CVE-2020-27619

Python could be made to execute arbitrary code or denial of service if it received a specially crafted input ...

In Python3's Lib/test/multibytecodec_supportpy CJK codec tests call eval() on content retrieved via HTTP (CVE-2020-27619) The package python/cpython is vulnerable to Web Cache Poisoning via urllibparseparse_qsl and urllibparseparse_qs by using a vector called parameter cloaking When the attacker can separate query parameters using a semicolo ...

In Python3's Lib/test/multibytecodec_supportpy CJK codec tests call eval() on content retrieved via HTTP (CVE-2020-27619) The package python/cpython is vulnerable to Web Cache Poisoning via urllibparseparse_qsl and urllibparseparse_qs by using a vector called parameter cloaking When the attacker can separate query parameters using a semicolo ...

The CryptProtectMemory function in cngsys (aka the Cryptography Next Generation driver) in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 81, Windows Server 2012 Gold and R2, and Windows RT Gold and 81, when the CRYPTPROTECTMEMORY_SAME_LOGON o ...

A flaw was found in Python The built-in modules httplib and httpclient (included in Python 2 and Python 3, respectively) do not properly validate CRLF sequences in the HTTP request method, potentially allowing manipulation to the request by injecting additional HTTP headers The highest threat from this vulnerability is to confidentiality and int ...

In Python 3 through 390, the Lib/test/multibytecodec_supportpy CJK codec tests call eval() on content retrieved via HTTP ...