Search for packages
| purl | pkg:deb/debian/python2.7@2.7.9-2 |
| Next non-vulnerable version | 2.7.18-8+deb11u1 |
| Latest non-vulnerable version | 2.7.18-8+deb11u1 |
| Risk | 8.6 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1taa-a9e4-tbc5
Aliases: CVE-2019-10160 |
python: regression of CVE-2019-9636 due to functional fix to allow port numbers in netloc |
Affected by 0 other vulnerabilities. |
|
VCID-2czu-wy37-qugf
Aliases: CVE-2022-48566 |
python: constant-time-defeating optimisations issue in the compare_digest function in Lib/hmac.p |
Affected by 0 other vulnerabilities. |
|
VCID-2shb-2cvn-dyd2
Aliases: CVE-2023-24329 |
Multiple vulberabilities have been discovered in Python and PyPy3, the worst of which can lead to privilege escalation. |
Affected by 0 other vulnerabilities. |
|
VCID-3mu8-g6x3-effb
Aliases: CVE-2016-5699 |
python: http protocol steam injection attack |
Affected by 26 other vulnerabilities. |
|
VCID-4py6-hkzp-v3d4
Aliases: CVE-2018-1060 |
security update |
Affected by 26 other vulnerabilities. Affected by 17 other vulnerabilities. |
|
VCID-4q79-666d-rygx
Aliases: CVE-2022-48565 |
python: XML External Entity in XML processing plistlib module |
Affected by 0 other vulnerabilities. |
|
VCID-4z89-3tfk-pyge
Aliases: CVE-2023-40217 |
Multiple vulberabilities have been discovered in Python and PyPy3, the worst of which can lead to privilege escalation. |
Affected by 0 other vulnerabilities. |
|
VCID-57c6-hx7f-efc6
Aliases: CVE-2019-18348 |
python: CRLF injection via the host part of the url passed to urlopen() |
Affected by 0 other vulnerabilities. |
|
VCID-7jat-6ags-qbdr
Aliases: CVE-2018-14647 |
security update |
Affected by 26 other vulnerabilities. Affected by 17 other vulnerabilities. |
|
VCID-9mcr-rmtb-mufj
Aliases: CVE-2019-9740 |
Multiple vulnerabilities have been found in Python, the worst of which could result in a Denial of Service condition. |
Affected by 0 other vulnerabilities. |
|
VCID-c97c-3177-wkhx
Aliases: CVE-2016-5636 |
Multiple vulnerabilities have been found in Python, the worst of which could lead to arbitrary code execution. |
Affected by 26 other vulnerabilities. |
|
VCID-dkxn-j9dr-sqbp
Aliases: CVE-2021-3177 |
Multiple vulnerabilities have been found in Python, the worst of which could result in the arbitrary execution of code. |
Affected by 0 other vulnerabilities. |
|
VCID-dv5v-71b5-budp
Aliases: CVE-2022-48560 |
python: use after free in heappushpop() of heapq module |
Affected by 0 other vulnerabilities. |
|
VCID-gfzb-b7tt-fkgz
Aliases: CVE-2018-1000030 |
A buffer overflow in Python might allow remote attackers to cause a Denial of Service condition. |
Affected by 17 other vulnerabilities. |
|
VCID-gkfp-ga1r-jkag
Aliases: CVE-2020-8492 |
A vulnerability in Python could lead to a Denial of Service condition. |
Affected by 0 other vulnerabilities. |
|
VCID-hcq4-yq9k-jygb
Aliases: CVE-2018-1000802 |
security update |
Affected by 26 other vulnerabilities. Affected by 17 other vulnerabilities. |
|
VCID-hgwh-tzsf-suc1
Aliases: CVE-2016-0772 |
Multiple vulnerabilities have been found in Python, the worst of which could lead to arbitrary code execution. |
Affected by 26 other vulnerabilities. |
|
VCID-j9s6-2y47-zbbt
Aliases: CVE-2018-1061 |
security update |
Affected by 26 other vulnerabilities. Affected by 17 other vulnerabilities. |
|
VCID-k18q-3e9y-ykgf
Aliases: CVE-2019-9948 |
Multiple vulnerabilities have been found in Python, the worst of which could result in a Denial of Service condition. |
Affected by 17 other vulnerabilities. |
|
VCID-ppqx-qup8-sqbz
Aliases: CVE-2019-16056 |
python: email.utils.parseaddr wrongly parses email addresses |
Affected by 0 other vulnerabilities. |
|
VCID-tyk4-kazt-kydj
Aliases: CVE-2019-20907 |
Multiple vulnerabilities have been found in Python, the worst of which could result in a Denial of Service condition. |
Affected by 0 other vulnerabilities. |
|
VCID-ugfy-dufq-hfb2
Aliases: CVE-2016-1000110 |
CGIHandler: sets environmental variable based on user supplied Proxy request header |
Affected by 26 other vulnerabilities. |
|
VCID-v84j-ugn9-w3c8
Aliases: CVE-2019-16935 |
python: XSS vulnerability in the documentation XML-RPC server in server_title field |
Affected by 0 other vulnerabilities. |
|
VCID-vpwj-d49q-1uh8
Aliases: CVE-2022-0391 |
Multiple vulnerabilities have been found in Python and PyPy, the worst of which could result in arbitrary code execution. |
Affected by 0 other vulnerabilities. |
|
VCID-w6k8-js68-87g4
Aliases: CVE-2021-23336 |
Multiple vulnerabilities have been found in Python, the worst of which might allow attackers to access sensitive information. |
Affected by 0 other vulnerabilities. |
|
VCID-wq7w-nrar-ykde
Aliases: CVE-2017-1000158 |
A buffer overflow in Python might allow remote attackers to execute arbitrary code. |
Affected by 17 other vulnerabilities. |
|
VCID-wxhp-wayg-qbd1
Aliases: CVE-2019-9636 |
Multiple vulnerabilities have been found in Python, the worst of which could result in a Denial of Service condition. |
Affected by 17 other vulnerabilities. |
|
VCID-x7h3-nmjt-aud5
Aliases: CVE-2019-9947 |
Multiple vulnerabilities have been found in Python, the worst of which could result in a Denial of Service condition. |
Affected by 0 other vulnerabilities. |
|
VCID-xv9p-nyha-xygv
Aliases: CVE-2018-20852 |
Multiple vulnerabilities have been found in Python, the worst of which could result in a Denial of Service condition. |
Affected by 0 other vulnerabilities. |
|
VCID-yqm8-fk44-4yhk
Aliases: CVE-2019-5010 |
Multiple vulnerabilities have been found in Python, the worst of which could result in a Denial of Service condition. |
Affected by 17 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-1mw1-384y-huc7 | Uncontrolled Resource Consumption Algorithmic complexity vulnerability in the `ssl.match_hostname` function and unspecified versions of python-backports-ssl_match_hostname as used for older Python versions, allows remote attackers to cause a denial of service (CPU consumption) via multiple wildcard characters in the common name in a certificate. |
CVE-2013-2099
|
| VCID-8aq9-8cf5-qbet | Multiple vulnerabilities have been found in Python, the worst of which could lead to arbitrary code execution. |
CVE-2014-9365
|
| VCID-8jfv-cqa8-7yb6 | python: CGIHTTPServer module does not properly handle URL-encoded path separators in URLs |
CVE-2014-4650
|
| VCID-9jj2-hsne-mbac | security update |
CVE-2013-4238
|
| VCID-ez5b-fvw8-hkh3 | Multiple vulnerabilities have been found in Python, the worst of which could lead to arbitrary code execution. |
CVE-2014-1912
|
| VCID-f5vu-k9rc-27fz | Improper Validation of Array Index Array index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the raw_decode function. |
CVE-2014-4616
GHSA-9772-cwx9-r4cj |
| VCID-g81p-pg7g-xfcf | python: wildcard matching rules do not follow RFC 6125 |
CVE-2013-7440
|
| VCID-mzd5-dwty-bqhf | Multiple vulnerabilities have been found in Python, the worst of which could lead to arbitrary code execution. |
CVE-2014-7185
|
| VCID-w85n-mm5g-5yd1 | python: XMLRPC library unrestricted decompression of HTTP responses using gzip enconding |
CVE-2013-1753
|
| VCID-z6kh-961g-duck | Multiple vulnerabilities have been found in Python, the worst of which allow remote attackers to cause a Denial of Service condition. |
CVE-2010-3492
|