Search for packages
| purl | pkg:deb/debian/pypy3@7.3.11%2Bdfsg-2%2Bdeb12u1 |
| Tags | Ghost |
| Next non-vulnerable version | 7.3.19+dfsg-2 |
| Latest non-vulnerable version | 7.3.19+dfsg-2 |
| Risk | 3.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-adb7-t68d-aaah
Aliases: CVE-2023-6597 |
An issue was found in the CPython `tempfile.TemporaryDirectory` class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged programs are potentially able to modify permissions of files referenced by symlinks in some circumstances. |
Affected by 2 other vulnerabilities. Affected by 2 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-kxt9-wr47-aaaf
Aliases: CVE-2024-0450 |
An issue was found in the CPython `zipfile` module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is vulnerable to “quoted-overlap” zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython makes the zipfile module reject zip archives which overlap entries in the archive. |
Affected by 2 other vulnerabilities. Affected by 2 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-y1sw-wnzq-aaae
Aliases: CVE-2023-24329 |
An issue in the urllib.parse component of Python before v3.11 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. |
Affected by 2 other vulnerabilities. Affected by 2 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2024-05-20T15:54:47.554000+00:00 | Debian Importer | Affected by | VCID-kxt9-wr47-aaaf | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc4 |
| 2024-05-20T15:47:48.365918+00:00 | Debian Importer | Affected by | VCID-adb7-t68d-aaah | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc4 |
| 2024-05-20T11:35:54.268346+00:00 | Debian Importer | Affected by | VCID-y1sw-wnzq-aaae | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc4 |
| 2024-05-20T08:08:11.929546+00:00 | Debian Importer | Fixing | VCID-nuws-q4cw-aaae | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc4 |
| 2024-05-20T07:51:11.403090+00:00 | Debian Importer | Fixing | VCID-1yvf-qg2w-aaan | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc4 |
| 2024-05-19T13:10:11.965091+00:00 | Debian Importer | Fixing | VCID-ttvn-gv7h-aaaq | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc4 |
| 2024-05-19T10:54:01.913839+00:00 | Debian Importer | Fixing | VCID-bdw7-d7up-aaaf | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc4 |
| 2024-05-19T07:11:25.357283+00:00 | Debian Importer | Fixing | VCID-hq7h-468r-aaad | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc4 |
| 2024-05-19T07:11:14.010606+00:00 | Debian Importer | Fixing | VCID-1n4c-69xu-aaae | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc4 |
| 2024-05-19T03:08:52.476813+00:00 | Debian Importer | Fixing | VCID-69wz-uwzh-aaam | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc4 |
| 2024-05-18T19:27:09.087561+00:00 | Debian Importer | Fixing | VCID-fxcv-tgm2-aaac | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc4 |
| 2024-04-26T04:27:11.026711+00:00 | Debian Importer | Fixing | VCID-gf6k-frsj-aaas | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc4 |
| 2024-04-26T04:27:06.247292+00:00 | Debian Importer | Affected by | VCID-gf6k-frsj-aaas | https://security-tracker.debian.org/tracker/data/json | 34.0.0rc4 |
| 2024-04-26T04:27:03.040789+00:00 | Debian Importer | Fixing | VCID-gf6k-frsj-aaas | None | 34.0.0rc4 |