VYPR

rpm package

suse/python-base&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS

pkg:rpm/suse/python-base&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOS

Vulnerabilities (2)

  • CVE-2021-28861Aug 23, 2022
    affected < 2.7.18-150000.44.1fixed 2.7.18-150000.44.1

    Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation

  • CVE-2015-20107Apr 13, 2022
    affected < 2.7.18-150000.41.1fixed 2.7.18-150000.41.1

    In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validati