VYPR

rpm package

suse/python39-core&distro=SUSE Linux Enterprise Server 15 SP3-LTSS

pkg:rpm/suse/python39-core&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS

Vulnerabilities (22)

  • CVE-2022-25236CriFeb 16, 2022
    affected < 3.9.18-150300.4.38.1fixed 3.9.18-150300.4.38.1

    xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.

  • CVE-2007-4559CriAug 28, 2007
    affected < 3.9.17-150300.4.30.1fixed 3.9.17-150300.4.30.1

    Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.

Page 2 of 2