VYPR

rpm package

suse/python36&distro=SUSE Linux Enterprise Server 12 SP5

pkg:rpm/suse/python36&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Vulnerabilities (43)

  • CVE-2018-1060HigJun 18, 2018
    affected < 3.6.10-4.3.5fixed 3.6.10-4.3.5

    python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.

  • CVE-2017-18207MedMar 1, 2018
    affected < 3.6.10-4.3.5fixed 3.6.10-4.3.5

    The Wave_read._read_fmt_chunk function in Lib/wave.py in Python through 3.6.4 does not ensure a nonzero channel value, which allows attackers to cause a denial of service (divide-by-zero and exception) via a crafted wav format audio file. NOTE: the vendor disputes this issue beca

  • CVE-2007-4559CriAug 28, 2007
    affected < 3.6.15-46.1fixed 3.6.15-46.1

    Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.

Page 3 of 3