Логотип exploitDog
product: "python"
Консоль
Логотип exploitDog

exploitDog

product: "python"

Количество 879

Количество 879

github логотип

GHSA-4jhg-wfq8-3vgm

около 3 лет назад

Untrusted search path vulnerability in the PySys_SetArgv API function in Python 2.6 and earlier, and possibly later versions, prepends an empty string to sys.path when the argv[0] argument does not contain a path separator, which might allow local users to execute arbitrary code via a Trojan horse Python file in the current working directory.

EPSS: Низкий
github логотип

GHSA-4j9r-82g6-9mj3

почти 2 года назад

An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly, there is a brief window where the SSLSocket instance will detect the socket as "not connected" and won't initiate a handshake, but buffered data will still be readable from the socket buffer. This data will not be authenticated if the server-side TLS peer is expecting client certificate authentication, and is indistinguishable from valid TLS stream data. Data is limited in size to the amount that will fit in the buffer. (The TLS connection cannot directly be used for data exfiltration because the vulnerable code path requires that the connection be closed on initialization of the SSLSocket.)

CVSS3: 5.3
EPSS: Низкий
github логотип

GHSA-482h-xg25-ghqh

больше 3 лет назад

Integer overflow in _hashopenssl.c in the hashlib module in Python 2.5.2 and earlier might allow context-dependent attackers to defeat cryptographic digests, related to "partial hashlib hashing of data exceeding 4GB."

EPSS: Низкий
github логотип

GHSA-46cx-9569-w574

около 3 лет назад

Multiple integer overflows in imageop.c in the imageop module in Python 1.5.2 through 2.5.1 allow context-dependent attackers to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function, leading to a buffer overflow, a different vulnerability than CVE-2007-4965 and CVE-2008-1679.

EPSS: Средний
github логотип

GHSA-3qjm-23v2-9v26

около 3 лет назад

** DISPUTED ** Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is impossible because the code relies on subprocess.Popen and the default shell=False setting.

CVSS3: 8.8
EPSS: Низкий
github логотип

GHSA-3hc2-c7c2-f785

больше 3 лет назад

Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow.

EPSS: Средний
github логотип

GHSA-36jr-8w83-wr8q

9 месяцев назад

Visual Studio Code Python Extension Remote Code Execution Vulnerability

CVSS3: 8.8
EPSS: Низкий
github логотип

GHSA-2j46-98gf-6xf6

около 3 лет назад

Python 2.6 through 3.2 creates ~/.pypirc with world-readable permissions before changing them after data has been written, which introduces a race condition that allows local users to obtain a username and password by reading this file.

EPSS: Низкий
github логотип

GHSA-24p8-x4mp-cq86

около 3 лет назад

urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call.

CVSS3: 9.1
EPSS: Низкий
nvd логотип

CVE-2025-49714

29 дней назад

Trust boundary violation in Visual Studio Code - Python extension allows an unauthorized attacker to execute code locally.

CVSS3: 7.8
EPSS: Низкий
ubuntu логотип

CVE-2024-9287

10 месяцев назад

A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie "source venv/bin/activate"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren't activated before being used (ie "./venv/bin/python") are not affected.

CVSS3: 7.8
EPSS: Низкий
redhat логотип

CVE-2024-9287

10 месяцев назад

A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie "source venv/bin/activate"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren't activated before being used (ie "./venv/bin/python") are not affected.

CVSS3: 6.3
EPSS: Низкий
nvd логотип

CVE-2024-9287

10 месяцев назад

A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie "source venv/bin/activate"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren't activated before being used (ie "./venv/bin/python") are not affected.

CVSS3: 7.8
EPSS: Низкий
debian логотип

CVE-2024-9287

10 месяцев назад

A vulnerability has been found in the CPython `venv` module and CLI wh ...

CVSS3: 7.8
EPSS: Низкий
ubuntu логотип

CVE-2024-7592

12 месяцев назад

There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing cookies that contained backslashes for quoted characters in the cookie value, the parser would use an algorithm with quadratic complexity, resulting in excess CPU resources being used while parsing the value.

CVSS3: 7.5
EPSS: Низкий
redhat логотип

CVE-2024-7592

12 месяцев назад

There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing cookies that contained backslashes for quoted characters in the cookie value, the parser would use an algorithm with quadratic complexity, resulting in excess CPU resources being used while parsing the value.

CVSS3: 4.8
EPSS: Низкий
nvd логотип

CVE-2024-7592

12 месяцев назад

There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing cookies that contained backslashes for quoted characters in the cookie value, the parser would use an algorithm with quadratic complexity, resulting in excess CPU resources being used while parsing the value.

CVSS3: 7.5
EPSS: Низкий
debian логотип

CVE-2024-7592

12 месяцев назад

There is a LOW severity vulnerability affecting CPython, specifically ...

CVSS3: 7.5
EPSS: Низкий
ubuntu логотип

CVE-2024-6232

11 месяцев назад

There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives.

CVSS3: 7.5
EPSS: Низкий
redhat логотип

CVE-2024-6232

11 месяцев назад

There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives.

CVSS3: 7.5
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
github логотип
GHSA-4jhg-wfq8-3vgm

Untrusted search path vulnerability in the PySys_SetArgv API function in Python 2.6 and earlier, and possibly later versions, prepends an empty string to sys.path when the argv[0] argument does not contain a path separator, which might allow local users to execute arbitrary code via a Trojan horse Python file in the current working directory.

0%
Низкий
около 3 лет назад
github логотип
GHSA-4j9r-82g6-9mj3

An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly, there is a brief window where the SSLSocket instance will detect the socket as "not connected" and won't initiate a handshake, but buffered data will still be readable from the socket buffer. This data will not be authenticated if the server-side TLS peer is expecting client certificate authentication, and is indistinguishable from valid TLS stream data. Data is limited in size to the amount that will fit in the buffer. (The TLS connection cannot directly be used for data exfiltration because the vulnerable code path requires that the connection be closed on initialization of the SSLSocket.)

CVSS3: 5.3
0%
Низкий
почти 2 года назад
github логотип
GHSA-482h-xg25-ghqh

Integer overflow in _hashopenssl.c in the hashlib module in Python 2.5.2 and earlier might allow context-dependent attackers to defeat cryptographic digests, related to "partial hashlib hashing of data exceeding 4GB."

2%
Низкий
больше 3 лет назад
github логотип
GHSA-46cx-9569-w574

Multiple integer overflows in imageop.c in the imageop module in Python 1.5.2 through 2.5.1 allow context-dependent attackers to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function, leading to a buffer overflow, a different vulnerability than CVE-2007-4965 and CVE-2008-1679.

22%
Средний
около 3 лет назад
github логотип
GHSA-3qjm-23v2-9v26

** DISPUTED ** Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is impossible because the code relies on subprocess.Popen and the default shell=False setting.

CVSS3: 8.8
1%
Низкий
около 3 лет назад
github логотип
GHSA-3hc2-c7c2-f785

Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow.

35%
Средний
больше 3 лет назад
github логотип
GHSA-36jr-8w83-wr8q

Visual Studio Code Python Extension Remote Code Execution Vulnerability

CVSS3: 8.8
4%
Низкий
9 месяцев назад
github логотип
GHSA-2j46-98gf-6xf6

Python 2.6 through 3.2 creates ~/.pypirc with world-readable permissions before changing them after data has been written, which introduces a race condition that allows local users to obtain a username and password by reading this file.

0%
Низкий
около 3 лет назад
github логотип
GHSA-24p8-x4mp-cq86

urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call.

CVSS3: 9.1
1%
Низкий
около 3 лет назад
nvd логотип
CVE-2025-49714

Trust boundary violation in Visual Studio Code - Python extension allows an unauthorized attacker to execute code locally.

CVSS3: 7.8
0%
Низкий
29 дней назад
ubuntu логотип
CVE-2024-9287

A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie "source venv/bin/activate"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren't activated before being used (ie "./venv/bin/python") are not affected.

CVSS3: 7.8
0%
Низкий
10 месяцев назад
redhat логотип
CVE-2024-9287

A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie "source venv/bin/activate"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren't activated before being used (ie "./venv/bin/python") are not affected.

CVSS3: 6.3
0%
Низкий
10 месяцев назад
nvd логотип
CVE-2024-9287

A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie "source venv/bin/activate"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren't activated before being used (ie "./venv/bin/python") are not affected.

CVSS3: 7.8
0%
Низкий
10 месяцев назад
debian логотип
CVE-2024-9287

A vulnerability has been found in the CPython `venv` module and CLI wh ...

CVSS3: 7.8
0%
Низкий
10 месяцев назад
ubuntu логотип
CVE-2024-7592

There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing cookies that contained backslashes for quoted characters in the cookie value, the parser would use an algorithm with quadratic complexity, resulting in excess CPU resources being used while parsing the value.

CVSS3: 7.5
0%
Низкий
12 месяцев назад
redhat логотип
CVE-2024-7592

There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing cookies that contained backslashes for quoted characters in the cookie value, the parser would use an algorithm with quadratic complexity, resulting in excess CPU resources being used while parsing the value.

CVSS3: 4.8
0%
Низкий
12 месяцев назад
nvd логотип
CVE-2024-7592

There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing cookies that contained backslashes for quoted characters in the cookie value, the parser would use an algorithm with quadratic complexity, resulting in excess CPU resources being used while parsing the value.

CVSS3: 7.5
0%
Низкий
12 месяцев назад
debian логотип
CVE-2024-7592

There is a LOW severity vulnerability affecting CPython, specifically ...

CVSS3: 7.5
0%
Низкий
12 месяцев назад
ubuntu логотип
CVE-2024-6232

There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives.

CVSS3: 7.5
2%
Низкий
11 месяцев назад
redhat логотип
CVE-2024-6232

There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives.

CVSS3: 7.5
2%
Низкий
11 месяцев назад

Уязвимостей на страницу