CVE-2020-27619 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	Yes
Type	Arbitrary code execution
Description	In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-1597	python2	2.7.18-2	2.7.18-3	High	Fixed	FS#68063

Date	Advisory	Group	Package	Severity	Type
25 Mar 2021	ASA-202103-27	AVG-1597	python2	High	multiple issues

References
https://python-security.readthedocs.io/vuln/cjk-codec-download-eval.html https://bugs.python.org/issue41944 https://github.com/python/cpython/pull/22575 https://github.com/python/cpython/commit/b664a1df4ee71d3760ab937653b10997081b1794

References

https://python-security.readthedocs.io/vuln/cjk-codec-download-eval.html
https://bugs.python.org/issue41944
https://github.com/python/cpython/pull/22575
https://github.com/python/cpython/commit/b664a1df4ee71d3760ab937653b10997081b1794