Debian Pypy3 vulnerabilities

CVE-2023-27043 [MEDIUM] CVE-2023-27043: pypy3 - The email module of Python through 3.11.3 incorrectly parses e-mail addresses th... The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g.

CVE-2023-40217 [MEDIUM] CVE-2023-40217: pypy3 - An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x bef... An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly, there is a brief window where the SSLSocket instance wi

CVE-2022-37454 [CRITICAL] CVE-2022-37454: php7.4 - The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer ove... The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface. Scope: local bullseye: resolved (fixed in 7.4.33-1+deb11u1)

CVE-2022-48565 [CRITICAL] CVE-2022-48565: pypy3 - An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The p... An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities. Scope: local bookworm: resolved (fixed in 7.3.5+dfsg-2) bullseye: resolved (fixed in 7.3.5+dfsg-2) forky: resolved (fixed in 7.3.5+dfsg-2) sid: resolved (fixed in 7.3.5+dfsg-2) trixie:

CVE-2022-45061 [HIGH] CVE-2022-45061: pypy3 - An issue was discovered in Python before 3.11.1. An unnecessary quadratic algori... An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor;

CVE-2022-42919 [HIGH] CVE-2022-42919: pypy3 - Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privil... Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network namespace, which in many system configurations means any user on the sam

CVE-2022-0391 [HIGH] CVE-2022-0391: pypy3 - A flaw was found in Python, specifically within the urllib.parse module. This mo... A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw a

CVE-2022-48564 [MEDIUM] CVE-2022-48564: pypy3 - read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential Do... read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format. Scope: local bookworm: resolved (fixed in 7.3.5+dfsg-2) bullseye: resolved (fixed in 7.3.5+dfsg-2) forky: resolved (fixed in 7.3.5+dfsg-2) sid: resolved (fixed in 7.3.5+dfsg-2) trixi

CVE-2022-48566 [MEDIUM] CVE-2022-48566: pypy3 - An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1... An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1. Constant-time-defeating optimisations were possible in the accumulator variable in hmac.compare_digest. Scope: local bookworm: resolved (fixed in 7.3.5+dfsg-2) bullseye: resolved (fixed in 7.3.5+dfsg-2) forky: resolved (fixed in 7.3.5+dfsg-2) sid: resolved (fixed in 7.3.5+dfsg-2) trixi

CVE-2021-29921 [CRITICAL] CVE-2021-29921: pypy3 - In Python before 3,9,5, the ipaddress library mishandles leading zero characters... In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This (in some situations) allows attackers to bypass access control that is based on IP addresses. Scope: local bookworm: resolved (fixed in 7.3.8+dfsg-1) bullseye: resolved forky: resolved (fixed in 7.3.8+dfsg-1) sid: resolved (fixed in 7.3.8+df

CVE-2021-3737 [HIGH] CVE-2021-3737: pypy3 - A flaw was found in python. An improperly handled HTTP response in the HTTP clie... A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability. Scope: local bookworm: resolved (fixed in 7.3.8+dfsg-1) bullseye: resolved

CVE-2021-3733 [MEDIUM] CVE-2021-3733: pypy3 - There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who contr... There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specially crafted payload that is sent by the server to the client. The greatest threat that this flaw pos

CVE-2021-4189 [MEDIUM] CVE-2021-4189: pypy3 - A flaw was found in Python, specifically in the FTP (File Transfer Protocol) cli... A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connecting back to a given IP address and port. This vulnerability could lead

CVE-2021-23336 [MEDIUM] CVE-2021-23336: pypy3 - The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.1... The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a diff

CVE-2021-3426 [MEDIUM] CVE-2021-3426: pypy3 - There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers o... There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to access. The highest risk of this flaw is to data confidentiality. This flaw

CVE-2021-28861 [HIGH] CVE-2021-28861: pypy3 - Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server... Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation page states "Warning: http.server is not recommended for production. It only implements b

CVE-2020-27619 [CRITICAL] CVE-2020-27619: pypy3 - In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec test... In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP. Scope: local bookworm: resolved (fixed in 7.3.5+dfsg-2) bullseye: resolved (fixed in 7.3.5+dfsg-2) forky: resolved (fixed in 7.3.5+dfsg-2) sid: resolved (fixed in 7.3.5+dfsg-2) trixie: resolved (fixed in 7.3.5+dfsg-2)

CVE-2020-29651 [HIGH] CVE-2020-29651: pypy3 - A denial of service via regular expression in the py.path.svnwc component of py ... A denial of service via regular expression in the py.path.svnwc component of py (aka python-py) through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality. Scope: local bullseye: resolved (fixed in 7.3.5+dfsg-2+deb11u4)

CVE-2020-26116 [HIGH] CVE-2020-26116: pypy3 - http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9... http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request. Scope: local bookworm: resolved (fixed in 7.3.3+dfsg-1) bullseye: resolved (fixed in 7

CVE-2020-10735 [HIGH] CVE-2020-10735: pypy3 - A flaw was found in python. In algorithms with quadratic time complexity using n... A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int("text"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to sys