rhsa-2021_3252
Vulnerability from csaf_redhat
Published
2021-08-24 13:06
Modified
2024-09-18 05:24
Summary
Red Hat Security Advisory: python27 security update
Notes
Topic
An update for python27-babel, python27-python, python27-python-jinja2, and python27-python-pygments is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
Security Fix(es):
* python: Unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)
* python-jinja2: ReDoS vulnerability due to the sub-pattern (CVE-2020-28493)
* python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c (CVE-2021-3177)
* python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-20095)
* python-pygments: Infinite loop in SML lexer may lead to DoS (CVE-2021-20270)
* python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (CVE-2021-23336)
* python-pygments: ReDoS via crafted malicious input (CVE-2021-27291)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional information
* Changes in the default separator for the Python urllib parsing functions
To mitigate the Web Cache Poisoning CVE-2021-23336 in the Python urllib library, the default separator for the urllib.parse.parse_qsl and urllib.parse.parse_qs functions is being changed from both ampersand (&) and semicolon (;) to only an ampersand.
The change of the default separator is potentially backwards incompatible, therefore Red Hat provides a way to configure the behavior in Python packages where the default separator has been changed. In addition, the affected urllib parsing functions issue a warning if they detect that a customer’s application has been affected by the change.
For more information, see the Knowledgebase article "Mitigation of Web Cache Poisoning in the Python urllib library (CVE-2021-23336)" linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for python27-babel, python27-python, python27-python-jinja2, and python27-python-pygments is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* python: Unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)\n\n* python-jinja2: ReDoS vulnerability due to the sub-pattern (CVE-2020-28493)\n\n* python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c (CVE-2021-3177)\n\n* python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-20095)\n\n* python-pygments: Infinite loop in SML lexer may lead to DoS (CVE-2021-20270)\n\n* python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (CVE-2021-23336)\n\n* python-pygments: ReDoS via crafted malicious input (CVE-2021-27291)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional information\n\n* Changes in the default separator for the Python urllib parsing functions\n\nTo mitigate the Web Cache Poisoning CVE-2021-23336 in the Python urllib library, the default separator for the urllib.parse.parse_qsl and urllib.parse.parse_qs functions is being changed from both ampersand (\u0026) and semicolon (;) to only an ampersand.\n\nThe change of the default separator is potentially backwards incompatible, therefore Red Hat provides a way to configure the behavior in Python packages where the default separator has been changed. In addition, the affected urllib parsing functions issue a warning if they detect that a customer\u2019s application has been affected by the change.\n\nFor more information, see the Knowledgebase article \"Mitigation of Web Cache Poisoning in the Python urllib library (CVE-2021-23336)\" linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:3252",
"url": "https://access.redhat.com/errata/RHSA-2021:3252"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/5860431",
"url": "https://access.redhat.com/articles/5860431"
},
{
"category": "external",
"summary": "1889886",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1889886"
},
{
"category": "external",
"summary": "1918168",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1918168"
},
{
"category": "external",
"summary": "1922136",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922136"
},
{
"category": "external",
"summary": "1928707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928707"
},
{
"category": "external",
"summary": "1928904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928904"
},
{
"category": "external",
"summary": "1940603",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1940603"
},
{
"category": "external",
"summary": "1955615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1955615"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2021_3252.json"
}
],
"title": "Red Hat Security Advisory: python27 security update",
"tracking": {
"current_release_date": "2024-09-18T05:24:51+00:00",
"generator": {
"date": "2024-09-18T05:24:51+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2021:3252",
"initial_release_date": "2021-08-24T13:06:56+00:00",
"revision_history": [
{
"date": "2021-08-24T13:06:56+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-08-24T13:06:56+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-18T05:24:51+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Software Collections"
},
{
"branches": [
{
"category": "product_version",
"name": "python27-python-pygments-0:1.5-5.el7.src",
"product": {
"name": "python27-python-pygments-0:1.5-5.el7.src",
"product_id": "python27-python-pygments-0:1.5-5.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-pygments@1.5-5.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "python27-python-0:2.7.18-3.el7.src",
"product": {
"name": "python27-python-0:2.7.18-3.el7.src",
"product_id": "python27-python-0:2.7.18-3.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python@2.7.18-3.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "python27-python-jinja2-0:2.6-16.el7.src",
"product": {
"name": "python27-python-jinja2-0:2.6-16.el7.src",
"product_id": "python27-python-jinja2-0:2.6-16.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-jinja2@2.6-16.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "python27-babel-0:0.9.6-10.el7.src",
"product": {
"name": "python27-babel-0:0.9.6-10.el7.src",
"product_id": "python27-babel-0:0.9.6-10.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-babel@0.9.6-10.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python27-python-pygments-0:1.5-5.el7.noarch",
"product": {
"name": "python27-python-pygments-0:1.5-5.el7.noarch",
"product_id": "python27-python-pygments-0:1.5-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-pygments@1.5-5.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python27-python-jinja2-0:2.6-16.el7.noarch",
"product": {
"name": "python27-python-jinja2-0:2.6-16.el7.noarch",
"product_id": "python27-python-jinja2-0:2.6-16.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-jinja2@2.6-16.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python27-babel-0:0.9.6-10.el7.noarch",
"product": {
"name": "python27-babel-0:0.9.6-10.el7.noarch",
"product_id": "python27-babel-0:0.9.6-10.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-babel@0.9.6-10.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python27-python-babel-0:0.9.6-10.el7.noarch",
"product": {
"name": "python27-python-babel-0:0.9.6-10.el7.noarch",
"product_id": "python27-python-babel-0:0.9.6-10.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-babel@0.9.6-10.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "python27-python-0:2.7.18-3.el7.x86_64",
"product": {
"name": "python27-python-0:2.7.18-3.el7.x86_64",
"product_id": "python27-python-0:2.7.18-3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python@2.7.18-3.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python27-python-debug-0:2.7.18-3.el7.x86_64",
"product": {
"name": "python27-python-debug-0:2.7.18-3.el7.x86_64",
"product_id": "python27-python-debug-0:2.7.18-3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-debug@2.7.18-3.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python27-python-devel-0:2.7.18-3.el7.x86_64",
"product": {
"name": "python27-python-devel-0:2.7.18-3.el7.x86_64",
"product_id": "python27-python-devel-0:2.7.18-3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-devel@2.7.18-3.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python27-python-libs-0:2.7.18-3.el7.x86_64",
"product": {
"name": "python27-python-libs-0:2.7.18-3.el7.x86_64",
"product_id": "python27-python-libs-0:2.7.18-3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-libs@2.7.18-3.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python27-python-test-0:2.7.18-3.el7.x86_64",
"product": {
"name": "python27-python-test-0:2.7.18-3.el7.x86_64",
"product_id": "python27-python-test-0:2.7.18-3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-test@2.7.18-3.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python27-python-tools-0:2.7.18-3.el7.x86_64",
"product": {
"name": "python27-python-tools-0:2.7.18-3.el7.x86_64",
"product_id": "python27-python-tools-0:2.7.18-3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-tools@2.7.18-3.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python27-tkinter-0:2.7.18-3.el7.x86_64",
"product": {
"name": "python27-tkinter-0:2.7.18-3.el7.x86_64",
"product_id": "python27-tkinter-0:2.7.18-3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-tkinter@2.7.18-3.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"product": {
"name": "python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"product_id": "python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-debuginfo@2.7.18-3.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "python27-python-0:2.7.18-3.el7.s390x",
"product": {
"name": "python27-python-0:2.7.18-3.el7.s390x",
"product_id": "python27-python-0:2.7.18-3.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python@2.7.18-3.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python27-python-debug-0:2.7.18-3.el7.s390x",
"product": {
"name": "python27-python-debug-0:2.7.18-3.el7.s390x",
"product_id": "python27-python-debug-0:2.7.18-3.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-debug@2.7.18-3.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python27-python-devel-0:2.7.18-3.el7.s390x",
"product": {
"name": "python27-python-devel-0:2.7.18-3.el7.s390x",
"product_id": "python27-python-devel-0:2.7.18-3.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-devel@2.7.18-3.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python27-python-libs-0:2.7.18-3.el7.s390x",
"product": {
"name": "python27-python-libs-0:2.7.18-3.el7.s390x",
"product_id": "python27-python-libs-0:2.7.18-3.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-libs@2.7.18-3.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python27-python-test-0:2.7.18-3.el7.s390x",
"product": {
"name": "python27-python-test-0:2.7.18-3.el7.s390x",
"product_id": "python27-python-test-0:2.7.18-3.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-test@2.7.18-3.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python27-python-tools-0:2.7.18-3.el7.s390x",
"product": {
"name": "python27-python-tools-0:2.7.18-3.el7.s390x",
"product_id": "python27-python-tools-0:2.7.18-3.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-tools@2.7.18-3.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python27-tkinter-0:2.7.18-3.el7.s390x",
"product": {
"name": "python27-tkinter-0:2.7.18-3.el7.s390x",
"product_id": "python27-tkinter-0:2.7.18-3.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-tkinter@2.7.18-3.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"product": {
"name": "python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"product_id": "python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-debuginfo@2.7.18-3.el7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python27-python-0:2.7.18-3.el7.ppc64le",
"product": {
"name": "python27-python-0:2.7.18-3.el7.ppc64le",
"product_id": "python27-python-0:2.7.18-3.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python@2.7.18-3.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python27-python-debug-0:2.7.18-3.el7.ppc64le",
"product": {
"name": "python27-python-debug-0:2.7.18-3.el7.ppc64le",
"product_id": "python27-python-debug-0:2.7.18-3.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-debug@2.7.18-3.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python27-python-devel-0:2.7.18-3.el7.ppc64le",
"product": {
"name": "python27-python-devel-0:2.7.18-3.el7.ppc64le",
"product_id": "python27-python-devel-0:2.7.18-3.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-devel@2.7.18-3.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python27-python-libs-0:2.7.18-3.el7.ppc64le",
"product": {
"name": "python27-python-libs-0:2.7.18-3.el7.ppc64le",
"product_id": "python27-python-libs-0:2.7.18-3.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-libs@2.7.18-3.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python27-python-test-0:2.7.18-3.el7.ppc64le",
"product": {
"name": "python27-python-test-0:2.7.18-3.el7.ppc64le",
"product_id": "python27-python-test-0:2.7.18-3.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-test@2.7.18-3.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python27-python-tools-0:2.7.18-3.el7.ppc64le",
"product": {
"name": "python27-python-tools-0:2.7.18-3.el7.ppc64le",
"product_id": "python27-python-tools-0:2.7.18-3.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-tools@2.7.18-3.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python27-tkinter-0:2.7.18-3.el7.ppc64le",
"product": {
"name": "python27-tkinter-0:2.7.18-3.el7.ppc64le",
"product_id": "python27-tkinter-0:2.7.18-3.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-tkinter@2.7.18-3.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"product": {
"name": "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"product_id": "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-debuginfo@2.7.18-3.el7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-babel-0:0.9.6-10.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch"
},
"product_reference": "python27-babel-0:0.9.6-10.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-babel-0:0.9.6-10.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src"
},
"product_reference": "python27-babel-0:0.9.6-10.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-0:2.7.18-3.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src"
},
"product_reference": "python27-python-0:2.7.18-3.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-babel-0:0.9.6-10.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch"
},
"product_reference": "python27-python-babel-0:0.9.6-10.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debug-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-debug-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debug-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-debug-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debug-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-debug-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debuginfo-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debuginfo-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-devel-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-devel-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-devel-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-devel-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-devel-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-devel-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-jinja2-0:2.6-16.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch"
},
"product_reference": "python27-python-jinja2-0:2.6-16.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-jinja2-0:2.6-16.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src"
},
"product_reference": "python27-python-jinja2-0:2.6-16.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-libs-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-libs-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-libs-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-libs-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-libs-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-libs-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-pygments-0:1.5-5.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch"
},
"product_reference": "python27-python-pygments-0:1.5-5.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-pygments-0:1.5-5.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src"
},
"product_reference": "python27-python-pygments-0:1.5-5.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-test-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-test-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-test-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-test-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-test-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-test-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-tools-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-tools-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-tools-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-tools-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-tools-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-tools-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-tkinter-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-tkinter-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-tkinter-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-tkinter-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-tkinter-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-tkinter-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-babel-0:0.9.6-10.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch"
},
"product_reference": "python27-babel-0:0.9.6-10.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-babel-0:0.9.6-10.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src"
},
"product_reference": "python27-babel-0:0.9.6-10.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-0:2.7.18-3.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src"
},
"product_reference": "python27-python-0:2.7.18-3.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-babel-0:0.9.6-10.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch"
},
"product_reference": "python27-python-babel-0:0.9.6-10.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debug-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-debug-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debug-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-debug-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debug-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-debug-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debuginfo-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debuginfo-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-devel-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-devel-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-devel-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-devel-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-devel-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-devel-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-jinja2-0:2.6-16.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch"
},
"product_reference": "python27-python-jinja2-0:2.6-16.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-jinja2-0:2.6-16.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src"
},
"product_reference": "python27-python-jinja2-0:2.6-16.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-libs-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-libs-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-libs-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-libs-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-libs-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-libs-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-pygments-0:1.5-5.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch"
},
"product_reference": "python27-python-pygments-0:1.5-5.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-pygments-0:1.5-5.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src"
},
"product_reference": "python27-python-pygments-0:1.5-5.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-test-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-test-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-test-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-test-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-test-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-test-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-tools-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-tools-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-tools-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-tools-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-tools-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-tools-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-tkinter-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-tkinter-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-tkinter-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-tkinter-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-tkinter-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-tkinter-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-babel-0:0.9.6-10.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch"
},
"product_reference": "python27-babel-0:0.9.6-10.el7.noarch",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-babel-0:0.9.6-10.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src"
},
"product_reference": "python27-babel-0:0.9.6-10.el7.src",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-0:2.7.18-3.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src"
},
"product_reference": "python27-python-0:2.7.18-3.el7.src",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-babel-0:0.9.6-10.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch"
},
"product_reference": "python27-python-babel-0:0.9.6-10.el7.noarch",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debug-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-debug-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debug-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-debug-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debug-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-debug-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debuginfo-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debuginfo-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-devel-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-devel-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-devel-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-devel-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-devel-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-devel-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-jinja2-0:2.6-16.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch"
},
"product_reference": "python27-python-jinja2-0:2.6-16.el7.noarch",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-jinja2-0:2.6-16.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src"
},
"product_reference": "python27-python-jinja2-0:2.6-16.el7.src",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-libs-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-libs-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-libs-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-libs-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-libs-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-libs-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-pygments-0:1.5-5.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch"
},
"product_reference": "python27-python-pygments-0:1.5-5.el7.noarch",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-pygments-0:1.5-5.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src"
},
"product_reference": "python27-python-pygments-0:1.5-5.el7.src",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-test-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-test-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-test-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-test-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-test-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-test-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-tools-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-tools-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-tools-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-tools-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-tools-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-tools-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-tkinter-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-tkinter-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-tkinter-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-tkinter-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-tkinter-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-tkinter-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-27619",
"cwe": {
"id": "CWE-95",
"name": "Improper Neutralization of Directives in Dynamically Evaluated Code (\u0027Eval Injection\u0027)"
},
"discovery_date": "2020-10-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1889886"
}
],
"notes": [
{
"category": "description",
"text": "In Python3\u0027s Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python: Unsafe use of eval() on data retrieved via HTTP in the test suite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "As of Red Hat Quay 3.4 the python runtime will be consumed from RHEL. Currently releases up to 3.3 won\u0027t get fixes for this moderate issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-27619"
},
{
"category": "external",
"summary": "RHBZ#1889886",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1889886"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-27619",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27619"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27619",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27619"
}
],
"release_date": "2020-10-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3252"
},
{
"category": "workaround",
"details": "In versions of Python shipped with Red Hat Enterprise Linux and Red Hat Software Collections, the flaw can be mitigated by not running the python tests with network resources enabled. By default, the tests are not run with network resources enabled. Ensure that `-u network` or `-uall` are not passed as options to `python -m test`. For more information on how these commands work, see [1].\n\n1. https://docs.python.org/3/library/test.html",
"product_ids": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python: Unsafe use of eval() on data retrieved via HTTP in the test suite"
},
{
"cve": "CVE-2020-28493",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-02-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1928707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in python-jinja2. The ReDOS vulnerability of the regex is mainly due to the sub-pattern [a-zA-Z0-9._-]+.[a-zA-Z0-9._-]+. This issue can be mitigated by Markdown to format user content instead of the urlize filter, or by implementing request timeouts and limiting process memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-jinja2: ReDoS vulnerability in the urlize filter",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is out of support scope for the following products:\n\n* Red Hat Enterprise Linux 6\n* Red Hat Enterprise Linux 7\n* Red Hat Ceph Storage 2\n\nTo learn more about Red Hat Enterprise Linux support scopes, please see https://access.redhat.com/support/policy/updates/errata/\n\nIn Red Hat OpenStack Platform, because python-jinja2 is not directly customer exposed, the Impact has been moved to Low and no updated will be provided at this time for the RHOSP python-jinja2 package.\n\nRed Hat Quay does not make use of the vulnerable function, so the impact is Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-28493"
},
{
"category": "external",
"summary": "RHBZ#1928707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28493",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28493"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28493",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28493"
}
],
"release_date": "2021-02-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3252"
},
{
"category": "workaround",
"details": "If using the jinja2 library as a developer, this flaw can be mitigated by not using the vulnerable urlize() filter, and instead, using Markdown to format user content.",
"product_ids": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-jinja2: ReDoS vulnerability in the urlize filter"
},
{
"cve": "CVE-2021-3177",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2021-01-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1918168"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in python. A stack-based buffer overflow was discovered in the ctypes module provided within Python. Applications that use ctypes without carefully validating the input passed to it may be vulnerable to this flaw, which would allow an attacker to overflow a buffer on the stack and crash the application. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw could have had a higher Impact, however our packages are compiled with FORTIFY_SOURCE, which provides runtime protection to some memory and string functions and prevents this flaw from actually overwriting the buffer and potentially executing code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3177"
},
{
"category": "external",
"summary": "RHBZ#1918168",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1918168"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3177"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3177",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3177"
}
],
"release_date": "2021-01-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3252"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c"
},
{
"cve": "CVE-2021-20095",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2021-04-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1955615"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in python-babel. A path traversal vulnerability was found in how locale data files are checked and loaded within python-babel, allowing a local attacker to trick an application that uses python-babel to load a file outside of the intended locale directory. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "It is rather uncommon for applications to use Babel.Locale() with an untrusted attacker-controlled language argument. A static language abbreviation string (e.g. \"en\") is most commonly used instead. For this reason, this flaw has been rated as having a security impact of Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-20095"
},
{
"category": "external",
"summary": "RHBZ#1955615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1955615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-20095",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20095"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20095",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20095"
},
{
"category": "external",
"summary": "https://www.tenable.com/security/research/tra-2021-14",
"url": "https://www.tenable.com/security/research/tra-2021-14"
}
],
"release_date": "2021-04-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3252"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code"
},
{
"cve": "CVE-2021-20270",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2021-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1922136"
}
],
"notes": [
{
"category": "description",
"text": "An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the \"exception\" keyword.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-pygments: Infinite loop in SML lexer may lead to DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform 3.11, the vulnerable version of python-pygments is embedded in the google-cloud-sdk package, which is shipped in the openshift-ansible container (aos3-installation-container). As the access to the openshift-ansible container is restricted only to cluster administrators, this component is affected but with a Low impact. The google-cloud-sdk package was shipped in OpenShift Container Platform 4.1, which is End of Life.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-20270"
},
{
"category": "external",
"summary": "RHBZ#1922136",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922136"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-20270",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20270"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20270",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20270"
}
],
"release_date": "2020-12-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3252"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-pygments: Infinite loop in SML lexer may lead to DoS"
},
{
"cve": "CVE-2021-23336",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-02-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1928904"
}
],
"notes": [
{
"category": "description",
"text": "The package python/cpython is vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The python36 component in the python36:3.6 module in Red Hat Enterprise Linux 8 is listed as not affected, as it does not contain Python interpreter or libraries. Packages of the python36 component only provide convenient links to the Python interpreter included in the non-modular python3 component\u0027s platform-python packages. Users of python36:3.6 module also need to check the entry for the python3 component to determine if their systems are affected.\n\nRed Hat Ceph Storage (RHCS) 3 ships an older version of python-django without the directly affected function, but which is still vulnerable to a similar attack involving the semi colon separator. Hence, impact has been rated as Low.\n\nAlthough Red Hat OpenStack Platform 13 \u0026 16.1 both ship the affected code, since the proxy is controlled and configured by OpenStack, the impact has been lowered to Low. As a fix would require a substantial effort or commitment of time, no fix will be provided at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-23336"
},
{
"category": "external",
"summary": "RHBZ#1928904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928904"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-23336",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23336"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23336",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23336"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933",
"url": "https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933"
}
],
"release_date": "2021-02-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3252"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters"
},
{
"cve": "CVE-2021-27291",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-03-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1940603"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service attack was discovered against pygments. Some of the regular expressions used to tokenise source code for highlighting have exponential complexity. A specially crafted input file could cause pygments to take effectively infinite time to parse, consuming CPU resources and denying access to the service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-pygments: ReDoS in multiple lexers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-27291"
},
{
"category": "external",
"summary": "RHBZ#1940603",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1940603"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-27291",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27291"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-27291",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27291"
}
],
"release_date": "2021-01-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3252"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-pygments: ReDoS in multiple lexers"
},
{
"cve": "CVE-2021-42771",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2021-04-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1955615"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in python-babel. A path traversal vulnerability was found in how locale data files are checked and loaded within python-babel, allowing a local attacker to trick an application that uses python-babel to load a file outside of the intended locale directory. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "It is rather uncommon for applications to use Babel.Locale() with an untrusted attacker-controlled language argument. A static language abbreviation string (e.g. \"en\") is most commonly used instead. For this reason, this flaw has been rated as having a security impact of Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-42771"
},
{
"category": "external",
"summary": "RHBZ#1955615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1955615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-42771",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42771"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-42771",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42771"
},
{
"category": "external",
"summary": "https://www.tenable.com/security/research/tra-2021-14",
"url": "https://www.tenable.com/security/research/tra-2021-14"
}
],
"release_date": "2021-04-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3252"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code"
}
]
}
Loading...