python39-core (SUSE:Linux Enterprise Module for Development Tools 15 SP3) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Development Tools 15 SP3 package python39-core, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (9)
CVE-2021-29921 — CVSS 9.8 (critical): In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This (in some…
CVE-2022-42919 — CVSS 7.8 (high): Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python…
CVE-2015-20107 — CVSS 7.6 (high): In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap…
CVE-2022-45061 — CVSS 7.5 (high): An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the…
CVE-2020-10735 — CVSS 7.5 (high): A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int("text"), a system could…
CVE-2021-3737 — CVSS 7.5 (high): A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls…
CVE-2021-28861 — CVSS 7.4 (high): Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the…
CVE-2021-3733 — CVSS 6.5 (medium): There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as…
CVE-2021-3572 — CVSS 5.7 (medium): A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issue…