Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
- Snyk ID SNYK-DEBIAN9-PYTHON27-306461
- published 17 Nov 2017
- disclosed 17 Nov 2017
How to fix?
python2.7 to version 2.7.13-2+deb9u2 or higher.
Note: Versions mentioned in the description apply only to the upstream
python2.7 package and not the
python2.7 package as distributed by
How to fix? for
Debian:9 relevant fixed versions and status.
CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)