rpm package
suse/python-base&distro=SUSE Linux Enterprise Server 15 SP2-BCL
pkg:rpm/suse/python-base&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-BCL
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-28861 | — | < 2.7.18-150000.44.1 | 2.7.18-150000.44.1 | Aug 23, 2022 | Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation | ||
| CVE-2015-20107 | — | < 2.7.18-150000.41.1 | 2.7.18-150000.41.1 | Apr 13, 2022 | In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validati |
- CVE-2021-28861Aug 23, 2022affected < 2.7.18-150000.44.1fixed 2.7.18-150000.44.1
Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation
- CVE-2015-20107Apr 13, 2022affected < 2.7.18-150000.41.1fixed 2.7.18-150000.41.1
In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validati