AVG-1597 log

Package python2
Status Vulnerable
Severity Medium
Type multiple issues
Affected 2.7.18-2
Fixed Unknown
Current 2.7.18-2 [extra]
Ticket FS#68063
Created Sat Feb 20 00:10:34 2021
Issue Severity Remote Type Description
CVE-2021-23336 Medium Yes Url request injection
The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable...
CVE-2021-3177 Medium No Arbitrary code execution
Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications...
CVE-2020-26116 Medium Yes Url request injection
http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the...
CVE-2020-8492 Low Yes Denial of service
Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular...
CVE-2019-20907 Low No Denial of service
In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because...
Notes
Python 2 has reached its end of life, so these issues are not going to be fixed.