VYPR

rpm package

suse/python-base&distro=SUSE Linux Enterprise Server for SAP Applications 12

pkg:rpm/suse/python-base&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012

Vulnerabilities (3)

  • CVE-2013-1753Mar 11, 2020
    affected < 2.7.9-14.1fixed 2.7.9-14.1

    The gzip_decode function in the xmlrpc client library in Python 3.4 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP request.

  • CVE-2014-4650Feb 20, 2020
    affected < 2.7.9-14.1fixed 2.7.9-14.1

    The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character

  • CVE-2014-7185Oct 8, 2014
    affected < 2.7.9-14.1fixed 2.7.9-14.1

    Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function.