cpe:/a:python:python:2.7.13 cpe:/o:debian:debian_linux:7.0 cpe:/o:debian:debian_linux:8.0 cpe:/o:debian:debian_linux:9.0 CVE-2017-1000158 2017-11-17T00:29:00.280-05:00 2019-10-02T20:03:26.223-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2019-05-03T08:36:55.823-04:00 SECTRACK 1039890 DEBIAN DSA-4307 GENTOO GLSA-201805-02 MLIST [debian-lts-announce] 20171124 [SECURITY] [DLA 1189-1] python2.7 security update MLIST [debian-lts-announce] 20171124 [SECURITY] [DLA 1190-1] python2.6 security update MLIST [debian-lts-announce] 20180925 [SECURITY] [DLA 1519-1] python2.7 security update MLIST [debian-lts-announce] 20180926 [SECURITY] [DLA 1520-1] python3.4 security update MISC https://bugs.python.org/issue30657 CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)