Search Results (Refine Search)
- CPE Product Version: cpe:/a:python:python:3.7.0:beta1
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2018-1061 |
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service. Published: June 19, 2018; 8:29:00 AM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2018-1000117 |
Python Software Foundation CPython version From 3.2 until 3.6.4 on Windows contains a Buffer Overflow vulnerability in os.symlink() function on Windows that can result in Arbitrary code execution, likely escalation of privilege. This attack appears to be exploitable via a python script that creates a symlink with an attacker controlled name or location. This vulnerability appears to have been fixed in 3.7.0 and 3.6.5. Published: March 07, 2018; 9:29:00 AM -0500 |
V3.1: 6.7 MEDIUM V2.0: 7.2 HIGH |