rpm package
opensuse/python3&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/python3&distro=openSUSE%20Tumbleweed
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2014-4650 | — | < 3.5.1-3.8 | 3.5.1-3.8 | Feb 20, 2020 | The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character | ||
| CVE-2013-4238 | — | < 3.5.1-3.8 | 3.5.1-3.8 | Aug 18, 2013 | The ssl.match_hostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a craf |
- CVE-2014-4650Feb 20, 2020affected < 3.5.1-3.8fixed 3.5.1-3.8
The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character
- CVE-2013-4238Aug 18, 2013affected < 3.5.1-3.8fixed 3.5.1-3.8
The ssl.match_hostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a craf