VYPR

rpm package

almalinux/python38-PyMySQL

pkg:rpm/almalinux/python38-PyMySQL

Vulnerabilities (25)

  • CVE-2020-27783Dec 3, 2020
    affected < 0.10.1-1.module_el8.6.0+2778+cd494b30fixed 0.10.1-1.module_el8.6.0+2778+cd494b30

    A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code.

  • CVE-2020-26116Sep 27, 2020
    affected < 0.10.1-1.module_el8.6.0+2778+cd494b30fixed 0.10.1-1.module_el8.6.0+2778+cd494b30

    http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.reque

  • CVE-2020-1747Mar 24, 2020
    affected < 0.10.1-1.module_el8.6.0+2778+cd494b30fixed 0.10.1-1.module_el8.6.0+2778+cd494b30

    A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untru

  • CVE-2019-18874Nov 12, 2019
    affected < 0.10.1-1.module_el8.6.0+2778+cd494b30fixed 0.10.1-1.module_el8.6.0+2778+cd494b30

    psutil (aka python-psutil) through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object.

  • CVE-2007-4559CriAug 28, 2007
    affected < 0.10.1-1.module_el8.6.0+2778+cd494b30fixed 0.10.1-1.module_el8.6.0+2778+cd494b30

    Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.

Page 2 of 2