Search CVE reports


Toggle filters

21 – 29 of 29 results


CVE-2012-2135

Low priority
Fixed

The utf-16 decoder in Python 3.1 through 3.3 does not update the aligned_end variable after calling the unicode_decode_call_errorhandler function, which allows remote attackers to obtain sensitive information (process memory) or...

3 affected packages

python3.1, python3.2, python3.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python3.1
python3.2
python3.3
Show less packages

CVE-2012-1150

Medium priority

Some fixes available 9 of 14

Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause...

6 affected packages

python2.4, python2.5, python2.6, python2.7, python3.1, python3.2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python2.4
python2.5
python2.6
python2.7
python3.1
python3.2
Show less packages

CVE-2012-0845

Low priority

Some fixes available 11 of 14

SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an...

6 affected packages

python2.4, python2.5, python2.6, python2.7, python3.1, python3.2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python2.4
python2.5
python2.6
python2.7
python3.1
python3.2
Show less packages

CVE-2011-1521

Medium priority

Some fixes available 9 of 12

The urllib and urllib2 modules in Python 2.x before 2.7.2 and 3.x before 3.2.1 process Location headers that specify redirection to file: URLs, which makes it easier for remote attackers to obtain sensitive information or cause a...

6 affected packages

python2.4, python2.5, python2.6, python2.7, python3.1, python3.2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python2.4
python2.5
python2.6
python2.7
python3.1
python3.2
Show less packages

CVE-2010-3492

Negligible priority
Ignored

The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should handle unsuccessful calls to the...

4 affected packages

python2.6, python2.7, python3.1, python3.2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python2.6
python2.7
python3.1
python3.2
Show less packages

CVE-2010-3493

Negligible priority

Some fixes available 4 of 7

Multiple race conditions in smtpd.py in the smtpd module in Python 2.6, 2.7, 3.1, and 3.2 alpha allow remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection,...

6 affected packages

python2.4, python2.5, python2.6, python2.7, python3.1, python3.2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python2.4
python2.5
python2.6
python2.7
python3.1
python3.2
Show less packages

CVE-2010-2089

Low priority

Some fixes available 4 of 11

The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application...

6 affected packages

python2.4, python2.5, python2.6, python2.7, python3.1, python3.2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python2.4
python2.5
python2.6
python2.7
python3.1
python3.2
Show less packages

CVE-2010-1634

Low priority

Some fixes available 4 of 11

Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service (application crash) via a large fragment, as demonstrated by a call to...

6 affected packages

python2.4, python2.5, python2.6, python2.7, python3.1, python3.2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python2.4
python2.5
python2.6
python2.7
python3.1
python3.2
Show less packages

CVE-2008-5983

Low priority

Some fixes available 4 of 14

Untrusted search path vulnerability in the PySys_SetArgv API function in Python 2.6 and earlier, and possibly later versions, prepends an empty string to sys.path when the argv[0] argument does not contain a path separator, which...

6 affected packages

python2.4, python2.5, python2.6, python2.7, python3.1, python3.2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python2.4
python2.5
python2.6
python2.7
python3.1
python3.2
Show less packages