VYPR

rpm package

opensuse/python3&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/python3&distro=openSUSE%20Tumbleweed

Vulnerabilities (2)

  • CVE-2014-4650Feb 20, 2020
    affected < 3.5.1-3.8fixed 3.5.1-3.8

    The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character

  • CVE-2013-4238Aug 18, 2013
    affected < 3.5.1-3.8fixed 3.5.1-3.8

    The ssl.match_hostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a craf