Search CVE reports

21 – 28 of 28 results

Detailed view

Sort by:

CVE-2010-3492

Negligible priority

Ignored

The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should handle unsuccessful calls to the...

4 affected packages

python3.2, python2.6, python2.7, python3.1

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
python3.2	—	—	—	—
python2.6	—	—	—	—
python2.7	—	—	—	—
python3.1	—	—	—	—

CVE-2010-2089

Low priority

Some fixes available 4 of 11

The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application...

6 affected packages

python3.1, python2.4, python2.5, python2.6, python2.7, python3.2

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
python3.1	—	—	—	—
python2.4	—	—	—	—
python2.5	—	—	—	—
python2.6	—	—	—	—
python2.7	—	—	—	—
python3.2	—	—	—	—

CVE-2010-1634

Low priority

Some fixes available 4 of 11

Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service (application crash) via a large fragment, as demonstrated by a call to...

6 affected packages

python2.4, python2.5, python2.6, python2.7, python3.1, python3.2

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
python2.4	—	—	—	—
python2.5	—	—	—	—
python2.6	—	—	—	—
python2.7	—	—	—	—
python3.1	—	—	—	—
python3.2	—	—	—	—

CVE-2009-3720

Low priority

Some fixes available 81 of 535

The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML...

41 affected packages

apache2, apr-util, expat, cmake, celementtree...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
apache2	Not affected	Not affected	Not affected	Not affected
apr-util	Not affected	Not affected	Not affected	Not affected
expat	Fixed	Fixed	Fixed	Fixed
cmake	Not affected	Not affected	Not affected	Not affected
celementtree	Not in release	Not in release	Not in release	Not in release
paraview	Not affected	Not affected	Not affected	Not affected
vnc4	Not in release	Not in release	Not in release	Not affected
poco	Not affected	Not affected	Not affected	Not affected
kompozer	Not in release	Not in release	Not in release	Not in release
cadaver	Vulnerable	Vulnerable	Vulnerable	Vulnerable
ayttm	Not in release	Not in release	Not in release	Not in release
audacity	Not affected	Not affected	Not affected	Not affected
matanza	Ignored	Ignored	Ignored	Ignored
libxmltok	Not affected	Not affected	Not affected	Not affected
smart	Not in release	Not in release	Not in release	Not affected
texlive-bin	Not affected	Not affected	Not affected	Not affected
wxwidgets2.8	Not in release	Not in release	Not in release	Not in release
tla	Not affected	Not affected	Not affected	Not affected
libparagui1.1	Not in release	Not in release	Not in release	Not in release
sitecopy	Not in release	Not affected	Not affected	Not affected
wbxml2	Not affected	Not affected	Not affected	Not affected
xulrunner	Not in release	Not in release	Not in release	Not in release
insighttoolkit	Not in release	Not in release	Not in release	Not in release
wxwindows2.4	Not in release	Not in release	Not in release	Not in release
cableswig	Not in release	Not in release	Not in release	Not in release
gdcm	Not affected	Not affected	Not affected	Not affected
grmonitor	Not in release	Not in release	Not in release	Not in release
tdom	Not affected	Not affected	Not affected	Not affected
vtk	Not in release	Not in release	Not in release	Not in release
coin3	Vulnerable	Vulnerable	Vulnerable	Vulnerable
swish-e	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
python-xml	Not in release	Not in release	Not in release	Not in release
python2.4	Not in release	Not in release	Not in release	Not in release
python2.5	Not in release	Not in release	Not in release	Not in release
python2.6	Not in release	Not in release	Not in release	Not in release
w3c-libwww	Not in release	Not in release	Not in release	Not in release
wxwidgets2.6	Not in release	Not in release	Not in release	Not in release
xmlrpc-c	Fixed	Fixed	Fixed	Fixed
xotcl	Not affected	Not affected	Not affected	Not affected
ghostscript	Not affected	Not affected	Not affected	Not affected
simgear	Not affected	Not affected	Not affected	Not affected

CVE-2009-3560

Medium priority

Some fixes available 81 of 503

The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed...

41 affected packages

vtk, apache2, python-xml, paraview, poco...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
vtk	Not in release	Not in release	Not in release	Not in release
apache2	Not affected	Not affected	Not affected	Not affected
python-xml	Not in release	Not in release	Not in release	Not in release
paraview	Not affected	Not affected	Not affected	Not affected
poco	Not affected	Not affected	Not affected	Not affected
libparagui1.1	Not in release	Not in release	Not in release	Not in release
insighttoolkit	Not in release	Not in release	Not in release	Not in release
ayttm	Not in release	Not in release	Not in release	Not in release
audacity	Not affected	Not affected	Not affected	Not affected
smart	Not in release	Not in release	Not in release	Not affected
libxmltok	Not affected	Not affected	Not affected	Not affected
matanza	Ignored	Ignored	Ignored	Ignored
swish-e	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
cableswig	Not in release	Not in release	Not in release	Not in release
coin3	Not affected	Not affected	Not affected	Vulnerable
apr-util	Not affected	Not affected	Not affected	Not affected
cadaver	Not affected	Not affected	Not affected	Not affected
celementtree	Not in release	Not in release	Not in release	Not in release
cmake	Not affected	Not affected	Not affected	Not affected
expat	Fixed	Fixed	Fixed	Fixed
gdcm	Not affected	Not affected	Not affected	Not affected
ghostscript	Not affected	Not affected	Not affected	Not affected
grmonitor	Not in release	Not in release	Not in release	Not in release
kompozer	Not in release	Not in release	Not in release	Not in release
python2.4	Not in release	Not in release	Not in release	Not in release
python2.5	Not in release	Not in release	Not in release	Not in release
python2.6	Not in release	Not in release	Not in release	Not in release
simgear	Not affected	Not affected	Not affected	Not affected
sitecopy	Not in release	Not affected	Not affected	Not affected
tdom	Not affected	Not affected	Not affected	Not affected
texlive-bin	Not affected	Not affected	Not affected	Not affected
tla	Not affected	Not affected	Not affected	Not affected
vnc4	Not in release	Not in release	Not in release	Not affected
w3c-libwww	Not in release	Not in release	Not in release	Not in release
wbxml2	Not affected	Not affected	Not affected	Not affected
wxwidgets2.6	Not in release	Not in release	Not in release	Not in release
wxwidgets2.8	Not in release	Not in release	Not in release	Not in release
wxwindows2.4	Not in release	Not in release	Not in release	Not in release
xmlrpc-c	Fixed	Fixed	Fixed	Fixed
xotcl	Not affected	Not affected	Not affected	Not affected
xulrunner	Not in release	Not in release	Not in release	Not in release

CVE-2008-5983

Low priority

Some fixes available 4 of 14

Untrusted search path vulnerability in the PySys_SetArgv API function in Python 2.6 and earlier, and possibly later versions, prepends an empty string to sys.path when the argv[0] argument does not contain a path separator, which...

6 affected packages

python2.4, python2.5, python2.6, python2.7, python3.1, python3.2

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
python2.4	—	—	—	—
python2.5	—	—	—	—
python2.6	—	—	—	—
python2.7	—	—	—	—
python3.1	—	—	—	—
python3.2	—	—	—	—

CVE-2008-4108

Negligible priority

Ignored

Tools/faqwiz/move-faqwiz.sh (aka the generic FAQ wizard moving tool) in Python 2.4.5 might allow local users to overwrite arbitrary files via a symlink attack on a tmp$RANDOM.tmp temporary file. NOTE: there may not be common...

3 affected packages

python2.4, python2.5, python2.6

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
python2.4	—	—	—	—
python2.5	—	—	—	—
python2.6	—	—	—	—

CVE-2007-4559

Medium priority

Some fixes available 2 of 28

Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR...

16 affected packages

python2.3, python2.4, python2.5, python2.6, python3.0...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
python2.3	—	—	—	—
python2.4	—	—	—	—
python2.5	—	—	—	—
python2.6	—	—	—	—
python3.0	—	—	—	—
python3.1	—	—	—	—
python2.7	—	Ignored	Not in release	Ignored
python3.4	—	Not in release	Not in release	Not in release
python3.5	—	Not in release	Not in release	Not in release
python3.6	—	Not in release	Not in release	Ignored
python3.7	—	Not in release	Not in release	Ignored
python3.8	—	Not in release	Ignored	Ignored
python3.9	—	Not in release	Not in release	Not in release
python3.10	—	Fixed	Not in release	Not in release
python3.11	—	Ignored	Not in release	Not in release
python3.12	—	Not in release	Not in release	Not in release

Export to JSON

Results by page: