Search CVE reports
71 – 74 of 74 results
CVE-2016-0772
Medium prioritySome fixes available 7 of 10
The smtplib library in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 does not return an error when StartTLS fails, which might allow man-in-the-middle attackers to bypass the TLS protections by...
4 affected packages
python2.7, python3.2, python3.4, python3.5
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
python2.7 | — | Not affected | Not affected | Not affected | Fixed |
python3.2 | — | Not in release | Not in release | Not in release | Not in release |
python3.4 | — | Not in release | Not in release | Not in release | Not in release |
python3.5 | — | Not in release | Not in release | Not in release | Fixed |
CVE-2016-1000110
Medium prioritySome fixes available 7 of 10
The CGIHandler class in Python before 2.7.12 does not protect against the HTTP_PROXY variable name clash in a CGI script, which could allow a remote attacker to redirect HTTP requests.
4 affected packages
python2.7, python3.2, python3.4, python3.5
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
python2.7 | — | Not affected | Not affected | Not affected | Fixed |
python3.2 | — | Not in release | Not in release | Not in release | Not in release |
python3.4 | — | Not in release | Not in release | Not in release | Not in release |
python3.5 | — | Not in release | Not in release | Not in release | Fixed |
CVE-2015-5652
Low priorityUntrusted search path vulnerability in python.exe in Python through 3.5.0 on Windows allows local users to gain privileges via a Trojan horse readline.pyd file in the current working directory. NOTE: the vendor says "It was...
4 affected packages
python2.7, python3.2, python3.4, python3.5
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
python2.7 | — | — | — | Not affected | Not affected |
python3.2 | — | — | — | — | — |
python3.4 | — | — | — | Not in release | Not in release |
python3.5 | — | — | — | Not in release | Not affected |
CVE-2007-4559
Medium prioritySome fixes available 2 of 30
Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR...
16 affected packages
python2.3, python2.4, python2.5, python2.6, python2.7...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
python2.3 | — | — | — | — | — |
python2.4 | — | — | — | — | — |
python2.5 | — | — | — | — | — |
python2.6 | — | — | — | — | — |
python2.7 | — | Ignored | Ignored | Ignored | Ignored |
python3.0 | — | — | — | — | — |
python3.1 | — | — | — | — | — |
python3.10 | — | Fixed | Not in release | Not in release | Not in release |
python3.11 | — | Ignored | Not in release | Not in release | Not in release |
python3.12 | — | Not in release | Not in release | Not in release | Not in release |
python3.4 | — | Not in release | Not in release | Not in release | Not in release |
python3.5 | — | Not in release | Not in release | Not in release | Ignored |
python3.6 | — | Not in release | Not in release | Ignored | Not in release |
python3.7 | — | Not in release | Not in release | Ignored | Not in release |
python3.8 | — | Not in release | Ignored | Ignored | Not in release |
python3.9 | — | Not in release | Ignored | Not in release | Not in release |