exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 27

CVE-2014-4650

больше 11 лет назад

The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as demonstrated by a %2f separator.

CVSS2: 5

EPSS: Низкий

CVE-2014-4650

почти 6 лет назад

The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as demonstrated by a %2f separator.

CVSS3: 9.8

EPSS: Низкий

CVE-2014-4650

почти 6 лет назад

The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly h ...

CVSS3: 9.8

EPSS: Низкий

GHSA-4p82-prjq-g7wr

больше 3 лет назад

Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function.

EPSS: Низкий

GHSA-33c8-ggqv-8g5p

больше 3 лет назад

The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as demonstrated by a %2f separator.

CVSS3: 9.8

EPSS: Низкий

BDU:2015-00666

больше 11 лет назад

Уязвимость программного обеспечения Python, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

CVSS2: 9.3

EPSS: Низкий

openSUSE-SU-2016:2120-1

больше 9 лет назад

Security update for python3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2014-4650 The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as demonstrated by a %2f separator.	CVSS2: 5	6% Низкий	больше 11 лет назад
CVE-2014-4650 The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as demonstrated by a %2f separator.	CVSS3: 9.8	6% Низкий	почти 6 лет назад
CVE-2014-4650 The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly h ...	CVSS3: 9.8	6% Низкий	почти 6 лет назад
GHSA-4p82-prjq-g7wr Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function.		1% Низкий	больше 3 лет назад
GHSA-33c8-ggqv-8g5p The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as demonstrated by a %2f separator.	CVSS3: 9.8	6% Низкий	больше 3 лет назад
BDU:2015-00666 Уязвимость программного обеспечения Python, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации	CVSS2: 9.3	6% Низкий	больше 11 лет назад
openSUSE-SU-2016:2120-1 Security update for python3			больше 9 лет назад

Уязвимостей на страницу