CRITICAL 9.8
CVE-2017-1000158
EN CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)
CVSS v3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
3.6%
percentile 87.9%
Apps suivies affectées
Configurations CPE vulnérables
| Vendor | Produit | Plateforme | Versions | CPE 2.3 URI |
|---|---|---|---|---|
| python | python | Windows | <2.7.15 | cpe:2.3:a:python:python:*:*:*:*:*:*:*:* |
| python | python | Windows | ≥3.4.0 <3.4.8 | cpe:2.3:a:python:python:*:*:*:*:*:*:*:* |
| python | python | Windows | ≥3.5.0 <3.5.5 | cpe:2.3:a:python:python:*:*:*:*:*:*:*:* |