rpm package
suse/python3-core&distro=SUSE Linux Enterprise Real Time 15 SP3
pkg:rpm/suse/python3-core&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP3
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-24329 | — | < 3.6.15-150300.10.45.1 | 3.6.15-150300.10.45.1 | Feb 17, 2023 | An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. | ||
| CVE-2022-45061 | — | < 3.6.15-150300.10.40.1 | 3.6.15-150300.10.40.1 | Nov 9, 2022 | An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hos | ||
| CVE-2007-4559 | Cri | 9.8 | < 3.6.15-150300.10.48.1 | 3.6.15-150300.10.48.1 | Aug 28, 2007 | Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267. |
- CVE-2023-24329Feb 17, 2023affected < 3.6.15-150300.10.45.1fixed 3.6.15-150300.10.45.1
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.
- CVE-2022-45061Nov 9, 2022affected < 3.6.15-150300.10.40.1fixed 3.6.15-150300.10.40.1
An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hos
- affected < 3.6.15-150300.10.48.1fixed 3.6.15-150300.10.48.1
Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.