VYPR

rpm package

almalinux/python2-bson

pkg:rpm/almalinux/python2-bson

Vulnerabilities (22)

  • CVE-2020-28493Feb 1, 2021
    affected < 3.7.0-1.module_el8.6.0+2781+fed64c13fixed 3.7.0-1.module_el8.6.0+2781+fed64c13

    This affects the package jinja2 from 0.0.0 and before 2.11.3. The ReDoS vulnerability is mainly due to the `_punctuation_re regex` operator and its use of multiple wildcards. The last wildcard is the most exploitable as it searches for trailing punctuation. This issue can be miti

  • CVE-2020-27619Oct 22, 2020
    affected < 3.7.0-1.module_el8.6.0+2781+fed64c13fixed 3.7.0-1.module_el8.6.0+2781+fed64c13

    In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP.

Page 2 of 2