Количество 49
Количество 49
RLSA-2022:8353
Moderate: python3.9 security, bug fix, and enhancement update
ELSA-2022-8353
ELSA-2022-8353: python3.9 security, bug fix, and enhancement update (MODERATE)
CVE-2021-28861
** DISPUTED ** Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation page states "Warning: http.server is not recommended for production. It only implements basic security checks."
CVE-2021-28861
Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation page states "Warning: http.server is not recommended for production. It only implements basic security checks."
CVE-2021-28861
Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation page states "Warning: http.server is not recommended for production. It only implements basic security checks."
CVE-2021-28861
CVE-2021-28861
Python 3.x through 3.10 has an open redirection vulnerability in lib/h ...
CVE-2015-20107
In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9
CVE-2015-20107
In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9
CVE-2015-20107
In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9
CVE-2015-20107
CVE-2015-20107
In Python (aka CPython) up to 3.10.8, the mailcap module does not add ...
SUSE-SU-2022:3940-1
Security update for python
SUSE-SU-2022:3593-1
Security update for python3
SUSE-SU-2022:3553-1
Security update for python
SUSE-SU-2022:3544-1
Security update for python3
SUSE-SU-2022:3512-2
Security update for python
SUSE-SU-2022:3512-1
Security update for python
SUSE-SU-2022:3511-2
Security update for python3
SUSE-SU-2022:3511-1
Security update for python3
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | RLSA-2022:8353 Moderate: python3.9 security, bug fix, and enhancement update | больше 2 лет назад | ||
| ELSA-2022-8353 ELSA-2022-8353: python3.9 security, bug fix, and enhancement update (MODERATE) | больше 2 лет назад | ||
 | CVE-2021-28861 ** DISPUTED ** Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation page states "Warning: http.server is not recommended for production. It only implements basic security checks." | CVSS3: 7.4 | 0% Низкий | почти 3 года назад |
 | CVE-2021-28861 Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation page states "Warning: http.server is not recommended for production. It only implements basic security checks." | CVSS3: 7.4 | 0% Низкий | почти 3 года назад |
 | CVE-2021-28861 Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation page states "Warning: http.server is not recommended for production. It only implements basic security checks." | CVSS3: 7.4 | 0% Низкий | почти 3 года назад |
 | CVSS3: 7.4 | 0% Низкий | почти 3 года назад | |
| CVE-2021-28861 Python 3.x through 3.10 has an open redirection vulnerability in lib/h ... | CVSS3: 7.4 | 0% Низкий | почти 3 года назад |
| CVE-2015-20107 In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9 | CVSS3: 7.6 | 1% Низкий | около 3 лет назад |
| CVE-2015-20107 In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9 | CVSS3: 7.6 | 1% Низкий | почти 10 лет назад |
| CVE-2015-20107 In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9 | CVSS3: 7.6 | 1% Низкий | около 3 лет назад |
| CVSS3: 7.6 | 1% Низкий | около 3 лет назад | |
| CVE-2015-20107 In Python (aka CPython) up to 3.10.8, the mailcap module does not add ... | CVSS3: 7.6 | 1% Низкий | около 3 лет назад |
 | SUSE-SU-2022:3940-1 Security update for python | 0% Низкий | больше 2 лет назад | |
| SUSE-SU-2022:3593-1 Security update for python3 | 0% Низкий | больше 2 лет назад | |
| SUSE-SU-2022:3553-1 Security update for python | 0% Низкий | больше 2 лет назад | |
| SUSE-SU-2022:3544-1 Security update for python3 | 0% Низкий | больше 2 лет назад | |
| SUSE-SU-2022:3512-2 Security update for python | 0% Низкий | больше 2 лет назад | |
| SUSE-SU-2022:3512-1 Security update for python | 0% Низкий | больше 2 лет назад | |
| SUSE-SU-2022:3511-2 Security update for python3 | 0% Низкий | больше 2 лет назад | |
| SUSE-SU-2022:3511-1 Security update for python3 | 0% Низкий | больше 2 лет назад |
Уязвимостей на страницу