The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of CPython

Python: vulnerability via Invalid Glob Documentation
A vulnerability via Invalid Glob Documentation of Python was announced...
33275, CVE-2019-17514, USN-4428-1, VIGILANCE-VUL-32904
Python: denial of service via NEWOBJ_EX
An attacker can trigger a fatal error via NEWOBJ_EX of Python, in order to trigger a denial of service...
41288, VIGILANCE-VUL-32889
Python: overload via TAR File
An attacker can trigger an overload via TAR File of Python, in order to trigger a denial of service...
39017, bulletinjul2020, CVE-2019-20907, DLA-2337-1, FEDORA-2020-16167a66a2, FEDORA-2020-1ddd5273d6, FEDORA-2020-4cf7c3910b, FEDORA-2020-826b24c329, FEDORA-2020-87c0a0a52d, FEDORA-2020-d30881c970, FEDORA-2020-d808fdd597, FEDORA-2020-dfb11916cc, FEDORA-2020-e9251de272, FEDORA-2020-efb908b6a8, openSUSE-SU-2020:1254-1, openSUSE-SU-2020:1257-1, openSUSE-SU-2020:1258-1, openSUSE-SU-2020:1265-1, RHSA-2020:4273-01, RHSA-2020:4285-01, RHSA-2020:4299-01, SUSE-SU-2020:2216-1, SUSE-SU-2020:2275-1, SUSE-SU-2020:2276-1, SUSE-SU-2020:2277-1, SUSE-SU-2020:2699-1, USN-4428-1, VIGILANCE-VUL-32888
Python: information disclosure via HTTP Header Injection
An attacker can bypass access restrictions to data via HTTP Header Injection of Python, in order to obtain sensitive information...
39603, CVE-2020-26116, FEDORA-2020-16167a66a2, FEDORA-2020-4cf7c3910b, FEDORA-2020-887d3fa26f, FEDORA-2020-d30881c970, RHSA-2020:4273-01, RHSA-2020:4285-01, RHSA-2020:4299-01, USN-4581-1, VIGILANCE-VUL-32884
Python Core Windows 3.8: executing DLL code via python3x._pth
An attacker can create a malicious python3x._pth/python._pth DLL, and then put it in the current directory of Python Core Windows 3.8, in order to execute code...
41304, CVE-2020-15801, VIGILANCE-VUL-32882
Python: executing DLL code via python3.dll
An attacker can create a malicious python3.dll DLL, and then put it in the current directory of Python, in order to execute code...
29778, CVE-2020-15523, FEDORA-2020-16167a66a2, FEDORA-2020-4cf7c3910b, RHSA-2020:2823-01, VIGILANCE-VUL-32711
Python: denial of service via Lib/ipaddress.py Hash Collision
An attacker can trigger a fatal error via Lib/ipaddress.py Hash Collision of Python, in order to trigger a denial of service...
CVE-2020-14422, DLA-2280-1, FEDORA-2020-16167a66a2, FEDORA-2020-1ddd5273d6, FEDORA-2020-4cf7c3910b, FEDORA-2020-705c6ea5be, FEDORA-2020-87c0a0a52d, FEDORA-2020-b513391ca8, FEDORA-2020-d30881c970, FEDORA-2020-d808fdd597, FEDORA-2020-dfb11916cc, FEDORA-2020-efb908b6a8, openSUSE-SU-2020:0931-1, openSUSE-SU-2020:0940-1, openSUSE-SU-2020:0989-1, openSUSE-SU-2020:1002-1, RHSA-2020:4285-01, RHSA-2020:4299-01, SUSE-SU-2020:1822-1, SUSE-SU-2020:2157-1, SUSE-SU-2020:2216-1, SUSE-SU-2020:2699-1, USN-4428-1, VIGILANCE-VUL-32588
Python email.headerregistry.Address: message corruption via a end of line injection
An attacker can corrupt a message created by an application using the Python class email.headerregistry.Address...
39073, FEDORA-2020-16167a66a2, FEDORA-2020-4cf7c3910b, VIGILANCE-VUL-32357
Python: denial of service via urllib.request.AbstractBasicAuthHandler
An attacker can trigger a fatal error via urllib.request.AbstractBasicAuthHandler of Python, in order to trigger a denial of service...
6206164, 6206166, CVE-2020-8492, DLA-2280-1, FEDORA-2020-16167a66a2, FEDORA-2020-4cf7c3910b, FEDORA-2020-6a88dad4a0, FEDORA-2020-8bdd3fd7a4, FEDORA-2020-ea5bdbcc90, openSUSE-SU-2020:0274-1, RHSA-2020:3888-01, RHSA-2020:4285-01, SUSE-SU-2020:0467-1, SUSE-SU-2020:0510-1, SUSE-SU-2020:0557-1, SUSE-SU-2020:14306-1, USN-4333-1, USN-4333-2, VIGILANCE-VUL-31481
Python: executing DLL code via Windows 7 api-ms-win-core-path-l1-1-0.dll
An attacker can create a malicious Windows 7 api-ms-win-core-path-l1-1-0.dll DLL, and then put it in the current directory of Python, in order to execute code...
39401, CVE-2020-8315, VIGILANCE-VUL-31456
Our database contains other pages. You can request a free trial to read them.

Display information about CPython: