exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

CVE-2021-3177

Status Candidate

Overview

Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.

Related Files

Red Hat Security Advisory 2022-6252-02
Posted Sep 7, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6252-02 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 3.11.784. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2020-26116, CVE-2020-26137, CVE-2021-3177, CVE-2021-39226, CVE-2021-46784, CVE-2022-1271, CVE-2022-1552, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-21540, CVE-2022-21541, CVE-2022-2526, CVE-2022-29154
SHA-256 | 3579463a99c4e63010aef250904c7f9f1b1b3fbe1da0e14d8bd0f44d9140902f
Red Hat Security Advisory 2022-6271-01
Posted Sep 1, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6271-01 - This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2020-26116, CVE-2020-26137, CVE-2021-3177, CVE-2021-40528, CVE-2022-1012, CVE-2022-1292, CVE-2022-1586, CVE-2022-1729, CVE-2022-1785, CVE-2022-1897, CVE-2022-1927, CVE-2022-1966, CVE-2022-2068, CVE-2022-2097
SHA-256 | 6c172a31e754dec0944ca87e07fccfbf06a5a7e87ead7ebccdee11d2b8bc7849
Red Hat Security Advisory 2022-5235-01
Posted Jun 28, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5235-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include buffer overflow and crlf injection vulnerabilities.

tags | advisory, overflow, vulnerability, python
systems | linux, redhat
advisories | CVE-2020-26116, CVE-2020-26137, CVE-2021-3177
SHA-256 | b7cf311816b24778179b2d7f8f51e10f3b7284ae038b85d1ea00d7e79f6d8689
Ubuntu Security Notice USN-4754-5
Posted Feb 8, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4754-5 - USN-4754-1 fixed vulnerabilities in Python. Because of a regression, a subsequent update removed the fix for CVE-2021-3177. This update reinstates the security fix for CVE-2021-3177 in Ubuntu 14.04 ESM. It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service.

tags | advisory, denial of service, arbitrary, vulnerability, python
systems | linux, ubuntu
advisories | CVE-2021-3177
SHA-256 | 9e8d8ce75e1b0efee0c9fad596fdf37e5d67da5cb097f2e4e4915445223eec1a
Red Hat Security Advisory 2021-3254-01
Posted Aug 30, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3254-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include buffer overflow, code execution, cross site scripting, denial of service, information leakage, integer overflow, and traversal vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution, xss, python
systems | linux, redhat
advisories | CVE-2020-25659, CVE-2020-27619, CVE-2020-27783, CVE-2020-28493, CVE-2020-36242, CVE-2021-20095, CVE-2021-23336, CVE-2021-28957, CVE-2021-29921, CVE-2021-3177, CVE-2021-33503, CVE-2021-3426, CVE-2021-3572
SHA-256 | f49b54d77f89082e96a8e69fc49612163d813deff1eacac5d74e788baf88efbf
Red Hat Security Advisory 2021-3252-01
Posted Aug 27, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3252-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include buffer overflow, code execution, denial of service, and traversal vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution, python
systems | linux, redhat
advisories | CVE-2020-27619, CVE-2020-28493, CVE-2021-20095, CVE-2021-20270, CVE-2021-23336, CVE-2021-27291, CVE-2021-3177
SHA-256 | 05d8615e2ff62f71aec723a17e396003df102bd5b199b067ca9160421e948fe6
Red Hat Security Advisory 2021-1879-01
Posted May 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1879-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include buffer overflow, crlf injection, and cross site scripting vulnerabilities.

tags | advisory, overflow, vulnerability, xss, python
systems | linux, redhat
advisories | CVE-2020-26116, CVE-2020-27783, CVE-2021-3177
SHA-256 | 2109b430ba8a08fd747988c6175202b8cfe6305a10d9b9edaebcf76925d3424d
Red Hat Security Advisory 2021-1633-01
Posted May 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1633-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include buffer overflow and crlf injection vulnerabilities.

tags | advisory, overflow, vulnerability, python
systems | linux, redhat
advisories | CVE-2020-26116, CVE-2020-27619, CVE-2021-23336, CVE-2021-3177
SHA-256 | 77f031fb8c03890f2934f6440758be90e94ff9fb4367c2fe3507b9060baae44c
Red Hat Security Advisory 2021-1761-01
Posted May 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1761-01 - Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for MySQL and PostgreSQL. Issues addressed include buffer overflow, crlf injection, and cross site scripting vulnerabilities.

tags | advisory, overflow, vulnerability, xss, python
systems | linux, redhat
advisories | CVE-2020-26116, CVE-2020-26137, CVE-2020-27783, CVE-2021-3177
SHA-256 | e7c31e13f1fc9bc7fe6d3671e7bc033c0369125a20d45153aa444e9f7c64db8a
Ubuntu Security Notice USN-4754-4
Posted Mar 3, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4754-4 - USN-4754-1 fixed vulnerabilities in Python. Because of a regression, a subsequent update removed the fix for CVE-2021-3177. This update reinstates the security fix for CVE-2021-3177. It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, vulnerability, python
systems | linux, ubuntu
advisories | CVE-2021-3177
SHA-256 | bc3acac12b136e0af59a62c7352ee23636a40fb0ac5f05a05d8b63d93f602b2b
Gentoo Linux Security Advisory 202101-18
Posted Jan 25, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202101-18 - Multiple vulnerabilities have been found in Python, the worst of which could result in the arbitrary execution of code. Versions less than 2.7.18-r6:2.7 are affected.

tags | advisory, arbitrary, vulnerability, python
systems | linux, gentoo
advisories | CVE-2020-26116, CVE-2021-3177
SHA-256 | 9578a9d0cb15ff763a3edfd7d48c68aa6ccf79ebf8c12ef6a8f43cc834f10a97
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close