Vulnerabilities > Python > Python > 1.1.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-11-17 | CVE-2017-1000158 | Integer Overflow or Wraparound vulnerability in multiple products CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution) | 9.8 |
2016-09-02 | CVE-2016-5699 | HTTP Response Splitting vulnerability in Python CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL. | 6.1 |
2008-08-01 | CVE-2008-3142 | Classic Buffer Overflow vulnerability in multiple products Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicode_resize function and the PyMem_RESIZE macro. | 7.5 |
2008-04-18 | CVE-2008-1887 | Classic Buffer Overflow vulnerability in multiple products Python 2.5.2 and earlier allows context-dependent attackers to execute arbitrary code via multiple vectors that cause a negative size value to be provided to the PyString_FromStringAndSize function, which allocates less memory than expected when assert() is disabled and triggers a buffer overflow. | 9.3 |