Download
| Alert*
oval:org.secpod.oval:def:61460
The host is installed with Python through 3.7.2 and is prone to an uncontrolled resource consumption vulnerability. The flaw is present in the application, which fails to properly handle Lib/zipfile.py. Successful exploitation allows remote attackers to cause a denial-of-service. oval:org.secpod.oval:def:67008 python3.8: Interactive high-level object-oriented language - python2.7: An interactive high-level object-oriented language - python3.6: An interactive high-level object-oriented language - python3.5: An interactive high-level object-oriented language - python3.4: An interactive high-level object-or ... oval:org.secpod.oval:def:89050288 This update for python3 fixes the following issues: Security issues fixed: - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs . - CVE-2020-8492: Fixed a regular expression in urrlib that was prone to denial of service via HTTP . Non-security issue fixed: - If the locale ... oval:org.secpod.oval:def:89050352 This update for python fixes the following issues: Security issues fixed: - CVE-2019-9674: Improved the documentation, warning about dangers of zip-bombs . - CVE-2020-8492: Fixed a regular expression in urrlib that was prone to denial of service via HTTP . oval:org.secpod.oval:def:89050327 This update for python fixes the following issues: Security issues fixed: - CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed to urlopen. Now an InvalidURL exception is raised . - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs . oval:org.secpod.oval:def:64685 python3.8: Interactive high-level object-oriented language - python2.7: An interactive high-level object-oriented language - python3.6: An interactive high-level object-oriented language - python3.5: An interactive high-level object-oriented language - python3.4: An interactive high-level object-or ... oval:org.secpod.oval:def:89000075 This update for python to version 2.7.17 fixes the following issues: Syncing with lots of upstream bug fixes and security fixes. Bug fixes: - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs . - CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed t ... oval:org.secpod.oval:def:89000663 This update for python36 fixes the following issues: Security issues fixed: - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs . - CVE-2020-8492: Fixed a regular expression in urrlib that was prone to denial of service via HTTP . Non-security issue fixed: - If the locale ... oval:org.secpod.oval:def:89000307 This update for python3 fixes the following issue: - CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed to urlopen. Now an InvalidURL exception is raised . - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs . - CVE-2020-8492: Fixed a regular expre ... oval:org.secpod.oval:def:70554 python2.7: An interactive high-level object-oriented language - python3.7: An interactive high-level object-oriented language - python3.8: An interactive high-level object-oriented language Details: USN-4754-1 fixed vulnerabilities in Python. This update provides the corresponding updates for Linux ... oval:org.secpod.oval:def:705928 python2.7: An interactive high-level object-oriented language - python3.7: An interactive high-level object-oriented language - python3.8: An interactive high-level object-oriented language Details: USN-4754-1 fixed vulnerabilities in Python. This update provides the corresponding updates for Ubuntu ... |