The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Python

Python: denial of service via http.cookiejar ReDoS
An attacker can trigger a fatal error via http.cookiejar ReDoS of Python, in order to trigger a denial of service...
FEDORA-2020-16167a66a2, FEDORA-2020-4cf7c3910b, VIGILANCE-VUL-31194
Python urllib2: information disclosure via CRLF Injection Host Control Characters
An attacker can bypass access restrictions to data via CRLF Injection Host Control Characters of Python urllib2, in order to obtain sensitive information...
6206164, 6206166, CVE-2019-18348, DLA-2280-1, FEDORA-2020-16167a66a2, FEDORA-2020-4cf7c3910b, FEDORA-2020-8bdd3fd7a4, FEDORA-2020-ea5bdbcc90, openSUSE-SU-2020:0696-1, openSUSE-SU-2020:2332-1, openSUSE-SU-2020:2333-1, RHSA-2020:4273-01, RHSA-2020:4285-01, SUSE-SU-2020:0750-1, SUSE-SU-2020:1339-1, SUSE-SU-2020:3865-1, SUSE-SU-2020:3930-1, SUSE-SU-2021:0794-1, USN-4333-1, USN-4333-2, VIGILANCE-VUL-30709
Python: Cross Site Scripting via DocXMLRPCServer.py
An attacker can trigger a Cross Site Scripting via DocXMLRPCServer.py of Python, in order to run JavaScript code in the context of the web site...
1102875, 6408848, cpujul2020, CVE-2019-16935, DLA-2280-1, DLA-2628-1, openSUSE-SU-2019:2389-1, openSUSE-SU-2019:2393-1, openSUSE-SU-2019:2438-1, openSUSE-SU-2019:2453-1, openSUSE-SU-2020:0086-1, openSUSE-SU-2020:2332-1, openSUSE-SU-2020:2333-1, RHSA-2020:3888-01, RHSA-2020:3911-01, RHSA-2020:4285-01, RHSA-2020:4433-01, SUSE-SU-2019:2748-1, SUSE-SU-2019:2748-2, SUSE-SU-2020:0114-1, SUSE-SU-2020:0234-1, SUSE-SU-2020:2699-1, SUSE-SU-2020:3930-1, USN-4151-1, USN-4151-2, VIGILANCE-VUL-30477
Python: information disclosure via Email Address Multiple At Characters
An attacker can bypass access restrictions to data via Email Address Multiple At Characters of Python, in order to obtain sensitive information...
cpuapr2020, cpujul2020, CVE-2019-16056, DLA-1924-1, DLA-1925-1, DLA-2280-1, DLA-2337-1, FEDORA-2019-2b1f72899a, FEDORA-2019-d58eb75449, openSUSE-SU-2019:2389-1, openSUSE-SU-2019:2393-1, openSUSE-SU-2019:2438-1, openSUSE-SU-2019:2453-1, openSUSE-SU-2020:0086-1, RHSA-2019:3725-01, RHSA-2019:3948-01, RHSA-2020:1131-01, RHSA-2020:1132-01, RHSA-2020:1605-01, RHSA-2020:1764-01, RHSA-2020:2520-01, SUSE-SU-2019:2748-1, SUSE-SU-2019:2748-2, SUSE-SU-2020:0114-1, SUSE-SU-2020:0234-1, SUSE-SU-2020:0302-1, SUSE-SU-2020:3563-1, SUSE-SU-2021:14198-1, USN-4151-1, USN-4151-2, VIGILANCE-VUL-30278
libexpat: out-of-bounds memory reading via XML_GetCurrentLineNumber
An attacker can force a read at an invalid address via XML_GetCurrentLineNumber() of libexpat, in order to trigger a denial of service, or to obtain sensitive information...
3609135, 6403285, 6408848, 6411016, CERTFR-2019-AVI-535, cpuapr2020, cpuoct2020, CVE-2019-15903, DLA-1912-1, DLA-1987-1, DLA-1997-1, DSA-4530-1, DSA-4549-1, DSA-4571-1, DSA-4571-2, FEDORA-2019-672ae0f060, FEDORA-2019-6dcf885e38, FEDORA-2019-9505c6b555, FEDORA-2019-9b4ebc2973, HT210785, HT210788, JSA11074, MFSA-2019-33, MFSA-2019-34, MFSA-2019-35, openSUSE-SU-2019:2204-1, openSUSE-SU-2019:2205-1, openSUSE-SU-2019:2420-1, openSUSE-SU-2019:2424-1, openSUSE-SU-2019:2425-1, openSUSE-SU-2019:2447-1, openSUSE-SU-2019:2451-1, openSUSE-SU-2019:2452-1, openSUSE-SU-2019:2459-1, openSUSE-SU-2019:2464-1, openSUSE-SU-2020:0010-1, openSUSE-SU-2020:0086-1, RHSA-2019:3210-01, RHSA-2019:3237-01, RHSA-2019:3756-01, RHSA-2020:3952-01, RHSA-2020:4484-01, SSA:2019-259-01, SSA:2019-293-01, SSA:2019-295-01, SSB-439005, SUSE-SU-2019:2429-1, SUSE-SU-2019:2440-1, SUSE-SU-2019:2871-1, SUSE-SU-2019:2872-1, SUSE-SU-2019:2912-1, SUSE-SU-2020:0114-1, SUSE-SU-2020:0302-1, USN-4132-1, USN-4132-2, USN-4165-1, USN-4165-2, USN-4202-2, VIGILANCE-VUL-30268
Python: information disclosure via Punycode/IDNA NFKC Normalization
An attacker can bypass access restrictions to data via Punycode/IDNA NFKC Normalization of Python, in order to obtain sensitive information...
1102875, bulletinjul2019, CVE-2019-10160, DLA-1834-1, DLA-2280-1, DLA-2337-1, FEDORA-2019-2b1f72899a, openSUSE-SU-2019:1906-1, openSUSE-SU-2020:0086-1, RHSA-2019:1587-01, RHSA-2019:1700-01, SUSE-SU-2019:14142-1, SUSE-SU-2019:2050-1, SUSE-SU-2019:2053-1, SUSE-SU-2019:2053-2, SUSE-SU-2019:2064-1, SUSE-SU-2019:2091-1, SUSE-SU-2020:0114-1, SUSE-SU-2020:0234-1, SUSE-SU-2020:0302-1, USN-4127-1, USN-4127-2, VIGILANCE-VUL-29596
Python urllib: file reading via Blacklist Bypass
A local attacker can read a file via Blacklist Bypass of Python urllib, in order to obtain sensitive information...
1102875, 35907, bulletinjul2019, CVE-2019-9948, DLA-1834-1, DLA-1852-1, DLA-2280-1, DLA-2337-1, DSA-2019-131, openSUSE-SU-2019:1273-1, openSUSE-SU-2019:1282-1, openSUSE-SU-2019:1580-1, RHSA-2019:1700-01, RHSA-2019:2030-01, RHSA-2019:3335-01, RHSA-2019:3520-01, RHSA-2020:1268-01, RHSA-2020:1346-01, RHSA-2020:1462-01, SSA:2019-293-01, SUSE-SU-2019:0972-1, SUSE-SU-2019:14018-1, SUSE-SU-2019:1439-1, SUSE-SU-2020:0234-1, USN-4127-1, USN-4127-2, VIGILANCE-VUL-28848
Python urllib2: information disclosure via CRLF Injection HTTP/Redis
An attacker can bypass access restrictions to data via CRLF Injection HTTP/Redis of Python urllib2, in order to obtain sensitive information...
1102875, 35906, bulletinjul2019, CVE-2019-9947, DLA-1834-1, DLA-1835-1, DLA-1835-2, DLA-2280-1, DLA-2337-1, FEDORA-2019-1ffd6b6064, openSUSE-SU-2019:2389-1, openSUSE-SU-2019:2393-1, openSUSE-SU-2020:0086-1, RHSA-2019:2030-01, RHSA-2019:3335-01, RHSA-2019:3520-01, RHSA-2019:3725-01, RHSA-2020:1268-01, RHSA-2020:1346-01, RHSA-2020:1462-01, SUSE-SU-2019:1352-1, SUSE-SU-2019:1352-2, SUSE-SU-2020:0114-1, SUSE-SU-2020:0234-1, SUSE-SU-2020:0302-1, SUSE-SU-2020:2699-1, USN-4127-1, USN-4127-2, VIGILANCE-VUL-28847
Python urllib2: information disclosure via CRLF Injection
An attacker can bypass access restrictions to data via CRLF Injection of Python urllib2, in order to obtain sensitive information...
36276, bulletinjul2019, CVE-2019-9740, DLA-1834-1, DLA-1835-1, DLA-1835-2, DLA-2280-1, DLA-2337-1, FEDORA-2019-1ffd6b6064, openSUSE-SU-2019:2131-1, openSUSE-SU-2019:2133-1, RHSA-2019:2030-01, RHSA-2019:3335-01, RHSA-2019:3520-01, RHSA-2019:3725-01, RHSA-2020:1268-01, RHSA-2020:1346-01, RHSA-2020:1462-01, SSA:2019-293-01, SUSE-SU-2019:2331-1, SUSE-SU-2019:2332-1, SUSE-SU-2019:2370-1, USN-4127-1, USN-4127-2, VIGILANCE-VUL-28846
Python: information disclosure via Cookie Domain Check
An attacker can bypass access restrictions to data via Cookie Domain Check of Python, in order to obtain sensitive information...
35121, bulletinoct2019, cpuapr2020, CVE-2018-20852, DLA-1889-1, DLA-1906-1, DLA-2280-1, DLA-2337-1, openSUSE-SU-2019:1988-1, openSUSE-SU-2019:1989-1, openSUSE-SU-2020:0086-1, RHSA-2019:3725-01, RHSA-2019:3948-01, RHSA-2020:1131-01, RHSA-2020:1132-01, RHSA-2020:1605-01, RHSA-2020:1764-01, SUSE-SU-2019:14142-1, SUSE-SU-2019:2050-1, SUSE-SU-2019:2091-1, SUSE-SU-2019:2114-1, SUSE-SU-2020:0114-1, SUSE-SU-2020:0234-1, SUSE-SU-2020:0302-1, USN-4127-1, USN-4127-2, VIGILANCE-VUL-28767
Our database contains other pages. You can request a free trial to read them.

Display information about Python: