exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 17

BDU:2019-00437

около 7 лет назад

Уязвимость функции make_archive модуля shutil интерпретатора языка программирования Python (CPython), позволяющая нарушителю вызвать отказ в обслуживании или получить несанкционированный доступ к информации

CVSS3: 9.8

EPSS: Средний

CVE-2018-1000802

около 7 лет назад

Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.

CVSS3: 9.8

EPSS: Средний

CVE-2018-1000802

около 7 лет назад

CVSS3: 6.5

EPSS: Средний

CVE-2018-1000802

около 7 лет назад

CVSS3: 9.8

EPSS: Средний

CVE-2018-1000802

около 7 лет назад

Python Software Foundation Python (CPython) version 2.7 contains a CWE ...

CVSS3: 9.8

EPSS: Средний

openSUSE-SU-2018:3052-1

около 7 лет назад

Security update for python

EPSS: Средний

SUSE-SU-2018:3002-1

около 7 лет назад

Security update for python

EPSS: Средний

GHSA-grfr-pqc4-fqmw

больше 3 лет назад

CVSS3: 9.8

EPSS: Средний

openSUSE-SU-2018:3703-1

почти 7 лет назад

Security update for python, python-base

EPSS: Низкий

SUSE-SU-2019:2053-2

около 6 лет назад

Security update for python3

EPSS: Низкий

SUSE-SU-2019:2053-1

около 6 лет назад

Security update for python3

EPSS: Низкий

SUSE-SU-2018:3554-2

почти 7 лет назад

Security update for python, python-base

EPSS: Низкий

SUSE-SU-2018:3554-1

около 7 лет назад

Security update for python, python-base

EPSS: Низкий

SUSE-SU-2020:0302-1

почти 6 лет назад

Security update for python36

EPSS: Низкий

openSUSE-SU-2020:0086-1

почти 6 лет назад

Security update for python3

EPSS: Низкий

SUSE-SU-2020:0114-1

почти 6 лет назад

Security update for python3

EPSS: Низкий

SUSE-SU-2020:0234-1

почти 6 лет назад

Security update for python

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
BDU:2019-00437 Уязвимость функции make_archive модуля shutil интерпретатора языка программирования Python (CPython), позволяющая нарушителю вызвать отказ в обслуживании или получить несанкционированный доступ к информации	CVSS3: 9.8	23% Средний	около 7 лет назад
CVE-2018-1000802 Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.	CVSS3: 9.8	23% Средний	около 7 лет назад
CVE-2018-1000802 Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.	CVSS3: 6.5	23% Средний	около 7 лет назад
CVE-2018-1000802 Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.	CVSS3: 9.8	23% Средний	около 7 лет назад
CVE-2018-1000802 Python Software Foundation Python (CPython) version 2.7 contains a CWE ...	CVSS3: 9.8	23% Средний	около 7 лет назад
openSUSE-SU-2018:3052-1 Security update for python		23% Средний	около 7 лет назад
SUSE-SU-2018:3002-1 Security update for python		23% Средний	около 7 лет назад
GHSA-grfr-pqc4-fqmw Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.	CVSS3: 9.8	23% Средний	больше 3 лет назад
openSUSE-SU-2018:3703-1 Security update for python, python-base			почти 7 лет назад
SUSE-SU-2019:2053-2 Security update for python3			около 6 лет назад
SUSE-SU-2019:2053-1 Security update for python3			около 6 лет назад
SUSE-SU-2018:3554-2 Security update for python, python-base			почти 7 лет назад
SUSE-SU-2018:3554-1 Security update for python, python-base			около 7 лет назад
SUSE-SU-2020:0302-1 Security update for python36			почти 6 лет назад
openSUSE-SU-2020:0086-1 Security update for python3			почти 6 лет назад
SUSE-SU-2020:0114-1 Security update for python3			почти 6 лет назад
SUSE-SU-2020:0234-1 Security update for python			почти 6 лет назад

Уязвимостей на страницу