Home

CVE-2018-20852

Description

http.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong server. An attacker may abuse this flaw by using a server with a hostname that has another valid hostname as a suffix (e.g., pythonicexample.com to steal cookies for example.com). When a program uses http.cookiejar.DefaultPolicy and tries to do an HTTP connection to an attacker-controlled server, existing cookies can be leaked to the attacker. This affects 2.x through 2.7.16, 3.x before 3.4.10, 3.5.x before 3.5.7, 3.6.x before 3.6.9, and 3.7.x before 3.7.3.

Risk Information

Base Score
5.3
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS Score
Exploitation Probability
1.697

Associated Vulnerability

VulnerabilityOS Platform
An interactive high-level object-oriented language (USN-4127-1) python2.7_2.7.16-2ubuntu0.1_i386.debLinux
An interactive high-level object-oriented language (USN-4127-1) python2.7_2.7.16-2ubuntu0.1_amd64.debLinux
An interactive high-level object-oriented language (USN-4127-1) python2.7_2.7.12-1ubuntu0~16.04.8_i386.debLinux
An interactive high-level object-oriented language (USN-4127-1) python2.7_2.7.12-1ubuntu0~16.04.8_amd64.debLinux
An interactive high-level object-oriented language (USN-4127-1) python2.7_2.7.15-4ubuntu4~18.04.1_i386.debLinux
An interactive high-level object-oriented language (USN-4127-1) python2.7_2.7.15-4ubuntu4~18.04.1_amd64.debLinux
An interactive high-level object-oriented language (USN-4127-1) python3.5_3.5.2-2ubuntu0~16.04.8_i386.debLinux
An interactive high-level object-oriented language (USN-4127-1) python3.5_3.5.2-2ubuntu0~16.04.8_amd64.debLinux
An interactive high-level object-oriented language (USN-4127-1) python3.6_3.6.8-1~18.04.2_i386.debLinux
An interactive high-level object-oriented language (USN-4127-1) python3.6_3.6.8-1~18.04.2_amd64.debLinux
An interactive high-level object-oriented language (USN-4127-1) python3.7_3.7.3-2ubuntu0.1_i386.debLinux
An interactive high-level object-oriented language (USN-4127-1) python3.7_3.7.3-2ubuntu0.1_amd64.debLinux
An interactive high-level object-oriented language (USN-4127-1) python2.7-minimal_2.7.16-2ubuntu0.1_i386.debLinux
An interactive high-level object-oriented language (USN-4127-1) python2.7-minimal_2.7.16-2ubuntu0.1_amd64.debLinux
An interactive high-level object-oriented language (USN-4127-1) python2.7-minimal_2.7.12-1ubuntu0~16.04.8_i386.debLinux
An interactive high-level object-oriented language (USN-4127-1) python2.7-minimal_2.7.12-1ubuntu0~16.04.8_amd64.debLinux
An interactive high-level object-oriented language (USN-4127-1) python2.7-minimal_2.7.15-4ubuntu4~18.04.1_i386.debLinux
An interactive high-level object-oriented language (USN-4127-1) python2.7-minimal_2.7.15-4ubuntu4~18.04.1_amd64.debLinux
An interactive high-level object-oriented language (USN-4127-1) python3.5-minimal_3.5.2-2ubuntu0~16.04.8_i386.debLinux
An interactive high-level object-oriented language (USN-4127-1) python3.5-minimal_3.5.2-2ubuntu0~16.04.8_amd64.debLinux
An interactive high-level object-oriented language (USN-4127-1) python3.6-minimal_3.6.8-1~18.04.2_i386.debLinux
An interactive high-level object-oriented language (USN-4127-1) python3.6-minimal_3.6.8-1~18.04.2_amd64.debLinux
An interactive high-level object-oriented language (USN-4127-1) python3.7-minimal_3.7.3-2ubuntu0.1_i386.debLinux
An interactive high-level object-oriented language (USN-4127-1) python3.7-minimal_3.7.3-2ubuntu0.1_amd64.debLinux
SUSE-SU-2019:2798-1(SUSE Linux Enterprise Server 12-SP4 ) libpython3_4m1_0-3.4.6-25.34.2.x86_64.rpmLinux
SUSE-SU-2019:2798-1(SUSE Linux Enterprise Server 12-SP4 ) libpython3_4m1_0-debuginfo-3.4.6-25.34.2.x86_64.rpmLinux
SUSE-SU-2019:2798-1(SUSE Linux Enterprise Server 12-SP4 ) python3-3.4.6-25.34.2.x86_64.rpmLinux
SUSE-SU-2019:2798-1(SUSE Linux Enterprise Desktop 12-SP4 ) libpython3_4m1_0-3.4.6-25.34.2.x86_64_SP4.rpmLinux
SUSE-SU-2019:2798-1(SUSE Linux Enterprise Server 12-SP4 ) python3-base-3.4.6-25.34.2.x86_64.rpmLinux
SUSE-SU-2019:2798-1(SUSE Linux Enterprise Desktop 12-SP4 ) libpython3_4m1_0-debuginfo-3.4.6-25.34.2.x86_64_SP4.rpmLinux
SUSE-SU-2019:2798-1(SUSE Linux Enterprise Server 12-SP4 ) python3-base-debuginfo-3.4.6-25.34.2.x86_64.rpmLinux
SUSE-SU-2019:2798-1(SUSE Linux Enterprise Server 12-SP4 ) python3-base-debugsource-3.4.6-25.34.2.x86_64.rpmLinux
SUSE-SU-2019:2798-1(SUSE Linux Enterprise Server 12-SP4 ) python3-curses-3.4.6-25.34.2.x86_64.rpmLinux
SUSE-SU-2019:2798-1(SUSE Linux Enterprise Server 12-SP4 ) python3-curses-debuginfo-3.4.6-25.34.2.x86_64.rpmLinux
SUSE-SU-2019:2798-1(SUSE Linux Enterprise Server 12-SP4 ) python3-debuginfo-3.4.6-25.34.2.x86_64.rpmLinux
SUSE-SU-2019:2798-1(SUSE Linux Enterprise Server 12-SP4 ) python3-debugsource-3.4.6-25.34.2.x86_64.rpmLinux
SUSE-SU-2019:2798-1(SUSE Linux Enterprise Desktop 12-SP4 ) python3-3.4.6-25.34.2.x86_64_SP4.rpmLinux
SUSE-SU-2019:2798-1(SUSE Linux Enterprise Desktop 12-SP4 ) python3-base-3.4.6-25.34.2.x86_64_SP4.rpmLinux
SUSE-SU-2019:2798-1(SUSE Linux Enterprise Desktop 12-SP4 ) python3-base-debuginfo-3.4.6-25.34.2.x86_64_SP4.rpmLinux
SUSE-SU-2019:2798-1(SUSE Linux Enterprise Desktop 12-SP4 ) python3-base-debugsource-3.4.6-25.34.2.x86_64_SP4.rpmLinux
SUSE-SU-2019:2798-1(SUSE Linux Enterprise Desktop 12-SP4 ) python3-curses-3.4.6-25.34.2.x86_64_SP4.rpmLinux
SUSE-SU-2019:2798-1(SUSE Linux Enterprise Desktop 12-SP4 ) python3-curses-debuginfo-3.4.6-25.34.2.x86_64_SP4.rpmLinux
SUSE-SU-2019:2798-1(SUSE Linux Enterprise Desktop 12-SP4 ) python3-debuginfo-3.4.6-25.34.2.x86_64_SP4.rpmLinux
SUSE-SU-2019:2798-1(SUSE Linux Enterprise Desktop 12-SP4 ) python3-debugsource-3.4.6-25.34.2.x86_64_SP4.rpmLinux
SUSE-SU-2020:0302-1(SUSE Linux Enterprise Server 12-SP5 ) libpython3_6m1_0-3.6.10-4.3.5.x86_64.rpmLinux
SUSE-SU-2020:0302-1(SUSE Linux Enterprise Server 12-SP5 ) libpython3_6m1_0-debuginfo-3.6.10-4.3.5.x86_64.rpmLinux
SUSE-SU-2020:0302-1(SUSE Linux Enterprise Server 12-SP5 ) python36-3.6.10-4.3.5.x86_64.rpmLinux
SUSE-SU-2020:0302-1(SUSE Linux Enterprise Server 12-SP5 ) python36-base-3.6.10-4.3.5.x86_64.rpmLinux
SUSE-SU-2020:0302-1(SUSE Linux Enterprise Server 12-SP5 ) python36-base-debuginfo-3.6.10-4.3.5.x86_64.rpmLinux
SUSE-SU-2020:0302-1(SUSE Linux Enterprise Server 12-SP5 ) python36-base-debugsource-3.6.10-4.3.5.x86_64.rpmLinux
SUSE-SU-2020:0302-1(SUSE Linux Enterprise Server 12-SP5 ) python36-debuginfo-3.6.10-4.3.5.x86_64.rpmLinux
SUSE-SU-2020:0302-1(SUSE Linux Enterprise Server 12-SP5 ) python36-debugsource-3.6.10-4.3.5.x86_64.rpmLinux
(RHSA-2020:1131) python security update python-2.7.5-88.el7.x86_64.rpmLinux
(RHSA-2020:1131) python security update python-debug-2.7.5-88.el7.x86_64.rpmLinux
(RHSA-2020:1131) python security update python-devel-2.7.5-88.el7.x86_64.rpmLinux
(RHSA-2020:1131) python security update python-libs-2.7.5-88.el7.i686.rpmLinux
(RHSA-2020:1131) python security update python-libs-2.7.5-88.el7.x86_64.rpmLinux
(RHSA-2020:1131) python security update python-test-2.7.5-88.el7.x86_64.rpmLinux
(RHSA-2020:1131) python security update python-tools-2.7.5-88.el7.x86_64.rpmLinux
(RHSA-2020:1131) python security update tkinter-2.7.5-88.el7.x86_64.rpmLinux
(RHSA-2020:1132) python3 security update python3-3.6.8-13.el7.i686.rpmLinux
(RHSA-2020:1132) python3 security update python3-3.6.8-13.el7.x86_64.rpmLinux
(RHSA-2020:1132) python3 security update python3-debug-3.6.8-13.el7.i686.rpmLinux
(RHSA-2020:1132) python3 security update python3-debug-3.6.8-13.el7.x86_64.rpmLinux
(RHSA-2020:1132) python3 security update python3-devel-3.6.8-13.el7.i686.rpmLinux
(RHSA-2020:1132) python3 security update python3-devel-3.6.8-13.el7.x86_64.rpmLinux
(RHSA-2020:1132) python3 security update python3-idle-3.6.8-13.el7.i686.rpmLinux
(RHSA-2020:1132) python3 security update python3-idle-3.6.8-13.el7.x86_64.rpmLinux
(RHSA-2020:1132) python3 security update python3-libs-3.6.8-13.el7.i686.rpmLinux
(RHSA-2020:1132) python3 security update python3-libs-3.6.8-13.el7.x86_64.rpmLinux
(RHSA-2020:1132) python3 security update python3-test-3.6.8-13.el7.i686.rpmLinux
(RHSA-2020:1132) python3 security update python3-test-3.6.8-13.el7.x86_64.rpmLinux
(RHSA-2020:1132) python3 security update python3-tkinter-3.6.8-13.el7.i686.rpmLinux
(RHSA-2020:1132) python3 security update python3-tkinter-3.6.8-13.el7.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update Cython-debugsource-0.28.1-7.module+el8.1.0+3111+de3f2d8e.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update PyYAML-debugsource-3.12-16.module+el8.1.0+3111+de3f2d8e.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update babel-2.5.1-9.module+el8.1.0+3111+de3f2d8e.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update numpy-debugsource-1.14.2-13.module+el8.1.0+3323+7ac3e00f.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python-coverage-debugsource-4.5.1-4.module+el8.1.0+3111+de3f2d8e.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python-lxml-debugsource-4.2.3-3.module+el8.1.0+3111+de3f2d8e.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python-nose-docs-1.3.7-30.module+el8.1.0+3111+de3f2d8e.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python-psycopg2-debugsource-2.7.5-7.module+el8.1.0+3111+de3f2d8e.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python-psycopg2-doc-2.7.5-7.module+el8.1.0+3111+de3f2d8e.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python-pymongo-debugsource-3.6.1-11.module+el8.1.0+3446+c3d52da3.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python-sqlalchemy-doc-1.3.2-1.module+el8.1.0+2994+98e054d6.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-2.7.17-1.module+el8.2.0+4561+f4e0d66a.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-Cython-0.28.1-7.module+el8.1.0+3111+de3f2d8e.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-PyMySQL-0.8.0-10.module+el8.1.0+3111+de3f2d8e.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-attrs-17.4.0-10.module+el8.1.0+3111+de3f2d8e.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-babel-2.5.1-9.module+el8.1.0+3111+de3f2d8e.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-backports-1.0-15.module+el8.1.0+3111+de3f2d8e.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-backports-ssl_match_hostname-3.5.0.1-11.module+el8.1.0+3111+de3f2d8e.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-bson-3.6.1-11.module+el8.1.0+3446+c3d52da3.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-chardet-3.0.4-10.module+el8.1.0+3111+de3f2d8e.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-coverage-4.5.1-4.module+el8.1.0+3111+de3f2d8e.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-debug-2.7.17-1.module+el8.2.0+4561+f4e0d66a.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-debugsource-2.7.17-1.module+el8.2.0+4561+f4e0d66a.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-devel-2.7.17-1.module+el8.2.0+4561+f4e0d66a.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-dns-1.15.0-10.module+el8.1.0+3111+de3f2d8e.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-docs-2.7.16-2.module+el8.1.0+3111+de3f2d8e.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-docs-info-2.7.16-2.module+el8.1.0+3111+de3f2d8e.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-docutils-0.14-12.module+el8.1.0+3111+de3f2d8e.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-funcsigs-1.0.2-13.module+el8.1.0+3111+de3f2d8e.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-idna-2.5-7.module+el8.1.0+3111+de3f2d8e.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-ipaddress-1.0.18-6.module+el8.1.0+3111+de3f2d8e.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-jinja2-2.10-8.module+el8.1.0+3111+de3f2d8e.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-libs-2.7.17-1.module+el8.2.0+4561+f4e0d66a.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-lxml-4.2.3-3.module+el8.1.0+3111+de3f2d8e.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-markupsafe-0.23-19.module+el8.1.0+3111+de3f2d8e.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-mock-2.0.0-13.module+el8.1.0+3111+de3f2d8e.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-nose-1.3.7-30.module+el8.1.0+3111+de3f2d8e.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-numpy-1.14.2-13.module+el8.1.0+3323+7ac3e00f.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-numpy-doc-1.14.2-13.module+el8.1.0+3323+7ac3e00f.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-numpy-f2py-1.14.2-13.module+el8.1.0+3323+7ac3e00f.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-pip-9.0.3-16.module+el8.2.0+5478+b505947e.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-pip-wheel-9.0.3-16.module+el8.2.0+5478+b505947e.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-pluggy-0.6.0-8.module+el8.1.0+3111+de3f2d8e.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-psycopg2-2.7.5-7.module+el8.1.0+3111+de3f2d8e.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-psycopg2-debug-2.7.5-7.module+el8.1.0+3111+de3f2d8e.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-psycopg2-tests-2.7.5-7.module+el8.1.0+3111+de3f2d8e.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-py-1.5.3-6.module+el8.1.0+3111+de3f2d8e.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-pygments-2.2.0-20.module+el8.1.0+3111+de3f2d8e.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-pymongo-3.6.1-11.module+el8.1.0+3446+c3d52da3.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-pymongo-gridfs-3.6.1-11.module+el8.1.0+3446+c3d52da3.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-pysocks-1.6.8-6.module+el8.1.0+3111+de3f2d8e.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-pytest-3.4.2-13.module+el8.1.0+3111+de3f2d8e.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-pytest-mock-1.9.0-4.module+el8.1.0+3111+de3f2d8e.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-pytz-2017.2-12.module+el8.1.0+3111+de3f2d8e.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-pyyaml-3.12-16.module+el8.1.0+3111+de3f2d8e.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-requests-2.20.0-3.module+el8.2.0+4577+feefd9b8.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-rpm-macros-3-38.module+el8.1.0+3111+de3f2d8e.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-scipy-1.0.0-20.module+el8.1.0+3323+7ac3e00f.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-setuptools-39.0.1-11.module+el8.1.0+3446+c3d52da3.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-setuptools-wheel-39.0.1-11.module+el8.1.0+3446+c3d52da3.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-setuptools_scm-1.15.7-6.module+el8.1.0+3111+de3f2d8e.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-six-1.11.0-5.module+el8.1.0+3111+de3f2d8e.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-sqlalchemy-1.3.2-1.module+el8.1.0+2994+98e054d6.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-test-2.7.17-1.module+el8.2.0+4561+f4e0d66a.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-tkinter-2.7.17-1.module+el8.2.0+4561+f4e0d66a.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-tools-2.7.17-1.module+el8.2.0+4561+f4e0d66a.x86_64.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-urllib3-1.24.2-1.module+el8.1.0+3280+19512f10.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-virtualenv-15.1.0-19.module+el8.1.0+3507+d69c168d.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-wheel-0.31.1-2.module+el8.1.0+3725+aac5cd17.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update python2-wheel-wheel-0.31.1-2.module+el8.1.0+3725+aac5cd17.noarch.rpmLinux
(RHSA-2020:1605) python27:2.7 security, bug fix, and enhancement update scipy-debugsource-1.0.0-20.module+el8.1.0+3323+7ac3e00f.x86_64.rpmLinux
(CESA-2020:1131) python security update python-2.7.5-88.el7.x86_64.rpmLinux
(CESA-2020:1131) python security update python-debug-2.7.5-88.el7.x86_64.rpmLinux
(CESA-2020:1131) python security update python-devel-2.7.5-88.el7.x86_64.rpmLinux
(CESA-2020:1131) python security update python-libs-2.7.5-88.el7.x86_64.rpmLinux
(CESA-2020:1131) python security update python-test-2.7.5-88.el7.x86_64.rpmLinux
(CESA-2020:1131) python security update python-tools-2.7.5-88.el7.x86_64.rpmLinux
(CESA-2020:1131) python security update tkinter-2.7.5-88.el7.x86_64.rpmLinux
(CESA-2020:1132) python3 security update python3-3.6.8-13.el7.x86_64.rpmLinux
(CESA-2020:1132) python3 security update python3-debug-3.6.8-13.el7.x86_64.rpmLinux
(CESA-2020:1132) python3 security update python3-devel-3.6.8-13.el7.x86_64.rpmLinux
(CESA-2020:1132) python3 security update python3-idle-3.6.8-13.el7.x86_64.rpmLinux
(CESA-2020:1132) python3 security update python3-libs-3.6.8-13.el7.x86_64.rpmLinux
(CESA-2020:1132) python3 security update python3-test-3.6.8-13.el7.x86_64.rpmLinux
(CESA-2020:1132) python3 security update python3-tkinter-3.6.8-13.el7.x86_64.rpmLinux
SUSE-SU-2019:2091-1(SUSE Linux Enterprise Server 12-SP5) libpython2_7-1_0-2.7.13-28.31.1.x86_64_12_SP5.rpmLinux
SUSE-SU-2019:2091-1(SUSE Linux Enterprise Server 12-SP5) libpython2_7-1_0-32bit-2.7.13-28.31.1.x86_64.rpmLinux
SUSE-SU-2019:2091-1(SUSE Linux Enterprise Server 12-SP5) libpython2_7-1_0-debuginfo-2.7.13-28.31.1.x86_64.rpmLinux
SUSE-SU-2019:2091-1(SUSE Linux Enterprise Server 12-SP5) libpython2_7-1_0-debuginfo-32bit-2.7.13-28.31.1.x86_64.rpmLinux
SUSE-SU-2019:2091-1(SUSE Linux Enterprise Server 12-SP5) python-2.7.13-28.31.1.x86_64.rpmLinux
SUSE-SU-2019:2091-1(SUSE Linux Enterprise Server 12-SP5) python-32bit-2.7.13-28.31.1.x86_64.rpmLinux
SUSE-SU-2019:2091-1(SUSE Linux Enterprise Server 12-SP5) python-base-2.7.13-28.31.1.x86_64.rpmLinux
SUSE-SU-2019:2091-1(SUSE Linux Enterprise Server 12-SP5) python-base-32bit-2.7.13-28.31.1.x86_64.rpmLinux
SUSE-SU-2019:2091-1(SUSE Linux Enterprise Server 12-SP5) python-base-debuginfo-2.7.13-28.31.1.x86_64.rpmLinux
SUSE-SU-2019:2091-1(SUSE Linux Enterprise Server 12-SP5) python-base-debuginfo-32bit-2.7.13-28.31.1.x86_64.rpmLinux
SUSE-SU-2019:2091-1(SUSE Linux Enterprise Server 12-SP5) python-base-debugsource-2.7.13-28.31.1.x86_64.rpmLinux
SUSE-SU-2019:2091-1(SUSE Linux Enterprise Server 12-SP5) python-curses-2.7.13-28.31.1.x86_64.rpmLinux
SUSE-SU-2019:2091-1(SUSE Linux Enterprise Server 12-SP5) python-curses-debuginfo-2.7.13-28.31.1.x86_64.rpmLinux
SUSE-SU-2019:2091-1(SUSE Linux Enterprise Server 12-SP5) python-debuginfo-2.7.13-28.31.1.x86_64.rpmLinux
SUSE-SU-2019:2091-1(SUSE Linux Enterprise Server 12-SP5) python-debuginfo-32bit-2.7.13-28.31.1.x86_64.rpmLinux
SUSE-SU-2019:2091-1(SUSE Linux Enterprise Server 12-SP5) python-debugsource-2.7.13-28.31.1.x86_64.rpmLinux
SUSE-SU-2019:2091-1(SUSE Linux Enterprise Server 12-SP5) python-demo-2.7.13-28.31.1.x86_64.rpmLinux
SUSE-SU-2019:2091-1(SUSE Linux Enterprise Server 12-SP5) python-doc-2.7.13-28.31.2.noarch.rpmLinux
SUSE-SU-2019:2091-1(SUSE Linux Enterprise Server 12-SP5) python-doc-pdf-2.7.13-28.31.2.noarch.rpmLinux
SUSE-SU-2019:2091-1(SUSE Linux Enterprise Server 12-SP5) python-gdbm-2.7.13-28.31.1.x86_64.rpmLinux
SUSE-SU-2019:2091-1(SUSE Linux Enterprise Server 12-SP5) python-gdbm-debuginfo-2.7.13-28.31.1.x86_64.rpmLinux
SUSE-SU-2019:2091-1(SUSE Linux Enterprise Server 12-SP5) python-idle-2.7.13-28.31.1.x86_64.rpmLinux
SUSE-SU-2019:2091-1(SUSE Linux Enterprise Server 12-SP5) python-tk-2.7.13-28.31.1.x86_64.rpmLinux
SUSE-SU-2019:2091-1(SUSE Linux Enterprise Server 12-SP5) python-tk-debuginfo-2.7.13-28.31.1.x86_64.rpmLinux
SUSE-SU-2019:2091-1(SUSE Linux Enterprise Server 12-SP5) python-xml-2.7.13-28.31.1.x86_64.rpmLinux
SUSE-SU-2019:2091-1(SUSE Linux Enterprise Server 12-SP5) python-xml-debuginfo-2.7.13-28.31.1.x86_64.rpmLinux
An interactive high-level object-oriented language (USN-6891-1) python3.10_3.10.12-1~22.04.4_amd64.debLinux
An interactive high-level object-oriented language (USN-6891-1) python3.10_3.10.12-1~22.04.4_i386.debLinux
An interactive high-level object-oriented language (USN-6891-1) python3.10-minimal_3.10.12-1~22.04.4_amd64.debLinux
An interactive high-level object-oriented language (USN-6891-1) python3.10-minimal_3.10.12-1~22.04.4_i386.debLinux
An interactive high-level object-oriented language (USN-6891-1) python3.11_3.11.6-3ubuntu0.1_amd64.debLinux
An interactive high-level object-oriented language (USN-6891-1) python3.11_3.11.6-3ubuntu0.1_i386.debLinux
An interactive high-level object-oriented language (USN-6891-1) python3.11-minimal_3.11.6-3ubuntu0.1_amd64.debLinux
An interactive high-level object-oriented language (USN-6891-1) python3.11-minimal_3.11.6-3ubuntu0.1_i386.debLinux
An interactive high-level object-oriented language (USN-6891-1) python3.12_3.12.0-1ubuntu0.1_amd64.debLinux
An interactive high-level object-oriented language (USN-6891-1) python3.12_3.12.0-1ubuntu0.1_i386.debLinux
An interactive high-level object-oriented language (USN-6891-1) python3.12-minimal_3.12.0-1ubuntu0.1_amd64.debLinux
An interactive high-level object-oriented language (USN-6891-1) python3.12-minimal_3.12.0-1ubuntu0.1_i386.debLinux
An interactive high-level object-oriented language (USN-6891-1) python3.8_3.8.10-0ubuntu1~20.04.10_amd64.debLinux
An interactive high-level object-oriented language (USN-6891-1) python3.8_3.8.10-0ubuntu1~20.04.10_i386.debLinux
An interactive high-level object-oriented language (USN-6891-1) python3.8-minimal_3.8.10-0ubuntu1~20.04.10_amd64.debLinux
An interactive high-level object-oriented language (USN-6891-1) python3.8-minimal_3.8.10-0ubuntu1~20.04.10_i386.debLinux
Improper Input Validation Vulnerability (CVE-2018-20852)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234