CVE-2015-20107 — Command Injection in Python

CWE-77 — Command Injection CWE-20 — Improper Input Validation12 documents8 sources

Severity

7.6HIGHNVD

EPSS

0.9%

top 24.24%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Python Debian Pypy3 Debian Python2.7 +5 more

Timeline

PublishedApr 13

Latest updateJul 11

Description

In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:LExploitability: 2.8 | Impact: 4.7

Affected Packages7 packages

▶NVDpython/python3.10.0 — 3.10.8+3

▶debiandebian/python2.7< pypy3 7.3.11+dfsg-1 (bookworm)

▶debiandebian/python3.9< pypy3 7.3.11+dfsg-1 (bookworm)

▶msrcmsrc/cm1_python3_3.7.13-4_on_cbl_mariner_1.0

▶msrcmsrc/cbl2_python3_3.9.13-5_on_cbl_mariner_2.0

Also affects: Fedora 35, 36, 37

Patches

Patch: python-security.readthedocs.io ↗Patch: python-security.readthedocs.io ↗

🔴Vulnerability Details

OSV

python3.5, python3.6, python3.7, python3.8, python3.9, python3.10, python3.11, python3.12 vulnerabilities↗2024-07-11

▶

OSV

python3.9 vulnerabilities↗2023-02-27

▶

GHSA

GHSA-wvcr-2gc8-63gg: In Python (aka CPython) through 3↗2022-04-14

▶

OSV

CVE-2015-20107: In Python (aka CPython) up to 3↗2022-04-13

▶

📋Vendor Advisories

Ubuntu

Python vulnerabilities↗2024-07-11

▶

CISA ICS

Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1↗2023-12-14

▶

Ubuntu

Python vulnerabilities↗2023-02-27

▶

Ubuntu

Python vulnerability↗2022-07-14

▶

Microsoft

In Python (aka CPython) up to 3.10.8 the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into appli↗2022-04-12

▶