| Max CVSS | 7.5 | Min CVSS | 3.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-1000802 | 7.5 |
Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service
|
09-03-2023 - 19:15 | 18-09-2018 - 17:29 | |
| CVE-2018-1060 | 5.0 |
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.
|
28-07-2022 - 11:31 | 18-06-2018 - 14:29 | |
| CVE-2018-1000030 | 3.3 |
Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a Heap-Use-After-Free. Python versions prior to 2.7.14 may also be vulnerable and it appears that Python 2.7.17 and prior may also be vulnerable however this has not been confirmed. The
|
24-08-2020 - 17:37 | 08-02-2018 - 17:29 | |
| CVE-2018-14647 | 5.0 |
Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause pathological hash collisions
|
29-07-2020 - 12:15 | 25-09-2018 - 00:29 | |
| CVE-2018-1061 | 5.0 |
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service.
|
03-10-2019 - 00:03 | 19-06-2018 - 12:29 |