| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-4616 | 4.3 |
Array index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the raw_decod
|
13-07-2022 - 15:04 | 24-08-2017 - 20:29 | |
| CVE-2014-4650 | 7.5 |
The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended
|
27-06-2022 - 16:20 | 20-02-2020 - 17:15 | |
| CVE-2013-1753 | 5.0 |
The gzip_decode function in the xmlrpc client library in Python 3.4 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP request.
|
21-10-2020 - 17:44 | 11-03-2020 - 17:15 | |
| CVE-2014-7185 | 6.4 |
Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function.
|
25-10-2019 - 11:53 | 08-10-2014 - 17:55 | |
| CVE-2014-1912 | 7.5 |
Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string.
|
25-10-2019 - 11:53 | 01-03-2014 - 00:55 | |
| CVE-2013-1752 | 5.0 |
** REJECT ** Various versions of Python do not properly restrict readline calls, which allows remote attackers to cause a denial of service (memory consumption) via a long string, related to (1) httplib - fixed in 2.7.4, 2.6.9, and 3.3.3; (2) ftplib
|
03-06-2019 - 20:15 | 03-06-2019 - 20:15 |