VYPR

rpm package

suse/python3&distro=SUSE Linux Enterprise Server 12-LTSS

pkg:rpm/suse/python3&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS

Vulnerabilities (3)

  • CVE-2019-5010Oct 31, 2019
    affected < 3.4.6-25.21.1fixed 3.4.6-25.21.1

    An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connection

  • CVE-2019-9636Mar 8, 2019
    affected < 3.4.6-25.24.1fixed 3.4.6-25.24.1

    Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a given hostname). The component

  • CVE-2018-20406Dec 23, 2018
    affected < 3.4.6-25.21.1fixed 3.4.6-25.21.1

    Modules/_pickle.c in Python before 3.7.1 has an integer overflow via a large LONG_BINPUT value that is mishandled during a "resize to twice the size" attempt. This issue might cause memory exhaustion, but is only relevant if the pickle format is used for serializing tens or hundr