Search CVE reports
111 – 112 of 112 results
Some fixes available 4 of 14
Untrusted search path vulnerability in the PySys_SetArgv API function in Python 2.6 and earlier, and possibly later versions, prepends an empty string to sys.path when the argv[0] argument does not contain a path separator, which...
6 affected packages
python2.4, python2.5, python2.6, python2.7, python3.1, python3.2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| python2.4 | — | — | — | — |
| python2.5 | — | — | — | — |
| python2.6 | — | — | — | — |
| python2.7 | — | — | — | — |
| python3.1 | — | — | — | — |
| python3.2 | — | — | — | — |
Some fixes available 2 of 28
Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR...
16 affected packages
python2.3, python2.4, python2.5, python2.6, python3.0...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| python2.3 | — | — | — | — |
| python2.4 | — | — | — | — |
| python2.5 | — | — | — | — |
| python2.6 | — | — | — | — |
| python3.0 | — | — | — | — |
| python3.1 | — | — | — | — |
| python2.7 | — | Ignored | Not in release | Ignored |
| python3.4 | — | Not in release | Not in release | Not in release |
| python3.5 | — | Not in release | Not in release | Not in release |
| python3.6 | — | Not in release | Not in release | Ignored |
| python3.7 | — | Not in release | Not in release | Ignored |
| python3.8 | — | Not in release | Ignored | Ignored |
| python3.9 | — | Not in release | Not in release | Not in release |
| python3.10 | — | Fixed | Not in release | Not in release |
| python3.11 | — | Ignored | Not in release | Not in release |
| python3.12 | — | Not in release | Not in release | Not in release |