exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 27

CVE-2014-4650

почти 11 лет назад

The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as demonstrated by a %2f separator.

CVSS2: 5

EPSS: Средний

CVE-2014-4650

больше 5 лет назад

The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as demonstrated by a %2f separator.

CVSS3: 9.8

EPSS: Средний

CVE-2014-4650

больше 5 лет назад

The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly h ...

CVSS3: 9.8

EPSS: Средний

GHSA-4p82-prjq-g7wr

около 3 лет назад

Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function.

EPSS: Низкий

GHSA-33c8-ggqv-8g5p

около 3 лет назад

The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as demonstrated by a %2f separator.

CVSS3: 9.8

EPSS: Средний

BDU:2015-00666

почти 11 лет назад

Уязвимость программного обеспечения Python, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

CVSS2: 9.3

EPSS: Средний

openSUSE-SU-2016:2120-1

почти 9 лет назад

Security update for python3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2014-4650 The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as demonstrated by a %2f separator.	CVSS2: 5	10% Средний	почти 11 лет назад
CVE-2014-4650 The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as demonstrated by a %2f separator.	CVSS3: 9.8	10% Средний	больше 5 лет назад
CVE-2014-4650 The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly h ...	CVSS3: 9.8	10% Средний	больше 5 лет назад
GHSA-4p82-prjq-g7wr Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function.		1% Низкий	около 3 лет назад
GHSA-33c8-ggqv-8g5p The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as demonstrated by a %2f separator.	CVSS3: 9.8	10% Средний	около 3 лет назад
BDU:2015-00666 Уязвимость программного обеспечения Python, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации	CVSS2: 9.3	10% Средний	почти 11 лет назад
openSUSE-SU-2016:2120-1 Security update for python3			почти 9 лет назад

Уязвимостей на страницу