CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2021-25322 – python-HyperKitty: hyperkitty-permissions.sh used during %post allows local privilege escalation from hyperkitty user to root
https://notcve.org/view.php?id=CVE-2021-25322
10 Jun 2021 — A UNIX Symbolic Link (Symlink) Following vulnerability in python-HyperKitty of openSUSE Leap 15.2, Factory allows local attackers to escalate privileges from the user hyperkitty or hyperkitty-admin to root. This issue affects: openSUSE Leap 15.2 python-HyperKitty version 1.3.2-lp152.2.3.1 and prior versions. openSUSE Factory python-HyperKitty versions prior to 1.3.4-5.1. Una vulnerabilidad de seguimiento de enlaces simbólicos UNIX (Symlink) en python-HyperKitty de openSUSE Leap 15.2, Factory permite a ataca... • https://bugzilla.suse.com/show_bug.cgi?id=1182373 • CWE-61: UNIX Symbolic Link (Symlink) Following •
CVSS: 6.1EPSS: 1%CPEs: 5EXPL: 0CVE-2021-32052 – Ubuntu Security Notice USN-5373-1
https://notcve.org/view.php?id=CVE-2021-32052
06 May 2021 — In Django 2.2 before 2.2.22, 3.1 before 3.1.10, and 3.2 before 3.2.2 (with Python 3.9.5+), URLValidator does not prohibit newlines and tabs (unless the URLField form field is used). If an application uses values with newlines in an HTTP response, header injection can occur. Django itself is unaffected because HttpResponse prohibits newlines in HTTP headers. En Django 2.2 versiones anteriores a 2.2.22, 3.1 versiones anteriores a 3.1.10 y 3.2 versiones anteriores a 3.2.2 (con Python 3.9.5+), URLValidator no p... • http://www.openwall.com/lists/oss-security/2021/05/06/1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 1%CPEs: 8EXPL: 2CVE-2021-29921 – python-ipaddress: Improper input validation of octal strings
https://notcve.org/view.php?id=CVE-2021-29921
06 May 2021 — In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This (in some situations) allows attackers to bypass access control that is based on IP addresses. En Python antes de la versiones 3,9,5, la biblioteca ipaddress maneja mal los caracteres cero iniciales en los octetos de una cadena de direcciones IP. Esto (en algunas situaciones) permite a los atacantes eludir el control de acceso que se basa en las direcciones IP A flaw was found in pytho... • https://bugs.python.org/issue36384 • CWE-20: Improper Input Validation •
CVSS: 5.7EPSS: 0%CPEs: 22EXPL: 0CVE-2021-3426 – python: Information disclosure via pydoc
https://notcve.org/view.php?id=CVE-2021-3426
03 May 2021 — There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to access. The highest risk of this flaw is to data confidentiality. This flaw affects Python versions before 3.8.9, Python versions before 3.9.3 and Python versions before 3.10.0a7. Se presenta un fallo en pydoc de Pytho... • https://bugzilla.redhat.com/show_bug.cgi?id=1935913 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-28667
https://notcve.org/view.php?id=CVE-2021-28667
18 Mar 2021 — StackStorm before 3.4.1, in some situations, has an infinite loop that consumes all available memory and disk space. This can occur if Python 3.x is used, the locale is not utf-8, and there is an attempt to log Unicode data (from an action or rule name). StackStorm versiones anteriores a 3.4.1, en algunas situaciones, presenta un bucle infinito que consume toda la memoria disponible y el espacio en disco. Esto puede ocurrir si se usa Python versión 3.x, la configuración regional no es utf-8 y se intent... • https://stackstorm.com/2021/03/10/stackstorm-v3-4-1-security-fix • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.9EPSS: 0%CPEs: 19EXPL: 1CVE-2021-23336 – Web Cache Poisoning
https://notcve.org/view.php?id=CVE-2021-23336
15 Feb 2021 — The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious ... • http://www.openwall.com/lists/oss-security/2021/02/19/4 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 9.8EPSS: 0%CPEs: 15EXPL: 1CVE-2021-3177 – python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c
https://notcve.org/view.php?id=CVE-2021-3177
19 Jan 2021 — Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely. Python versiones 3.x hasta 3.9.1, presenta un desbordamiento de búfer en la función PyCArg_repr en el archivo _ctypes/callproc.c, que puede conllevar a una ejecución de código remota en determina... • https://bugs.python.org/issue42938 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.9EPSS: 4%CPEs: 3EXPL: 0CVE-2020-29396
https://notcve.org/view.php?id=CVE-2020-29396
22 Dec 2020 — A sandboxing issue in Odoo Community 11.0 through 13.0 and Odoo Enterprise 11.0 through 13.0, when running with Python 3.6 or later, allows remote authenticated users to execute arbitrary code, leading to privilege escalation. Un problema del sandboxing en Odoo Community versiones 11.0 hasta 13.0 y Odoo Enterprise versiones 11.0 hasta 13.0, cuando se ejecuta con Python versiones 3.6 o posteriores, permite a usuarios autenticados remotos ejecutar código arbitrario, conllevando a una escalada de privilegios • https://github.com/odoo/odoo/issues/63712 • CWE-267: Privilege Defined With Unsafe Actions •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-26244 – Cryptographic issues in Python oic
https://notcve.org/view.php?id=CVE-2020-26244
02 Dec 2020 — Python oic is a Python OpenID Connect implementation. In Python oic before version 1.2.1, there are several related cryptographic issues affecting client implementations that use the library. The issues are: 1) The IdToken signature algorithm was not checked automatically, but only if the expected algorithm was passed in as a kwarg. 2) JWA `none` algorithm was allowed in all flows. 3) oic.consumer.Consumer.parse_authz returns an unverified IdToken. The verification of the token was left to the discretion of... • https://github.com/OpenIDC/pyoidc/commit/62f8d753fa17c8b1f29f8be639cf0b33afb02498 • CWE-325: Missing Cryptographic Step CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 1CVE-2020-25658 – python-rsa: bleichenbacher timing oracle attack against RSA decryption
https://notcve.org/view.php?id=CVE-2020-25658
12 Nov 2020 — It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA. Se detectó que python-rsa es vulnerable a los ataques de sincronización de tipo Bleichenbacher. Un atacante puede utilizar este fallo por medio de la API de descifrado RSA para descifrar partes del texto cifrado con RSA A flaw was found in python-rsa, where it is vulnerable to Bleichenbacher timing attacks. This fla... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25658 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-385: Covert Timing Channel •