Lucene search
GoogleOSV:PSF-2022-1HistoryApr 13, 2022 - 12:00 a.m.
mailcap shell command injection
2022-04-1300:00:00
Google
osv.dev
5
In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9
References
Related
debiancve
debiancve
CVE-2015-20107
2022-04-13 16:15:08
fedora
fedora
[SECURITY] Fedora 36 Update: python3.9-3.9.13-2.fc36
2022-06-19 00:38:30
[SECURITY] Fedora 36 Update: pypy-7.3.9-2.fc36
2022-07-08 01:17:57
[SECURITY] Fedora 35 Update: pypy3.9-7.3.9-2.3.9.fc35
2022-07-08 01:38:07
nessus
nessus
SUSE SLES12 Security Update : python3 (SUSE-SU-2022:2166-1)
2022-06-24 00:00:00
EulerOS 2.0 SP9 : python3 (EulerOS-SA-2022-1978)
2022-07-08 00:00:00
SUSE SLED15 / SLES15 Security Update : python310 (SUSE-SU-2022:2291-1)
2022-07-08 00:00:00
ubuntu
ubuntu
Python vulnerability
2022-07-14 00:00:00
oraclelinux
oraclelinux
python39:3.9 and python39-devel:3.9 security update
2022-11-15 00:00:00
python38:3.8 and python38-devel:3.8 security update
2022-11-15 00:00:00
python27:2.7 security update
2022-11-15 00:00:00
ibm
ibm
Security Bulletin: IBM App Connect Enterprise Certified Container may be vulnerable to arbitrary code execution due to CVE-2015-20107
2022-12-01 16:39:02
cbl_mariner
cbl_mariner
CVE-2015-20107 affecting package python3 3.7.13-3
2022-10-13 00:40:13
CVE-2015-20107 affecting package python2 2.7.18-10
2022-10-13 00:40:13
CVE-2015-20107 affecting package python3 for versions less than 3.9.13-5
2022-09-16 06:05:37
osv
osv
Moderate: python38:3.8 and python38-devel:3.8 security update
2022-11-08 06:23:36
Moderate: python27:2.7 security update
2022-11-08 00:00:00
Moderate: python27:2.7 security update
2022-11-08 06:23:47
openvas
openvas
openSUSE: Security Advisory for python3 (SUSE-SU-2022:2357-2)
2024-03-04 00:00:00
Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2023-1587)
2023-03-23 00:00:00
Fedora: Security Advisory for pypy3.9 (FEDORA-2022-dbe9a8f9ac)
2022-07-09 00:00:00
nvd
nvd
CVE-2015-20107
2022-04-13 16:15:08
cvelist
cvelist
CVE-2015-20107
2022-04-13 00:00:00
rocky
rocky
python27:2.7 security update
2022-11-08 06:23:47
python39:3.9 and python39-devel:3.9 security update
2022-11-08 06:23:46
python38:3.8 and python38-devel:3.8 security update
2022-11-08 06:23:36
redos
redos
ROS-20230915-15
2023-09-15 00:00:00
redhat
redhat
(RHSA-2022:7593) Moderate: python27:2.7 security update
2022-11-08 06:23:47
suse
suse
Security update for python310 (important)
2022-07-06 00:00:00
Security update for python3 (important)
2022-07-12 00:00:00
Security update for python (important)
2022-07-08 00:00:00
veracode
veracode
Command Injection
2022-07-15 16:59:03
almalinux
almalinux
Moderate: python39:3.9 and python39-devel:3.9 security update
2022-11-08 00:00:00
Moderate: python27:2.7 security update
2022-11-08 00:00:00
Moderate: python38:3.8 and python38-devel:3.8 security update
2022-11-08 00:00:00
alpinelinux
alpinelinux
CVE-2015-20107
2022-04-13 16:15:08
prion
prion
Input validation
2022-04-13 16:15:00
photon
photon
Critical Photon OS Security Update - PHSA-2022-0213
2022-07-15 00:00:00
Critical Photon OS Security Update - PHSA-2022-0524
2022-09-29 00:00:00
Important Photon OS Security Update - PHSA-2022-4.0-0213
2022-07-15 00:00:00
cve
cve
CVE-2015-20107
2022-04-13 16:15:08
ubuntucve
ubuntucve
CVE-2015-20107
2022-04-13 00:00:00
cloudfoundry
cloudfoundry
USN-5519-1: Python vulnerability | Cloud Foundry
2022-08-26 00:00:00
mageia
mageia
Updated python packages fix security vulnerability
2022-10-13 23:05:19
Updated python3 packages fix security vulnerability
2022-10-08 23:22:22