Published: 03/06/2019 Updated: 07/11/2023

Rejected reason: Various versions of Python do not properly restrict readline calls, which allows remote malicious users to cause a denial of service (memory consumption) via a long string, related to (1) httplib - fixed in 2.7.4, 2.6.9, and 3.3.3; (2) ftplib - fixed in 2.7.6, 2.6.9, 3.3.3; (3) imaplib - not yet fixed in 2.7.x, fixed in 2.6.9, 3.3.3; (4) nntplib - fixed in 2.7.6, 2.6.9, 3.3.3; (5) poplib - not yet fixed in 2.7.x, fixed in 2.6.9, 3.3.3; and (6) smtplib - not yet fixed in 2.7.x, fixed in 2.6.9, not yet fixed in 3.3.x. NOTE: this was REJECTed because it is incompatible with CNT1 "Independently Fixable" in the CVE Counting Decisions

Several security issues were fixed in Python ...

Debian Bug report logs - #742927 python34: CVE-2013-1753 Package: src:python34; Maintainer for src:python34 is Matthias Klose <doko@debianorg>; Reported by: Michael Gilbert <mgilbert@debianorg> Date: Sat, 29 Mar 2014 01:57:02 UTC Severity: important Tags: help, security Found in version python34/340-1 Fixed ...

Debian Bug report logs - #921040 python27: CVE-2019-5010: NULL pointer dereference using a specially crafted X509 certificate Package: python27; Maintainer for python27 is Matthias Klose <doko@debianorg>; Source for python27 is src:python27 (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@debianorg> ...

Debian Bug report logs - #921039 CVE-2018-14647 Package: python27; Maintainer for python27 is Matthias Klose <doko@debianorg>; Source for python27 is src:python27 (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Thu, 31 Jan 2019 23:36:02 UTC Severity: grave Tags: security, upstream ...

It was discovered that multiple Python standard library modules implementing network protocols (such as httplib or smtplib) failed to restrict sizes of server responses A malicious server could cause a client using one of the affected modules to consume an excessive amount of memory (CVE-2013-1752) The sslmatch_hostname function in the SSL modul ...

It was discovered that multiple Python standard library modules implementing network protocols (such as httplib or smtplib) failed to restrict sizes of server responses A malicious server could cause a client using one of the affected modules to consume an excessive amount of memory(CVE-2013-1752) It was discovered that the Python xmlrpclib did n ...

An integer overflow flaw was found in the way the buffer() function handled its offset and size arguments An attacker able to control those arguments could use this flaw to disclose portions of the application memory or cause it to crash It was discovered that multiple Python standard library modules implementing network protocols (such as httpli ...

https://nvd.nist.gov https://usn.ubuntu.com/2653-1/

Get Started

CVE-2013-1752

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect