WEB APPLICATION VULNERABILITIES Standard & Premium

Python CVE-2020-27619 Vulnerability (CVE-2020-27619)

Description

In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP.

Remediation

References

Related Vulnerabilities

WordPress Plugin PICA Photo Gallery 'picaPhotosResize.php' Arbitrary File Upload (1.0)

Undertow Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-7816)

WordPress Plugin WPBakery Page Builder Cross-Site Scripting (6.4.0)

WordPress Plugin Fancy Comments WordPress Cross-Site Scripting (1.2.10)

WordPress Plugin Mingle Forum 'edit_post_id' Parameter SQL Injection (1.0.31)

Severity

Critical

Classification

CVE-2020-27619 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities