2007-2052
Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown manipulations that trigger a buffer over-read due to missing null termination.
CVE-2007-2052
Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown manipulations that trigger a buffer over-read due to missing null termination.
CVE-2007-1657
Stack-based buffer overflow in the file_compress function in minigzip (Modules/zlib) in Python 2.5 allows context-dependent attackers to execute arbitrary code via a long file argument.
CVE-2007-1657
Stack-based buffer overflow in the file_compress function in minigzip ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2007-4559 Directory traversal vulnerability in the (1) extract and (2) extractal ... | CVSS3: 9.8 | 89% Высокий | около 18 лет назад |
 | CVE-2007-4559 Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267. | CVSS3: 9.8 | 89% Высокий | около 18 лет назад |
 | BDU:2022-05975 Уязвимость функций extract и extractall модуля tarfile интерпретатора языка программирования Python, позволяющая нарушителю выполнить произвольный код | CVSS3: 7.3 | 89% Высокий | около 18 лет назад |
 | CVE-2007-4559 Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267. | CVSS3: 5.5 | 89% Высокий | около 18 лет назад |
 | CVE-2007-2052 Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown manipulations that trigger a buffer over-read due to missing null termination. | CVSS2: 5 | 13% Средний | больше 18 лет назад |
| CVE-2007-2052 Off-by-one error in the PyLocale_strxfrm function in Modules/_localemo ... | CVSS2: 5 | 13% Средний | больше 18 лет назад |
| CVE-2007-2052 Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown manipulations that trigger a buffer over-read due to missing null termination. | CVSS2: 5 | 13% Средний | больше 18 лет назад |
| CVE-2007-2052 Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown manipulations that trigger a buffer over-read due to missing null termination. | 13% Средний | больше 18 лет назад | |
| CVE-2007-1657 Stack-based buffer overflow in the file_compress function in minigzip (Modules/zlib) in Python 2.5 allows context-dependent attackers to execute arbitrary code via a long file argument. | CVSS2: 7.5 | 4% Низкий | больше 18 лет назад |
| CVE-2007-1657 Stack-based buffer overflow in the file_compress function in minigzip ... | CVSS2: 7.5 | 4% Низкий | больше 18 лет назад |
Уязвимостей на страницу