python
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | Next generation of the python high-level scripting language |
| Version | 3.9.2-1 [extra] |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-1465 | 3.9.1-2 | 3.9.2-1 | Medium | Fixed | |
| AVG-977 | 3.7.2-1 | 3.7.3-1 | High | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2021-23336 | AVG-1465 | Medium | Yes | Url request injection | The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable... |
| CVE-2021-3177 | AVG-1465 | Medium | No | Arbitrary code execution | Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications... |
| CVE-2019-9636 | AVG-977 | High | Yes | Information disclosure | Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization.... |
Advisories
| Date | Advisory | Group | Severity | Type |
|---|---|---|---|---|
| 27 Feb 2021 | ASA-202102-37 | AVG-1465 | Medium | multiple issues |
| 18 Jun 2019 | ASA-201906-17 | AVG-977 | High | information disclosure |