VYPR

rpm package

suse/python-rpm-macros&distro=SUSE OpenStack Cloud Crowbar 8

pkg:rpm/suse/python-rpm-macros&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208

Vulnerabilities (3)

  • CVE-2019-9674Feb 4, 2020
    affected < 20200207.5feb6c1-3.19.1fixed 20200207.5feb6c1-3.19.1

    Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.

  • CVE-2020-8492Jan 30, 2020
    affected < 20200207.5feb6c1-3.19.1fixed 20200207.5feb6c1-3.19.1

    Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtr

  • CVE-2019-18348Oct 23, 2019
    affected < 20200207.5feb6c1-3.19.1fixed 20200207.5feb6c1-3.19.1

    An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in the host compone