Medium severity6.7OSV Advisory· Published Mar 7, 2018· Updated Jun 17, 2026
CVE-2018-1000117
CVE-2018-1000117
Description
Python Software Foundation CPython version From 3.2 until 3.6.4 on Windows contains a Buffer Overflow vulnerability in os.symlink() function on Windows that can result in Arbitrary code execution, likely escalation of privilege. This attack appears to be exploitable via a python script that creates a symlink with an attacker controlled name or location. This vulnerability appears to have been fixed in 3.7.0 and 3.6.5.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2v0.9.8, v0.9.9, v1.0.1, …+ 1 more
- (no CPE)range: v0.9.8, v0.9.9, v1.0.1, …
- (no CPE)range: >=3.2, <=3.6.4
Patches
Vulnerability mechanics
References
2- bugs.python.org/issue33001nvdIssue TrackingPatchThird Party Advisory
- github.com/python/cpython/pull/5989nvdIssue TrackingPatchVendor Advisory
News mentions
0No linked articles in our index yet.