Python Software Foundation

python_software_foundation

3 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2008-4108 1Python Software Foundation 1Python Apr 23, 2026 Sep 18, 2008 N/A· v4 N/A· v3 7.2 HIGH· v2 Tools/faqwiz/move-faqwiz.sh (aka the generic FAQ wizard moving tool) in Python 2.4.5 might allow local users to overwrite arbitrary files via a symlink attack on a tmp$RANDOM.tmp temporary file. NOTE: there may not be c...Show more Tools/faqwiz/move-faqwiz.sh (aka the generic FAQ wizard moving tool) in Python 2.4.5 might allow local users to overwrite arbitrary files via a symlink attack on a tmp$RANDOM.tmp temporary file. NOTE: there may not be common usage scenarios in which tmp$RANDOM.tmp is located in an untrusted directory.Show less
CVE-2008-0299 1Python Software Foundation 1Paramiko Apr 23, 2026 Jan 16, 2008 N/A· v4 N/A· v3 4.3 MEDIUM· v2 common.py in Paramiko 1.7.1 and earlier, when using threads or forked processes, does not properly use RandomPool, which allows one session to obtain sensitive information from another session by predicting the state of...Show more common.py in Paramiko 1.7.1 and earlier, when using threads or forked processes, does not properly use RandomPool, which allows one session to obtain sensitive information from another session by predicting the state of the pool.Show less
CVE-2007-1657 1Python Software Foundation 1Python Apr 23, 2026 Mar 24, 2007 N/A· v4 N/A· v3 7.5 HIGH· v2 Stack-based buffer overflow in the file_compress function in minigzip (Modules/zlib) in Python 2.5 allows context-dependent attackers to execute arbitrary code via a long file argument.