Количество 28
Количество 28
BDU:2022-03962
Уязвимость модуля mailcap интерпретатора языка программирования Python, позволяющая нарушителю выполнить произвольную команду
ROS-20230915-15
Уязвимость mailcap
CVE-2015-20107
In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9
CVE-2015-20107
In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9
CVE-2015-20107
In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9
CVE-2015-20107
CVE-2015-20107
In Python (aka CPython) up to 3.10.8, the mailcap module does not add ...
SUSE-SU-2022:2357-1
Security update for python3
SUSE-SU-2022:2344-1
Security update for python
SUSE-SU-2022:2291-1
Security update for python310
SUSE-SU-2022:2249-1
Security update for python
SUSE-SU-2022:2248-1
Security update for python
SUSE-SU-2022:2174-1
Security update for python39
SUSE-SU-2022:2166-1
Security update for python3
SUSE-SU-2022:2147-1
Security update for python36
RLSA-2022:7593
Moderate: python27:2.7 security update
RLSA-2022:7592
Moderate: python39:3.9 and python39-devel:3.9 security update
RLSA-2022:7581
Moderate: python38:3.8 and python38-devel:3.8 security update
GHSA-wvcr-2gc8-63gg
In Python (aka CPython) through 3.10.4, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments).
ELSA-2022-7593
ELSA-2022-7593: python27:2.7 security update (MODERATE)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2022-03962 Уязвимость модуля mailcap интерпретатора языка программирования Python, позволяющая нарушителю выполнить произвольную команду | CVSS3: 9.8 | 1% Низкий | около 3 лет назад |
 | ROS-20230915-15 Уязвимость mailcap | CVSS3: 9.8 | 1% Низкий | почти 2 года назад |
 | CVE-2015-20107 In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9 | CVSS3: 7.6 | 1% Низкий | около 3 лет назад |
 | CVE-2015-20107 In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9 | CVSS3: 7.6 | 1% Низкий | почти 10 лет назад |
 | CVE-2015-20107 In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9 | CVSS3: 7.6 | 1% Низкий | около 3 лет назад |
 | CVSS3: 7.6 | 1% Низкий | около 3 лет назад | |
| CVE-2015-20107 In Python (aka CPython) up to 3.10.8, the mailcap module does not add ... | CVSS3: 7.6 | 1% Низкий | около 3 лет назад |
 | SUSE-SU-2022:2357-1 Security update for python3 | 1% Низкий | почти 3 года назад | |
| SUSE-SU-2022:2344-1 Security update for python | 1% Низкий | почти 3 года назад | |
| SUSE-SU-2022:2291-1 Security update for python310 | 1% Низкий | почти 3 года назад | |
| SUSE-SU-2022:2249-1 Security update for python | 1% Низкий | почти 3 года назад | |
| SUSE-SU-2022:2248-1 Security update for python | 1% Низкий | почти 3 года назад | |
| SUSE-SU-2022:2174-1 Security update for python39 | 1% Низкий | почти 3 года назад | |
| SUSE-SU-2022:2166-1 Security update for python3 | 1% Низкий | почти 3 года назад | |
| SUSE-SU-2022:2147-1 Security update for python36 | 1% Низкий | почти 3 года назад | |
 | RLSA-2022:7593 Moderate: python27:2.7 security update | 1% Низкий | больше 2 лет назад | |
| RLSA-2022:7592 Moderate: python39:3.9 and python39-devel:3.9 security update | 1% Низкий | больше 2 лет назад | |
| RLSA-2022:7581 Moderate: python38:3.8 and python38-devel:3.8 security update | 1% Низкий | больше 2 лет назад | |
| GHSA-wvcr-2gc8-63gg In Python (aka CPython) through 3.10.4, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). | CVSS3: 9.8 | 1% Низкий | около 3 лет назад |
| ELSA-2022-7593 ELSA-2022-7593: python27:2.7 security update (MODERATE) | больше 2 лет назад |
Уязвимостей на страницу