Search CVE reports


Toggle filters

681 – 690 of 809 results


CVE-2013-7338

Low priority
Ignored

Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3)...

6 affected packages

python2.6, python2.7, python3.1, python3.2, python3.3, python3.4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
python2.6
python2.7
python3.1
python3.2
python3.3
python3.4
Show less packages

CVE-2014-0474

Medium priority
Fixed

The (1) FilePathField, (2) GenericIPAddressField, and (3) IPAddressField model field classes in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 do not properly perform type conversion,...

1 affected package

python-django

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
python-django
Show less packages

CVE-2014-0473

Medium priority
Fixed

The caching framework in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 reuses a cached CSRF token for all anonymous users, which allows remote attackers to bypass CSRF protections by...

1 affected package

python-django

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
python-django
Show less packages

CVE-2014-0472

Medium priority
Fixed

The django.core.urlresolvers.reverse function in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 allows remote attackers to import and execute arbitrary Python modules by leveraging a view...

1 affected package

python-django

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
python-django
Show less packages

CVE-2014-0105

Low priority
Ignored

The auth_token middleware in the OpenStack Python client library for Keystone (aka python-keystoneclient) before 0.7.0 does not properly retrieve user tokens from memcache, which allows remote authenticated users to gain...

2 affected packages

keystone, python-keystoneclient

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
keystone
python-keystoneclient
Show less packages

CVE-2014-1933

Medium priority
Fixed

The (1) JpegImagePlugin.py and (2) EpsImagePlugin.py scripts in Python Image Library (PIL) 1.1.7 and earlier and Pillow before 2.3.1 uses the names of temporary files on the command line, which makes it easier for local users to...

2 affected packages

pillow, python-imaging

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
pillow
python-imaging
Show less packages

CVE-2014-1932

Medium priority
Fixed

The (1) load_djpeg function in JpegImagePlugin.py, (2) Ghostscript function in EpsImagePlugin.py, (3) load function in IptcImagePlugin.py, and (4) _copy function in Image.py in Python Image Library (PIL) 1.1.7 and earlier and...

2 affected packages

pillow, python-imaging

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
pillow
python-imaging
Show less packages

CVE-2014-1912

Medium priority

Some fixes available 8 of 9

Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string.

6 affected packages

python2.6, python2.7, python3.1, python3.2, python3.3, python3.4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
python2.6
python2.7
python3.1
python3.2
python3.3
python3.4
Show less packages

CVE-2013-6396

Low priority
Ignored

The OpenStack Python client library for Swift (python-swiftclient) 1.0 through 1.9.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information...

1 affected package

python-swiftclient

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
python-swiftclient
Show less packages

CVE-2014-1624

Low priority

Some fixes available 2 of 13

Race condition in the xdg.BaseDirectory.get_runtime_dir function in python-xdg 0.25 allows local users to overwrite arbitrary files by pre-creating /tmp/pyxdg-runtime-dir-fallback-victim to point to a victim-owned location, then...

1 affected package

pyxdg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
pyxdg Not affected
Show less packages