Количество 77
Количество 77
SUSE-SU-2020:2157-1
Security update for python-ipaddress
SUSE-SU-2020:1920-1
Security update for python-ipaddress
SUSE-SU-2020:1822-1
Security update for python3
GHSA-9gg6-cm3f-wf38
Incorrect Calculation and Use of Insufficiently Random Values in Python
BDU:2021-00757
Уязвимость реализации классов IPv4Interface и IPv6Interface модуля Lib/ipaddress.py интерпретатора языка программирования Python, позволяющая нарушителю вызвать отказ в обслуживании
CVE-2019-16935
The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server.
CVE-2019-16935
The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server.
CVE-2019-16935
The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server.
CVE-2019-16935
The documentation XML-RPC server in Python through 2.7.16, 3.x through ...
GHSA-qhmv-wcg2-h8hx
The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server.
ELSA-2020-3911
ELSA-2020-3911: python security update (MODERATE)
BDU:2020-04508
Уязвимость сервера документации XML-RPC интерпретатора языка программирования Python, позволяющая нарушителю осуществить межсайтовую сценарную атаку
openSUSE-SU-2019:2453-1
Security update for python3
openSUSE-SU-2019:2438-1
Security update for python3
SUSE-SU-2019:2802-1
Security update for python3
SUSE-SU-2019:2748-2
Security update for python
SUSE-SU-2019:2748-1
Security update for python
CVE-2020-8492
Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.
CVE-2020-8492
Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.
CVE-2020-8492
Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | SUSE-SU-2020:2157-1 Security update for python-ipaddress | 1% Низкий | почти 5 лет назад | |
| SUSE-SU-2020:1920-1 Security update for python-ipaddress | 1% Низкий | почти 5 лет назад | |
| SUSE-SU-2020:1822-1 Security update for python3 | 1% Низкий | почти 5 лет назад | |
| GHSA-9gg6-cm3f-wf38 Incorrect Calculation and Use of Insufficiently Random Values in Python | CVSS3: 5.9 | 1% Низкий | около 4 лет назад |
 | BDU:2021-00757 Уязвимость реализации классов IPv4Interface и IPv6Interface модуля Lib/ipaddress.py интерпретатора языка программирования Python, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 5.9 | 1% Низкий | около 5 лет назад |
 | CVE-2019-16935 The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server. | CVSS3: 6.1 | 1% Низкий | больше 5 лет назад |
 | CVE-2019-16935 The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server. | CVSS3: 6.1 | 1% Низкий | больше 5 лет назад |
 | CVE-2019-16935 The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server. | CVSS3: 6.1 | 1% Низкий | больше 5 лет назад |
| CVE-2019-16935 The documentation XML-RPC server in Python through 2.7.16, 3.x through ... | CVSS3: 6.1 | 1% Низкий | больше 5 лет назад |
| GHSA-qhmv-wcg2-h8hx The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server. | CVSS3: 6.1 | 1% Низкий | около 3 лет назад |
| ELSA-2020-3911 ELSA-2020-3911: python security update (MODERATE) | больше 4 лет назад | ||
| BDU:2020-04508 Уязвимость сервера документации XML-RPC интерпретатора языка программирования Python, позволяющая нарушителю осуществить межсайтовую сценарную атаку | CVSS3: 6.1 | 1% Низкий | больше 5 лет назад |
| openSUSE-SU-2019:2453-1 Security update for python3 | больше 5 лет назад | ||
| openSUSE-SU-2019:2438-1 Security update for python3 | больше 5 лет назад | ||
| SUSE-SU-2019:2802-1 Security update for python3 | больше 5 лет назад | ||
| SUSE-SU-2019:2748-2 Security update for python | больше 5 лет назад | ||
| SUSE-SU-2019:2748-1 Security update for python | больше 5 лет назад | ||
| CVE-2020-8492 Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking. | CVSS3: 6.5 | 4% Низкий | больше 5 лет назад |
| CVE-2020-8492 Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking. | CVSS3: 6.5 | 4% Низкий | больше 5 лет назад |
| CVE-2020-8492 Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking. | CVSS3: 6.5 | 4% Низкий | больше 5 лет назад |
Уязвимостей на страницу