rhsa-2021_3252
Vulnerability from csaf_redhat
Published
2021-08-24 13:06
Modified
2024-11-05 23:52
Summary
Red Hat Security Advisory: python27 security update
Notes
Topic
An update for python27-babel, python27-python, python27-python-jinja2, and python27-python-pygments is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
Security Fix(es):
* python: Unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)
* python-jinja2: ReDoS vulnerability due to the sub-pattern (CVE-2020-28493)
* python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c (CVE-2021-3177)
* python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-20095)
* python-pygments: Infinite loop in SML lexer may lead to DoS (CVE-2021-20270)
* python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (CVE-2021-23336)
* python-pygments: ReDoS via crafted malicious input (CVE-2021-27291)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional information
* Changes in the default separator for the Python urllib parsing functions
To mitigate the Web Cache Poisoning CVE-2021-23336 in the Python urllib library, the default separator for the urllib.parse.parse_qsl and urllib.parse.parse_qs functions is being changed from both ampersand (&) and semicolon (;) to only an ampersand.
The change of the default separator is potentially backwards incompatible, therefore Red Hat provides a way to configure the behavior in Python packages where the default separator has been changed. In addition, the affected urllib parsing functions issue a warning if they detect that a customer’s application has been affected by the change.
For more information, see the Knowledgebase article "Mitigation of Web Cache Poisoning in the Python urllib library (CVE-2021-23336)" linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for python27-babel, python27-python, python27-python-jinja2, and python27-python-pygments is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* python: Unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)\n\n* python-jinja2: ReDoS vulnerability due to the sub-pattern (CVE-2020-28493)\n\n* python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c (CVE-2021-3177)\n\n* python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-20095)\n\n* python-pygments: Infinite loop in SML lexer may lead to DoS (CVE-2021-20270)\n\n* python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (CVE-2021-23336)\n\n* python-pygments: ReDoS via crafted malicious input (CVE-2021-27291)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional information\n\n* Changes in the default separator for the Python urllib parsing functions\n\nTo mitigate the Web Cache Poisoning CVE-2021-23336 in the Python urllib library, the default separator for the urllib.parse.parse_qsl and urllib.parse.parse_qs functions is being changed from both ampersand (\u0026) and semicolon (;) to only an ampersand.\n\nThe change of the default separator is potentially backwards incompatible, therefore Red Hat provides a way to configure the behavior in Python packages where the default separator has been changed. In addition, the affected urllib parsing functions issue a warning if they detect that a customer\u2019s application has been affected by the change.\n\nFor more information, see the Knowledgebase article \"Mitigation of Web Cache Poisoning in the Python urllib library (CVE-2021-23336)\" linked from the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:3252", "url": "https://access.redhat.com/errata/RHSA-2021:3252" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/articles/5860431", "url": "https://access.redhat.com/articles/5860431" }, { "category": "external", "summary": "1889886", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1889886" }, { "category": "external", "summary": "1918168", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1918168" }, { "category": "external", "summary": "1922136", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922136" }, { "category": "external", "summary": "1928707", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928707" }, { "category": "external", "summary": "1928904", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928904" }, { "category": "external", "summary": "1940603", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1940603" }, { "category": "external", "summary": "1955615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1955615" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_3252.json" } ], "title": "Red Hat Security Advisory: python27 security update", "tracking": { "current_release_date": "2024-11-05T23:52:28+00:00", "generator": { "date": "2024-11-05T23:52:28+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2021:3252", "initial_release_date": "2021-08-24T13:06:56+00:00", "revision_history": [ { "date": "2021-08-24T13:06:56+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-08-24T13:06:56+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T23:52:28+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product": { "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7" } } }, { "category": "product_name", "name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product": { "name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7" } } }, { "category": "product_name", "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product": { "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7" } } } ], "category": "product_family", "name": "Red Hat Software Collections" }, { "branches": [ { "category": "product_version", "name": "python27-python-pygments-0:1.5-5.el7.src", "product": { "name": "python27-python-pygments-0:1.5-5.el7.src", "product_id": "python27-python-pygments-0:1.5-5.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python27-python-pygments@1.5-5.el7?arch=src" } } }, { "category": "product_version", "name": "python27-python-0:2.7.18-3.el7.src", "product": { "name": "python27-python-0:2.7.18-3.el7.src", "product_id": "python27-python-0:2.7.18-3.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python27-python@2.7.18-3.el7?arch=src" } } }, { "category": "product_version", "name": "python27-python-jinja2-0:2.6-16.el7.src", "product": { "name": "python27-python-jinja2-0:2.6-16.el7.src", "product_id": "python27-python-jinja2-0:2.6-16.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python27-python-jinja2@2.6-16.el7?arch=src" } } }, { "category": "product_version", "name": "python27-babel-0:0.9.6-10.el7.src", "product": { "name": "python27-babel-0:0.9.6-10.el7.src", "product_id": "python27-babel-0:0.9.6-10.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python27-babel@0.9.6-10.el7?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "python27-python-pygments-0:1.5-5.el7.noarch", "product": { "name": "python27-python-pygments-0:1.5-5.el7.noarch", "product_id": "python27-python-pygments-0:1.5-5.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python27-python-pygments@1.5-5.el7?arch=noarch" } } }, { "category": "product_version", "name": "python27-python-jinja2-0:2.6-16.el7.noarch", "product": { "name": "python27-python-jinja2-0:2.6-16.el7.noarch", "product_id": "python27-python-jinja2-0:2.6-16.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python27-python-jinja2@2.6-16.el7?arch=noarch" } } }, { "category": "product_version", "name": "python27-babel-0:0.9.6-10.el7.noarch", "product": { "name": "python27-babel-0:0.9.6-10.el7.noarch", "product_id": "python27-babel-0:0.9.6-10.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python27-babel@0.9.6-10.el7?arch=noarch" } } }, { "category": "product_version", "name": "python27-python-babel-0:0.9.6-10.el7.noarch", "product": { "name": "python27-python-babel-0:0.9.6-10.el7.noarch", "product_id": "python27-python-babel-0:0.9.6-10.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python27-python-babel@0.9.6-10.el7?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "python27-python-0:2.7.18-3.el7.x86_64", "product": { "name": "python27-python-0:2.7.18-3.el7.x86_64", "product_id": "python27-python-0:2.7.18-3.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python27-python@2.7.18-3.el7?arch=x86_64" } } }, { "category": "product_version", "name": "python27-python-debug-0:2.7.18-3.el7.x86_64", "product": { "name": "python27-python-debug-0:2.7.18-3.el7.x86_64", "product_id": "python27-python-debug-0:2.7.18-3.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python27-python-debug@2.7.18-3.el7?arch=x86_64" } } }, { "category": "product_version", "name": "python27-python-devel-0:2.7.18-3.el7.x86_64", "product": { "name": "python27-python-devel-0:2.7.18-3.el7.x86_64", "product_id": "python27-python-devel-0:2.7.18-3.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python27-python-devel@2.7.18-3.el7?arch=x86_64" } } }, { "category": "product_version", "name": "python27-python-libs-0:2.7.18-3.el7.x86_64", "product": { "name": "python27-python-libs-0:2.7.18-3.el7.x86_64", "product_id": "python27-python-libs-0:2.7.18-3.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python27-python-libs@2.7.18-3.el7?arch=x86_64" } } }, { "category": "product_version", "name": "python27-python-test-0:2.7.18-3.el7.x86_64", "product": { "name": "python27-python-test-0:2.7.18-3.el7.x86_64", "product_id": "python27-python-test-0:2.7.18-3.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python27-python-test@2.7.18-3.el7?arch=x86_64" } } }, { "category": "product_version", "name": "python27-python-tools-0:2.7.18-3.el7.x86_64", "product": { "name": "python27-python-tools-0:2.7.18-3.el7.x86_64", "product_id": "python27-python-tools-0:2.7.18-3.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python27-python-tools@2.7.18-3.el7?arch=x86_64" } } }, { "category": "product_version", "name": "python27-tkinter-0:2.7.18-3.el7.x86_64", "product": { "name": "python27-tkinter-0:2.7.18-3.el7.x86_64", "product_id": "python27-tkinter-0:2.7.18-3.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python27-tkinter@2.7.18-3.el7?arch=x86_64" } } }, { "category": "product_version", "name": "python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "product": { "name": "python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "product_id": "python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python27-python-debuginfo@2.7.18-3.el7?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "python27-python-0:2.7.18-3.el7.s390x", "product": { "name": "python27-python-0:2.7.18-3.el7.s390x", "product_id": "python27-python-0:2.7.18-3.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python27-python@2.7.18-3.el7?arch=s390x" } } }, { "category": "product_version", "name": "python27-python-debug-0:2.7.18-3.el7.s390x", "product": { "name": "python27-python-debug-0:2.7.18-3.el7.s390x", "product_id": "python27-python-debug-0:2.7.18-3.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python27-python-debug@2.7.18-3.el7?arch=s390x" } } }, { "category": "product_version", "name": "python27-python-devel-0:2.7.18-3.el7.s390x", "product": { "name": "python27-python-devel-0:2.7.18-3.el7.s390x", "product_id": "python27-python-devel-0:2.7.18-3.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python27-python-devel@2.7.18-3.el7?arch=s390x" } } }, { "category": "product_version", "name": "python27-python-libs-0:2.7.18-3.el7.s390x", "product": { "name": "python27-python-libs-0:2.7.18-3.el7.s390x", "product_id": "python27-python-libs-0:2.7.18-3.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python27-python-libs@2.7.18-3.el7?arch=s390x" } } }, { "category": "product_version", "name": "python27-python-test-0:2.7.18-3.el7.s390x", "product": { "name": "python27-python-test-0:2.7.18-3.el7.s390x", "product_id": "python27-python-test-0:2.7.18-3.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python27-python-test@2.7.18-3.el7?arch=s390x" } } }, { "category": "product_version", "name": "python27-python-tools-0:2.7.18-3.el7.s390x", "product": { "name": "python27-python-tools-0:2.7.18-3.el7.s390x", "product_id": "python27-python-tools-0:2.7.18-3.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python27-python-tools@2.7.18-3.el7?arch=s390x" } } }, { "category": "product_version", "name": "python27-tkinter-0:2.7.18-3.el7.s390x", "product": { "name": "python27-tkinter-0:2.7.18-3.el7.s390x", "product_id": "python27-tkinter-0:2.7.18-3.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python27-tkinter@2.7.18-3.el7?arch=s390x" } } }, { "category": "product_version", "name": "python27-python-debuginfo-0:2.7.18-3.el7.s390x", "product": { "name": "python27-python-debuginfo-0:2.7.18-3.el7.s390x", "product_id": "python27-python-debuginfo-0:2.7.18-3.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python27-python-debuginfo@2.7.18-3.el7?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "python27-python-0:2.7.18-3.el7.ppc64le", "product": { "name": "python27-python-0:2.7.18-3.el7.ppc64le", "product_id": "python27-python-0:2.7.18-3.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python27-python@2.7.18-3.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "python27-python-debug-0:2.7.18-3.el7.ppc64le", "product": { "name": "python27-python-debug-0:2.7.18-3.el7.ppc64le", "product_id": "python27-python-debug-0:2.7.18-3.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python27-python-debug@2.7.18-3.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "python27-python-devel-0:2.7.18-3.el7.ppc64le", "product": { "name": "python27-python-devel-0:2.7.18-3.el7.ppc64le", "product_id": "python27-python-devel-0:2.7.18-3.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python27-python-devel@2.7.18-3.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "python27-python-libs-0:2.7.18-3.el7.ppc64le", "product": { "name": "python27-python-libs-0:2.7.18-3.el7.ppc64le", "product_id": "python27-python-libs-0:2.7.18-3.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python27-python-libs@2.7.18-3.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "python27-python-test-0:2.7.18-3.el7.ppc64le", "product": { "name": "python27-python-test-0:2.7.18-3.el7.ppc64le", "product_id": "python27-python-test-0:2.7.18-3.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python27-python-test@2.7.18-3.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "python27-python-tools-0:2.7.18-3.el7.ppc64le", "product": { "name": "python27-python-tools-0:2.7.18-3.el7.ppc64le", "product_id": "python27-python-tools-0:2.7.18-3.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python27-python-tools@2.7.18-3.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "python27-tkinter-0:2.7.18-3.el7.ppc64le", "product": { "name": "python27-tkinter-0:2.7.18-3.el7.ppc64le", "product_id": "python27-tkinter-0:2.7.18-3.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python27-tkinter@2.7.18-3.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "product": { "name": "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "product_id": "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python27-python-debuginfo@2.7.18-3.el7?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "python27-babel-0:0.9.6-10.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch" }, "product_reference": "python27-babel-0:0.9.6-10.el7.noarch", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python27-babel-0:0.9.6-10.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src" }, "product_reference": "python27-babel-0:0.9.6-10.el7.src", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le" }, "product_reference": "python27-python-0:2.7.18-3.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x" }, "product_reference": "python27-python-0:2.7.18-3.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-0:2.7.18-3.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src" }, "product_reference": "python27-python-0:2.7.18-3.el7.src", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64" }, "product_reference": "python27-python-0:2.7.18-3.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-babel-0:0.9.6-10.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch" }, "product_reference": "python27-python-babel-0:0.9.6-10.el7.noarch", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-debug-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le" }, "product_reference": "python27-python-debug-0:2.7.18-3.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-debug-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x" }, "product_reference": "python27-python-debug-0:2.7.18-3.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-debug-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64" }, "product_reference": "python27-python-debug-0:2.7.18-3.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le" }, "product_reference": "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-debuginfo-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x" }, "product_reference": "python27-python-debuginfo-0:2.7.18-3.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-debuginfo-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64" }, "product_reference": "python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-devel-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le" }, "product_reference": "python27-python-devel-0:2.7.18-3.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-devel-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x" }, "product_reference": "python27-python-devel-0:2.7.18-3.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-devel-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64" }, "product_reference": "python27-python-devel-0:2.7.18-3.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-jinja2-0:2.6-16.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch" }, "product_reference": "python27-python-jinja2-0:2.6-16.el7.noarch", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-jinja2-0:2.6-16.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src" }, "product_reference": "python27-python-jinja2-0:2.6-16.el7.src", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-libs-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le" }, "product_reference": "python27-python-libs-0:2.7.18-3.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-libs-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x" }, "product_reference": "python27-python-libs-0:2.7.18-3.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-libs-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64" }, "product_reference": "python27-python-libs-0:2.7.18-3.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-pygments-0:1.5-5.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch" }, "product_reference": "python27-python-pygments-0:1.5-5.el7.noarch", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-pygments-0:1.5-5.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src" }, "product_reference": "python27-python-pygments-0:1.5-5.el7.src", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-test-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le" }, "product_reference": "python27-python-test-0:2.7.18-3.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-test-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x" }, "product_reference": "python27-python-test-0:2.7.18-3.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-test-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64" }, "product_reference": "python27-python-test-0:2.7.18-3.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-tools-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le" }, "product_reference": "python27-python-tools-0:2.7.18-3.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-tools-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x" }, "product_reference": "python27-python-tools-0:2.7.18-3.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-tools-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64" }, "product_reference": "python27-python-tools-0:2.7.18-3.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python27-tkinter-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le" }, "product_reference": "python27-tkinter-0:2.7.18-3.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python27-tkinter-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x" }, "product_reference": "python27-tkinter-0:2.7.18-3.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python27-tkinter-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64" }, "product_reference": "python27-tkinter-0:2.7.18-3.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "python27-babel-0:0.9.6-10.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch" }, "product_reference": "python27-babel-0:0.9.6-10.el7.noarch", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-babel-0:0.9.6-10.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src" }, "product_reference": "python27-babel-0:0.9.6-10.el7.src", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le" }, "product_reference": "python27-python-0:2.7.18-3.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x" }, "product_reference": "python27-python-0:2.7.18-3.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-0:2.7.18-3.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src" }, "product_reference": "python27-python-0:2.7.18-3.el7.src", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64" }, "product_reference": "python27-python-0:2.7.18-3.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-babel-0:0.9.6-10.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch" }, "product_reference": "python27-python-babel-0:0.9.6-10.el7.noarch", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-debug-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le" }, "product_reference": "python27-python-debug-0:2.7.18-3.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-debug-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x" }, "product_reference": "python27-python-debug-0:2.7.18-3.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-debug-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64" }, "product_reference": "python27-python-debug-0:2.7.18-3.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le" }, "product_reference": "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-debuginfo-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x" }, "product_reference": "python27-python-debuginfo-0:2.7.18-3.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-debuginfo-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64" }, "product_reference": "python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-devel-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le" }, "product_reference": "python27-python-devel-0:2.7.18-3.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-devel-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x" }, "product_reference": "python27-python-devel-0:2.7.18-3.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-devel-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64" }, "product_reference": "python27-python-devel-0:2.7.18-3.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-jinja2-0:2.6-16.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch" }, "product_reference": "python27-python-jinja2-0:2.6-16.el7.noarch", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-jinja2-0:2.6-16.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src" }, "product_reference": "python27-python-jinja2-0:2.6-16.el7.src", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-libs-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le" }, "product_reference": "python27-python-libs-0:2.7.18-3.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-libs-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x" }, "product_reference": "python27-python-libs-0:2.7.18-3.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-libs-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64" }, "product_reference": "python27-python-libs-0:2.7.18-3.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-pygments-0:1.5-5.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch" }, "product_reference": "python27-python-pygments-0:1.5-5.el7.noarch", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-pygments-0:1.5-5.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src" }, "product_reference": "python27-python-pygments-0:1.5-5.el7.src", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-test-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le" }, "product_reference": "python27-python-test-0:2.7.18-3.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-test-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x" }, "product_reference": "python27-python-test-0:2.7.18-3.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-test-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64" }, "product_reference": "python27-python-test-0:2.7.18-3.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-tools-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le" }, "product_reference": "python27-python-tools-0:2.7.18-3.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-tools-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x" }, "product_reference": "python27-python-tools-0:2.7.18-3.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-tools-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64" }, "product_reference": "python27-python-tools-0:2.7.18-3.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-tkinter-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le" }, "product_reference": "python27-tkinter-0:2.7.18-3.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-tkinter-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x" }, "product_reference": "python27-tkinter-0:2.7.18-3.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-tkinter-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64" }, "product_reference": "python27-tkinter-0:2.7.18-3.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-babel-0:0.9.6-10.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch" }, "product_reference": "python27-babel-0:0.9.6-10.el7.noarch", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-babel-0:0.9.6-10.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src" }, "product_reference": "python27-babel-0:0.9.6-10.el7.src", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le" }, "product_reference": "python27-python-0:2.7.18-3.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x" }, "product_reference": "python27-python-0:2.7.18-3.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-0:2.7.18-3.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src" }, "product_reference": "python27-python-0:2.7.18-3.el7.src", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64" }, "product_reference": "python27-python-0:2.7.18-3.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-babel-0:0.9.6-10.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch" }, "product_reference": "python27-python-babel-0:0.9.6-10.el7.noarch", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-debug-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le" }, "product_reference": "python27-python-debug-0:2.7.18-3.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-debug-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x" }, "product_reference": "python27-python-debug-0:2.7.18-3.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-debug-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64" }, "product_reference": "python27-python-debug-0:2.7.18-3.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le" }, "product_reference": "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-debuginfo-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x" }, "product_reference": "python27-python-debuginfo-0:2.7.18-3.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-debuginfo-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64" }, "product_reference": "python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-devel-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le" }, "product_reference": "python27-python-devel-0:2.7.18-3.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-devel-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x" }, "product_reference": "python27-python-devel-0:2.7.18-3.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-devel-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64" }, "product_reference": "python27-python-devel-0:2.7.18-3.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-jinja2-0:2.6-16.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch" }, "product_reference": "python27-python-jinja2-0:2.6-16.el7.noarch", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-jinja2-0:2.6-16.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src" }, "product_reference": "python27-python-jinja2-0:2.6-16.el7.src", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-libs-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le" }, "product_reference": "python27-python-libs-0:2.7.18-3.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-libs-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x" }, "product_reference": "python27-python-libs-0:2.7.18-3.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-libs-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64" }, "product_reference": "python27-python-libs-0:2.7.18-3.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-pygments-0:1.5-5.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch" }, "product_reference": "python27-python-pygments-0:1.5-5.el7.noarch", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-pygments-0:1.5-5.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src" }, "product_reference": "python27-python-pygments-0:1.5-5.el7.src", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-test-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le" }, "product_reference": "python27-python-test-0:2.7.18-3.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-test-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x" }, "product_reference": "python27-python-test-0:2.7.18-3.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-test-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64" }, "product_reference": "python27-python-test-0:2.7.18-3.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-tools-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le" }, "product_reference": "python27-python-tools-0:2.7.18-3.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-tools-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x" }, "product_reference": "python27-python-tools-0:2.7.18-3.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-python-tools-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64" }, "product_reference": "python27-python-tools-0:2.7.18-3.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-tkinter-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le" }, "product_reference": "python27-tkinter-0:2.7.18-3.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-tkinter-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x" }, "product_reference": "python27-tkinter-0:2.7.18-3.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "python27-tkinter-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64" }, "product_reference": "python27-tkinter-0:2.7.18-3.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.7" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-27619", "cwe": { "id": "CWE-95", "name": "Improper Neutralization of Directives in Dynamically Evaluated Code (\u0027Eval Injection\u0027)" }, "discovery_date": "2020-10-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1889886" } ], "notes": [ { "category": "description", "text": "In Python3\u0027s Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP.", "title": "Vulnerability description" }, { "category": "summary", "text": "python: Unsafe use of eval() on data retrieved via HTTP in the test suite", "title": "Vulnerability summary" }, { "category": "other", "text": "As of Red Hat Quay 3.4 the python runtime will be consumed from RHEL. Currently releases up to 3.3 won\u0027t get fixes for this moderate issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-27619" }, { "category": "external", "summary": "RHBZ#1889886", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1889886" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-27619", "url": "https://www.cve.org/CVERecord?id=CVE-2020-27619" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27619", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27619" } ], "release_date": "2020-10-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-24T13:06:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3252" }, { "category": "workaround", "details": "In versions of Python shipped with Red Hat Enterprise Linux and Red Hat Software Collections, the flaw can be mitigated by not running the python tests with network resources enabled. By default, the tests are not run with network resources enabled. Ensure that `-u network` or `-uall` are not passed as options to `python -m test`. For more information on how these commands work, see [1].\n\n1. https://docs.python.org/3/library/test.html", "product_ids": [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "python: Unsafe use of eval() on data retrieved via HTTP in the test suite" }, { "cve": "CVE-2020-28493", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-02-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1928707" } ], "notes": [ { "category": "description", "text": "A flaw was found in python-jinja2. The ReDOS vulnerability of the regex is mainly due to the sub-pattern [a-zA-Z0-9._-]+.[a-zA-Z0-9._-]+. This issue can be mitigated by Markdown to format user content instead of the urlize filter, or by implementing request timeouts and limiting process memory.", "title": "Vulnerability description" }, { "category": "summary", "text": "python-jinja2: ReDoS vulnerability in the urlize filter", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw is out of support scope for the following products:\n\n* Red Hat Enterprise Linux 6\n* Red Hat Enterprise Linux 7\n* Red Hat Ceph Storage 2\n\nTo learn more about Red Hat Enterprise Linux support scopes, please see https://access.redhat.com/support/policy/updates/errata/\n\nIn Red Hat OpenStack Platform, because python-jinja2 is not directly customer exposed, the Impact has been moved to Low and no updated will be provided at this time for the RHOSP python-jinja2 package.\n\nRed Hat Quay does not make use of the vulnerable function, so the impact is Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-28493" }, { "category": "external", "summary": "RHBZ#1928707", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928707" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-28493", "url": "https://www.cve.org/CVERecord?id=CVE-2020-28493" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28493", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28493" } ], "release_date": "2021-02-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-24T13:06:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3252" }, { "category": "workaround", "details": "If using the jinja2 library as a developer, this flaw can be mitigated by not using the vulnerable urlize() filter, and instead, using Markdown to format user content.", "product_ids": [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "python-jinja2: ReDoS vulnerability in the urlize filter" }, { "cve": "CVE-2021-3177", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2021-01-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1918168" } ], "notes": [ { "category": "description", "text": "A flaw was found in python. A stack-based buffer overflow was discovered in the ctypes module provided within Python. Applications that use ctypes without carefully validating the input passed to it may be vulnerable to this flaw, which would allow an attacker to overflow a buffer on the stack and crash the application. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw could have had a higher Impact, however our packages are compiled with FORTIFY_SOURCE, which provides runtime protection to some memory and string functions and prevents this flaw from actually overwriting the buffer and potentially executing code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-3177" }, { "category": "external", "summary": "RHBZ#1918168", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1918168" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3177", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3177" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3177", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3177" } ], "release_date": "2021-01-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-24T13:06:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3252" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c" }, { "cve": "CVE-2021-20095", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2021-04-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1955615" } ], "notes": [ { "category": "description", "text": "A flaw was found in python-babel. A path traversal vulnerability was found in how locale data files are checked and loaded within python-babel, allowing a local attacker to trick an application that uses python-babel to load a file outside of the intended locale directory. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code", "title": "Vulnerability summary" }, { "category": "other", "text": "It is rather uncommon for applications to use Babel.Locale() with an untrusted attacker-controlled language argument. A static language abbreviation string (e.g. \"en\") is most commonly used instead. For this reason, this flaw has been rated as having a security impact of Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-20095" }, { "category": "external", "summary": "RHBZ#1955615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1955615" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-20095", "url": "https://www.cve.org/CVERecord?id=CVE-2021-20095" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20095", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20095" }, { "category": "external", "summary": "https://www.tenable.com/security/research/tra-2021-14", "url": "https://www.tenable.com/security/research/tra-2021-14" } ], "release_date": "2021-04-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-24T13:06:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3252" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code" }, { "cve": "CVE-2021-20270", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "discovery_date": "2021-01-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1922136" } ], "notes": [ { "category": "description", "text": "An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the \"exception\" keyword.", "title": "Vulnerability description" }, { "category": "summary", "text": "python-pygments: Infinite loop in SML lexer may lead to DoS", "title": "Vulnerability summary" }, { "category": "other", "text": "In OpenShift Container Platform 3.11, the vulnerable version of python-pygments is embedded in the google-cloud-sdk package, which is shipped in the openshift-ansible container (aos3-installation-container). As the access to the openshift-ansible container is restricted only to cluster administrators, this component is affected but with a Low impact. The google-cloud-sdk package was shipped in OpenShift Container Platform 4.1, which is End of Life.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-20270" }, { "category": "external", "summary": "RHBZ#1922136", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922136" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-20270", "url": "https://www.cve.org/CVERecord?id=CVE-2021-20270" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20270", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20270" } ], "release_date": "2020-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-24T13:06:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3252" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "python-pygments: Infinite loop in SML lexer may lead to DoS" }, { "cve": "CVE-2021-23336", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2021-02-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1928904" } ], "notes": [ { "category": "description", "text": "The package python/cpython is vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter.", "title": "Vulnerability description" }, { "category": "summary", "text": "python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters", "title": "Vulnerability summary" }, { "category": "other", "text": "The python36 component in the python36:3.6 module in Red Hat Enterprise Linux 8 is listed as not affected, as it does not contain Python interpreter or libraries. Packages of the python36 component only provide convenient links to the Python interpreter included in the non-modular python3 component\u0027s platform-python packages. Users of python36:3.6 module also need to check the entry for the python3 component to determine if their systems are affected.\n\nRed Hat Ceph Storage (RHCS) 3 ships an older version of python-django without the directly affected function, but which is still vulnerable to a similar attack involving the semi colon separator. Hence, impact has been rated as Low.\n\nAlthough Red Hat OpenStack Platform 13 \u0026 16.1 both ship the affected code, since the proxy is controlled and configured by OpenStack, the impact has been lowered to Low. As a fix would require a substantial effort or commitment of time, no fix will be provided at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-23336" }, { "category": "external", "summary": "RHBZ#1928904", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928904" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-23336", "url": "https://www.cve.org/CVERecord?id=CVE-2021-23336" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23336", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23336" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933", "url": "https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933" } ], "release_date": "2021-02-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-24T13:06:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3252" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H", "version": "3.1" }, "products": [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters" }, { "cve": "CVE-2021-27291", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-03-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1940603" } ], "notes": [ { "category": "description", "text": "A denial of service attack was discovered against pygments. Some of the regular expressions used to tokenise source code for highlighting have exponential complexity. A specially crafted input file could cause pygments to take effectively infinite time to parse, consuming CPU resources and denying access to the service.", "title": "Vulnerability description" }, { "category": "summary", "text": "python-pygments: ReDoS in multiple lexers", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-27291" }, { "category": "external", "summary": "RHBZ#1940603", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1940603" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-27291", "url": "https://www.cve.org/CVERecord?id=CVE-2021-27291" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-27291", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27291" } ], "release_date": "2021-01-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-24T13:06:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3252" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "python-pygments: ReDoS in multiple lexers" }, { "cve": "CVE-2021-42771", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2021-04-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1955615" } ], "notes": [ { "category": "description", "text": "A flaw was found in python-babel. A path traversal vulnerability was found in how locale data files are checked and loaded within python-babel, allowing a local attacker to trick an application that uses python-babel to load a file outside of the intended locale directory. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code", "title": "Vulnerability summary" }, { "category": "other", "text": "It is rather uncommon for applications to use Babel.Locale() with an untrusted attacker-controlled language argument. A static language abbreviation string (e.g. \"en\") is most commonly used instead. For this reason, this flaw has been rated as having a security impact of Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-42771" }, { "category": "external", "summary": "RHBZ#1955615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1955615" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-42771", "url": "https://www.cve.org/CVERecord?id=CVE-2021-42771" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-42771", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42771" }, { "category": "external", "summary": "https://www.tenable.com/security/research/tra-2021-14", "url": "https://www.tenable.com/security/research/tra-2021-14" } ], "release_date": "2021-04-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-24T13:06:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3252" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src", "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch", "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x", "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code" } ] }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.