CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2020-15523
https://notcve.org/view.php?id=CVE-2020-15523
In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, and 3.9 through 3.9.0b4 on Windows, a Trojan horse python3.dll might be used in cases where CPython is embedded in a native application. This occurs because python3X.dll may use an invalid search path for python3.dll loading (after Py_SetPath has been used). NOTE: this issue CANNOT occur when using python.exe from a standard (non-embedded) Python installation on Windows. En Python versiones 3.6 hasta 3.6.10, 3.7 hasta 3.7.8, 3.8 hasta 3.8.4rc1 y 3.9 hasta 3.9.0b4 en Windows, se puede usar una python3.dll de tipo caballo de Troya en los casos en que CPython está incorporado en una aplicación nativa. Esto se produce porque python3X.dll puede usar una ruta de búsqueda no válida para cargar python3.dll (después de que haya sido usado Py_SetPath). • https://bugs.python.org/issue29778 https://github.com/python/cpython/pull/21297 https://security.netapp.com/advisory/ntap-20210312-0004 • CWE-427: Uncontrolled Search Path Element CWE-908: Use of Uninitialized Resource •
CVSS: 5.9EPSS: 1%CPEs: 9EXPL: 0CVE-2020-14422 – python: DoS via inefficiency in IPv{4,6}Interface classes
https://notcve.org/view.php?id=CVE-2020-14422
Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created. This is fixed in: v3.5.10, v3.5.10rc1; v3.6.12; v3.7.9; v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1; v3.9.0, v3.9.0b4, v3.9.0b5, v3.9.0rc1, v3.9.0rc2. La biblioteca Lib/ipaddress.py en Python versiones hasta 3.8.3, calcula inapropiadamente los valores de hash en las clases IPv4Interface e IPv6Interface, lo que podría permitir a un atacante remoto causar una denegación de servicio si una aplicación está afectada por el desempeño de un diccionario que contiene objetos de IPv4Interface o IPv6Interface, y este atacante puede causar que muchas entradas de diccionario sean creadas. Esto esta corregido en las versiones: v3.5.10, v3.5.10rc1; v3.6.12; v3.7.9; v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1; v3.9.0, v3.9.0b4, v3.9.0b5, v3.9.0rc1, v3.9.0rc2 A vulnerability was found in the way the ipaddress python module computes hash values in the IPv4Interface and IPv6Interface classes. This flaw allows an attacker to create many dictionary entries, due to the performance of a dictionary containing the IPv4Interface or IPv6Interface objects, possibly resulting in a denial of service. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00041.html https://bugs.python.org/issue41004 https://github.com/python/cpython/pull/20956 https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html https://lists.debian.org/debian-lts-announce/2023/ • CWE-330: Use of Insufficiently Random Values CWE-400: Uncontrolled Resource Consumption CWE-682: Incorrect Calculation •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2020-13757 – python-rsa: decryption of ciphertext leads to DoS
https://notcve.org/view.php?id=CVE-2020-13757
Python-RSA before 4.1 ignores leading '\0' bytes during decryption of ciphertext. This could conceivably have a security-relevant impact, e.g., by helping an attacker to infer that an application uses Python-RSA, or if the length of accepted ciphertext affects application behavior (such as by causing excessive memory allocation). Python-RSA versión 4.1, ignora bytes '\0' principales durante la desencriptación del texto cifrado. Esto podría tener un impacto relevante para la seguridad, por ejemplo, al ayudar a un atacante a inferir que una aplicación utiliza Python-RSA, o si la longitud del texto cifrado aceptado afecta al comportamiento de la aplicación (por ejemplo, al causar una asignación excesiva de memoria) A flaw was found in the python-rsa package, where it does not explicitly check the ciphertext length against the key size and ignores the leading 0 bytes during the decryption of the ciphertext. This flaw allows an attacker to perform a ciphertext attack, leading to a denial of service. • https://github.com/sybrenstuvel/python-rsa/issues/146 https://github.com/sybrenstuvel/python-rsa/issues/146#issuecomment-641845667 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2KILTHBHNSDUCYV22ODLOKTICJJ7JQIQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZYB65VNILRBTXL6EITQTH2PZPK7I23MW https://usn.ubuntu.com/4478-1 https://access.redhat.com/security/cve/CVE-2020-13757 https://bugzilla.redhat.com/show_bug.cgi?id=1848507 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.9EPSS: 0%CPEs: 1EXPL: 1CVE-2020-11073 – Remote Code Execution in Autoswitch Python Virtualenv
https://notcve.org/view.php?id=CVE-2020-11073
In Autoswitch Python Virtualenv before version 0.16.0, a user who enters a directory with a malicious `.venv` file could run arbitrary code without any user interaction. This is fixed in version: 1.16.0 En Autoswitch Python Virtualenv versiones anteriores a 0.16.0, un usuario que ingresa a un directorio con un archivo malicioso ".venv" podría ejecutar código arbitrario sin interacción del usuario. Esto es corregido en la versión: 1.16.0 • https://github.com/MichaelAquilina/zsh-autoswitch-virtualenv/commit/30c77db7c83eca2bc5f6134fccbdc117b49a6a05 https://github.com/MichaelAquilina/zsh-autoswitch-virtualenv/issues/122 https://github.com/MichaelAquilina/zsh-autoswitch-virtualenv/pull/123 https://github.com/MichaelAquilina/zsh-autoswitch-virtualenv/security/advisories/GHSA-h8wm-cqq6-957q • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2020-11888
https://notcve.org/view.php?id=CVE-2020-11888
python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match succeeds. For example, an attack might use elementname@ or elementname- with an onclick attribute. python-markdown2 versiones hasta 2.3.8, permite un ataque de tipo XSS porque los nombres de los elementos se manejan inapropiadamente a menos que una coincidencia de \w+ tenga éxito. Por ejemplo, un ataque podría usar elementname@ o elementname- con un atributo onclick. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00035.html https://github.com/trentm/python-markdown2/issues/348 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XOAIRJJCZNJUALXDHSIGH5PS2H63A3J https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AQLRBGRVRRZK7P5SFL2MNGXFX37YHJAV https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org& • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •