Search for packages
| purl | pkg:deb/debian/python2.7@2.7.3-6%2Bdeb7u2 |
| Next non-vulnerable version | 2.7.18-8+deb11u1 |
| Latest non-vulnerable version | 2.7.18-8+deb11u1 |
| Risk | 8.6 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-16gk-g5t6-5bbf
Aliases: CVE-2018-1060 |
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service. |
Affected by 26 other vulnerabilities. Affected by 17 other vulnerabilities. |
|
VCID-172n-hbu2-6fd3
Aliases: CVE-2013-2099 |
Uncontrolled Resource Consumption Algorithmic complexity vulnerability in the `ssl.match_hostname` function and unspecified versions of python-backports-ssl_match_hostname as used for older Python versions, allows remote attackers to cause a denial of service (CPU consumption) via multiple wildcard characters in the common name in a certificate. |
Affected by 30 other vulnerabilities. |
|
VCID-3fpe-pvdm-kyhs
Aliases: CVE-2022-48560 |
python: use after free in heappushpop() of heapq module |
Affected by 0 other vulnerabilities. |
|
VCID-46e4-wwyz-3kb9
Aliases: CVE-2014-4650 |
The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as demonstrated by a %2f separator. |
Affected by 30 other vulnerabilities. |
|
VCID-5arb-eqy5-3qfy
Aliases: CVE-2018-1000030 |
Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a Heap-Use-After-Free. Python versions prior to 2.7.14 may also be vulnerable and it appears that Python 2.7.17 and prior may also be vulnerable however this has not been confirmed. The vulnerability lies when multiply threads are handling large amounts of data. In both cases there is essentially a race condition that occurs. For the Heap-Buffer-Overflow, Thread 2 is creating the size for a buffer, but Thread1 is already writing to the buffer without knowing how much to write. So when a large amount of data is being processed, it is very easy to cause memory corruption using a Heap-Buffer-Overflow. As for the Use-After-Free, Thread3->Malloc->Thread1->Free's->Thread2-Re-uses-Free'd Memory. The PSRT has stated that this is not a security vulnerability due to the fact that the attacker must be able to run code, however in some situations, such as function as a service, this vulnerability can potentially be used by an attacker to violate a trust boundary, as such the DWF feels this issue deserves a CVE. |
Affected by 17 other vulnerabilities. |
|
VCID-78qy-9w1z-8yhy
Aliases: CVE-2014-1912 |
Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string. |
Affected by 30 other vulnerabilities. |
|
VCID-97wt-q55v-17dg
Aliases: CVE-2014-7185 |
Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function. |
Affected by 30 other vulnerabilities. |
|
VCID-9dyt-z3y9-nkb8
Aliases: CVE-2019-5010 |
An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted certificates to trigger this vulnerability. |
Affected by 17 other vulnerabilities. |
|
VCID-c6vf-8bw4-8bgj
Aliases: CVE-2010-3492 |
The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should handle unsuccessful calls to the accept function, which makes it easier for remote attackers to conduct denial of service attacks that terminate these applications via network connections. |
Affected by 30 other vulnerabilities. |
|
VCID-cpkh-xpsk-nqf1
Aliases: CVE-2018-20852 |
http.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong server. An attacker may abuse this flaw by using a server with a hostname that has another valid hostname as a suffix (e.g., pythonicexample.com to steal cookies for example.com). When a program uses http.cookiejar.DefaultPolicy and tries to do an HTTP connection to an attacker-controlled server, existing cookies can be leaked to the attacker. This affects 2.x through 2.7.16, 3.x before 3.4.10, 3.5.x before 3.5.7, 3.6.x before 3.6.9, and 3.7.x before 3.7.3. |
Affected by 0 other vulnerabilities. |
|
VCID-cwra-a4xc-budx
Aliases: CVE-2014-4616 GHSA-9772-cwx9-r4cj |
Improper Validation of Array Index Array index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the raw_decode function. |
Affected by 30 other vulnerabilities. |
|
VCID-dpsq-73nq-hbcg
Aliases: CVE-2017-1000158 |
CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution) |
Affected by 17 other vulnerabilities. |
|
VCID-ems8-fwjz-q3at
Aliases: CVE-2018-14647 |
Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause pathological hash collisions in Expat's internal data structures, consuming large amounts CPU and RAM. The vulnerability exists in Python versions 3.7.0, 3.6.0 through 3.6.6, 3.5.0 through 3.5.6, 3.4.0 through 3.4.9, 2.7.0 through 2.7.15. |
Affected by 26 other vulnerabilities. Affected by 17 other vulnerabilities. |
|
VCID-fbrt-d4gm-efhn
Aliases: CVE-2023-24329 |
python: urllib.parse url blocklisting bypass |
Affected by 0 other vulnerabilities. |
|
VCID-fwhj-bjfc-h3an
Aliases: CVE-2019-16056 |
An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340; however, this CVE applies to Python more generally. |
Affected by 0 other vulnerabilities. |
|
VCID-g7gc-5ynw-ffcb
Aliases: CVE-2019-9636 |
information disclosure |
Affected by 17 other vulnerabilities. |
|
VCID-g932-tm87-ebb6
Aliases: CVE-2019-18348 |
An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in the host component of a URL) followed by an HTTP header. This is similar to the CVE-2019-9740 query string issue and the CVE-2019-9947 path string issue. (This is not exploitable when glibc has CVE-2016-10739 fixed.). This is fixed in: v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1; v3.6.11, v3.6.11rc1, v3.6.12; v3.7.8, v3.7.8rc1, v3.7.9; v3.8.3, v3.8.3rc1, v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1. |
Affected by 0 other vulnerabilities. |
|
VCID-ga74-8ch9-a3hc
Aliases: CVE-2021-3177 |
Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely. |
Affected by 0 other vulnerabilities. |
|
VCID-gczs-recc-gya2
Aliases: CVE-2023-40217 |
python: TLS handshake bypass |
Affected by 0 other vulnerabilities. |
|
VCID-k2jc-cyb3-yqcc
Aliases: CVE-2019-20907 |
In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation. |
Affected by 0 other vulnerabilities. |
|
VCID-nqa2-kqcf-wyez
Aliases: CVE-2018-1061 |
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service. |
Affected by 26 other vulnerabilities. Affected by 17 other vulnerabilities. |
|
VCID-p2er-rxka-r7dk
Aliases: CVE-2019-10160 |
A security regression of CVE-2019-9636 was discovered in python since commit d537ab0ff9767ef024f26246899728f0116b1ec3 affecting versions 2.7, 3.5, 3.6, 3.7 and from v3.8.0a4 through v3.8.0b1, which still allows an attacker to exploit CVE-2019-9636 by abusing the user and password parts of a URL. When an application parses user-supplied URLs to store cookies, authentication credentials, or other kind of information, it is possible for an attacker to provide specially crafted URLs to make the application locate host-related information (e.g. cookies, authentication data) and send them to a different host than where it should, unlike if the URLs had been correctly parsed. The result of an attack may vary based on the application. |
Affected by 0 other vulnerabilities. |
|
VCID-pa1n-3at9-qbhu
Aliases: CVE-2016-0772 |
The smtplib library in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 does not return an error when StartTLS fails, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS stripping attack." |
Affected by 26 other vulnerabilities. |
|
VCID-pw5s-1prw-vqhz
Aliases: CVE-2014-9365 |
The HTTP clients in the (1) httplib, (2) urllib, (3) urllib2, and (4) xmlrpclib libraries in CPython (aka Python) 2.x before 2.7.9 and 3.x before 3.4.3, when accessing an HTTPS URL, do not (a) check the certificate against a trust store or verify that the server hostname matches a domain name in the subject's (b) Common Name or (c) subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. |
Affected by 30 other vulnerabilities. |
|
VCID-qjut-1y6u-pqek
Aliases: CVE-2016-5636 |
Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negative data size value, which triggers a heap-based buffer overflow. |
Affected by 26 other vulnerabilities. |
|
VCID-ru8s-bq99-9bhd
Aliases: CVE-2019-16935 |
The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server. |
Affected by 0 other vulnerabilities. |
|
VCID-sse9-sa1n-wbc9
Aliases: CVE-2019-9947 |
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in the path component of a URL that lacks a ? character) followed by an HTTP header or a Redis command. This is similar to the CVE-2019-9740 query string issue. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9. |
Affected by 0 other vulnerabilities. |
|
VCID-stc9-apq8-k7a6
Aliases: CVE-2018-1000802 |
Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace. |
Affected by 26 other vulnerabilities. Affected by 17 other vulnerabilities. |
|
VCID-t7p2-zytn-fycp
Aliases: CVE-2013-7440 |
The ssl.match_hostname function in CPython (aka Python) before 2.7.9 and 3.x before 3.3.3 does not properly handle wildcards in hostnames, which might allow man-in-the-middle attackers to spoof servers via a crafted certificate. |
Affected by 30 other vulnerabilities. |
|
VCID-taaq-u851-5kdt
Aliases: CVE-2019-9948 |
urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call. |
Affected by 17 other vulnerabilities. |
|
VCID-thsx-3yu5-43ff
Aliases: CVE-2016-1000110 |
The CGIHandler class in Python before 2.7.12 does not protect against the HTTP_PROXY variable name clash in a CGI script, which could allow a remote attacker to redirect HTTP requests. |
Affected by 26 other vulnerabilities. |
|
VCID-u4fg-6shu-jkh7
Aliases: CVE-2022-48565 |
python: XML External Entity in XML processing plistlib module |
Affected by 0 other vulnerabilities. |
|
VCID-ua1b-81hn-ykfw
Aliases: CVE-2020-8492 |
Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking. |
Affected by 0 other vulnerabilities. |
|
VCID-ue7j-kq6d-xbeb
Aliases: CVE-2019-9740 |
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in the query string after a ? character) followed by an HTTP header or a Redis command. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9. |
Affected by 0 other vulnerabilities. |
|
VCID-vm8m-na8y-67et
Aliases: CVE-2022-0391 |
A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14. |
Affected by 0 other vulnerabilities. |
|
VCID-wnxx-rc7w-cke4
Aliases: CVE-2021-23336 |
Inconsistent Interpretation of HTTP Requests (HTTP Request Smuggling) When the attacker can separate query parameters using a semicolon (`;`), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter. |
Affected by 0 other vulnerabilities. |
|
VCID-yrph-wbpc-5kgz
Aliases: CVE-2016-5699 |
CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL. |
Affected by 26 other vulnerabilities. |
|
VCID-z7k5-3vc9-2uga
Aliases: CVE-2013-1753 |
The gzip_decode function in the xmlrpc client library in Python 3.4 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP request. |
Affected by 30 other vulnerabilities. |
|
VCID-zhu3-43e2-syh5
Aliases: CVE-2022-48566 |
python: constant-time-defeating optimisations issue in the compare_digest function in Lib/hmac.p |
Affected by 0 other vulnerabilities. |
|
VCID-zx9p-cab8-6ubc
Aliases: CVE-2013-4238 |
The ssl.match_hostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. |
Affected by 30 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||