rhsa-2021:3252
Vulnerability from csaf_redhat
Published
2021-08-24 13:06
Modified
2025-08-04 03:01
Summary
Red Hat Security Advisory: python27 security update
Notes
Topic
An update for python27-babel, python27-python, python27-python-jinja2, and python27-python-pygments is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
Security Fix(es):
* python: Unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)
* python-jinja2: ReDoS vulnerability due to the sub-pattern (CVE-2020-28493)
* python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c (CVE-2021-3177)
* python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-20095)
* python-pygments: Infinite loop in SML lexer may lead to DoS (CVE-2021-20270)
* python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (CVE-2021-23336)
* python-pygments: ReDoS via crafted malicious input (CVE-2021-27291)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional information
* Changes in the default separator for the Python urllib parsing functions
To mitigate the Web Cache Poisoning CVE-2021-23336 in the Python urllib library, the default separator for the urllib.parse.parse_qsl and urllib.parse.parse_qs functions is being changed from both ampersand (&) and semicolon (;) to only an ampersand.
The change of the default separator is potentially backwards incompatible, therefore Red Hat provides a way to configure the behavior in Python packages where the default separator has been changed. In addition, the affected urllib parsing functions issue a warning if they detect that a customer’s application has been affected by the change.
For more information, see the Knowledgebase article "Mitigation of Web Cache Poisoning in the Python urllib library (CVE-2021-23336)" linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for python27-babel, python27-python, python27-python-jinja2, and python27-python-pygments is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* python: Unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)\n\n* python-jinja2: ReDoS vulnerability due to the sub-pattern (CVE-2020-28493)\n\n* python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c (CVE-2021-3177)\n\n* python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-20095)\n\n* python-pygments: Infinite loop in SML lexer may lead to DoS (CVE-2021-20270)\n\n* python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (CVE-2021-23336)\n\n* python-pygments: ReDoS via crafted malicious input (CVE-2021-27291)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional information\n\n* Changes in the default separator for the Python urllib parsing functions\n\nTo mitigate the Web Cache Poisoning CVE-2021-23336 in the Python urllib library, the default separator for the urllib.parse.parse_qsl and urllib.parse.parse_qs functions is being changed from both ampersand (\u0026) and semicolon (;) to only an ampersand.\n\nThe change of the default separator is potentially backwards incompatible, therefore Red Hat provides a way to configure the behavior in Python packages where the default separator has been changed. In addition, the affected urllib parsing functions issue a warning if they detect that a customer\u2019s application has been affected by the change.\n\nFor more information, see the Knowledgebase article \"Mitigation of Web Cache Poisoning in the Python urllib library (CVE-2021-23336)\" linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:3252",
"url": "https://access.redhat.com/errata/RHSA-2021:3252"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/5860431",
"url": "https://access.redhat.com/articles/5860431"
},
{
"category": "external",
"summary": "1889886",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1889886"
},
{
"category": "external",
"summary": "1918168",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1918168"
},
{
"category": "external",
"summary": "1922136",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922136"
},
{
"category": "external",
"summary": "1928707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928707"
},
{
"category": "external",
"summary": "1928904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928904"
},
{
"category": "external",
"summary": "1940603",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1940603"
},
{
"category": "external",
"summary": "1955615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1955615"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_3252.json"
}
],
"title": "Red Hat Security Advisory: python27 security update",
"tracking": {
"current_release_date": "2025-08-04T03:01:02+00:00",
"generator": {
"date": "2025-08-04T03:01:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2021:3252",
"initial_release_date": "2021-08-24T13:06:56+00:00",
"revision_history": [
{
"date": "2021-08-24T13:06:56+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-08-24T13:06:56+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-04T03:01:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Software Collections"
},
{
"branches": [
{
"category": "product_version",
"name": "python27-python-pygments-0:1.5-5.el7.src",
"product": {
"name": "python27-python-pygments-0:1.5-5.el7.src",
"product_id": "python27-python-pygments-0:1.5-5.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-pygments@1.5-5.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "python27-python-0:2.7.18-3.el7.src",
"product": {
"name": "python27-python-0:2.7.18-3.el7.src",
"product_id": "python27-python-0:2.7.18-3.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python@2.7.18-3.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "python27-python-jinja2-0:2.6-16.el7.src",
"product": {
"name": "python27-python-jinja2-0:2.6-16.el7.src",
"product_id": "python27-python-jinja2-0:2.6-16.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-jinja2@2.6-16.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "python27-babel-0:0.9.6-10.el7.src",
"product": {
"name": "python27-babel-0:0.9.6-10.el7.src",
"product_id": "python27-babel-0:0.9.6-10.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-babel@0.9.6-10.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python27-python-pygments-0:1.5-5.el7.noarch",
"product": {
"name": "python27-python-pygments-0:1.5-5.el7.noarch",
"product_id": "python27-python-pygments-0:1.5-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-pygments@1.5-5.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python27-python-jinja2-0:2.6-16.el7.noarch",
"product": {
"name": "python27-python-jinja2-0:2.6-16.el7.noarch",
"product_id": "python27-python-jinja2-0:2.6-16.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-jinja2@2.6-16.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python27-babel-0:0.9.6-10.el7.noarch",
"product": {
"name": "python27-babel-0:0.9.6-10.el7.noarch",
"product_id": "python27-babel-0:0.9.6-10.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-babel@0.9.6-10.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python27-python-babel-0:0.9.6-10.el7.noarch",
"product": {
"name": "python27-python-babel-0:0.9.6-10.el7.noarch",
"product_id": "python27-python-babel-0:0.9.6-10.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-babel@0.9.6-10.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "python27-python-0:2.7.18-3.el7.x86_64",
"product": {
"name": "python27-python-0:2.7.18-3.el7.x86_64",
"product_id": "python27-python-0:2.7.18-3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python@2.7.18-3.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python27-python-debug-0:2.7.18-3.el7.x86_64",
"product": {
"name": "python27-python-debug-0:2.7.18-3.el7.x86_64",
"product_id": "python27-python-debug-0:2.7.18-3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-debug@2.7.18-3.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python27-python-devel-0:2.7.18-3.el7.x86_64",
"product": {
"name": "python27-python-devel-0:2.7.18-3.el7.x86_64",
"product_id": "python27-python-devel-0:2.7.18-3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-devel@2.7.18-3.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python27-python-libs-0:2.7.18-3.el7.x86_64",
"product": {
"name": "python27-python-libs-0:2.7.18-3.el7.x86_64",
"product_id": "python27-python-libs-0:2.7.18-3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-libs@2.7.18-3.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python27-python-test-0:2.7.18-3.el7.x86_64",
"product": {
"name": "python27-python-test-0:2.7.18-3.el7.x86_64",
"product_id": "python27-python-test-0:2.7.18-3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-test@2.7.18-3.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python27-python-tools-0:2.7.18-3.el7.x86_64",
"product": {
"name": "python27-python-tools-0:2.7.18-3.el7.x86_64",
"product_id": "python27-python-tools-0:2.7.18-3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-tools@2.7.18-3.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python27-tkinter-0:2.7.18-3.el7.x86_64",
"product": {
"name": "python27-tkinter-0:2.7.18-3.el7.x86_64",
"product_id": "python27-tkinter-0:2.7.18-3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-tkinter@2.7.18-3.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"product": {
"name": "python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"product_id": "python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-debuginfo@2.7.18-3.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "python27-python-0:2.7.18-3.el7.s390x",
"product": {
"name": "python27-python-0:2.7.18-3.el7.s390x",
"product_id": "python27-python-0:2.7.18-3.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python@2.7.18-3.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python27-python-debug-0:2.7.18-3.el7.s390x",
"product": {
"name": "python27-python-debug-0:2.7.18-3.el7.s390x",
"product_id": "python27-python-debug-0:2.7.18-3.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-debug@2.7.18-3.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python27-python-devel-0:2.7.18-3.el7.s390x",
"product": {
"name": "python27-python-devel-0:2.7.18-3.el7.s390x",
"product_id": "python27-python-devel-0:2.7.18-3.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-devel@2.7.18-3.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python27-python-libs-0:2.7.18-3.el7.s390x",
"product": {
"name": "python27-python-libs-0:2.7.18-3.el7.s390x",
"product_id": "python27-python-libs-0:2.7.18-3.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-libs@2.7.18-3.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python27-python-test-0:2.7.18-3.el7.s390x",
"product": {
"name": "python27-python-test-0:2.7.18-3.el7.s390x",
"product_id": "python27-python-test-0:2.7.18-3.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-test@2.7.18-3.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python27-python-tools-0:2.7.18-3.el7.s390x",
"product": {
"name": "python27-python-tools-0:2.7.18-3.el7.s390x",
"product_id": "python27-python-tools-0:2.7.18-3.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-tools@2.7.18-3.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python27-tkinter-0:2.7.18-3.el7.s390x",
"product": {
"name": "python27-tkinter-0:2.7.18-3.el7.s390x",
"product_id": "python27-tkinter-0:2.7.18-3.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-tkinter@2.7.18-3.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"product": {
"name": "python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"product_id": "python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-debuginfo@2.7.18-3.el7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python27-python-0:2.7.18-3.el7.ppc64le",
"product": {
"name": "python27-python-0:2.7.18-3.el7.ppc64le",
"product_id": "python27-python-0:2.7.18-3.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python@2.7.18-3.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python27-python-debug-0:2.7.18-3.el7.ppc64le",
"product": {
"name": "python27-python-debug-0:2.7.18-3.el7.ppc64le",
"product_id": "python27-python-debug-0:2.7.18-3.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-debug@2.7.18-3.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python27-python-devel-0:2.7.18-3.el7.ppc64le",
"product": {
"name": "python27-python-devel-0:2.7.18-3.el7.ppc64le",
"product_id": "python27-python-devel-0:2.7.18-3.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-devel@2.7.18-3.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python27-python-libs-0:2.7.18-3.el7.ppc64le",
"product": {
"name": "python27-python-libs-0:2.7.18-3.el7.ppc64le",
"product_id": "python27-python-libs-0:2.7.18-3.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-libs@2.7.18-3.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python27-python-test-0:2.7.18-3.el7.ppc64le",
"product": {
"name": "python27-python-test-0:2.7.18-3.el7.ppc64le",
"product_id": "python27-python-test-0:2.7.18-3.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-test@2.7.18-3.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python27-python-tools-0:2.7.18-3.el7.ppc64le",
"product": {
"name": "python27-python-tools-0:2.7.18-3.el7.ppc64le",
"product_id": "python27-python-tools-0:2.7.18-3.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-tools@2.7.18-3.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python27-tkinter-0:2.7.18-3.el7.ppc64le",
"product": {
"name": "python27-tkinter-0:2.7.18-3.el7.ppc64le",
"product_id": "python27-tkinter-0:2.7.18-3.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-tkinter@2.7.18-3.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"product": {
"name": "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"product_id": "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python27-python-debuginfo@2.7.18-3.el7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-babel-0:0.9.6-10.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch"
},
"product_reference": "python27-babel-0:0.9.6-10.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-babel-0:0.9.6-10.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src"
},
"product_reference": "python27-babel-0:0.9.6-10.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-0:2.7.18-3.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src"
},
"product_reference": "python27-python-0:2.7.18-3.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-babel-0:0.9.6-10.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch"
},
"product_reference": "python27-python-babel-0:0.9.6-10.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debug-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-debug-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debug-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-debug-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debug-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-debug-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debuginfo-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debuginfo-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-devel-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-devel-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-devel-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-devel-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-devel-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-devel-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-jinja2-0:2.6-16.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch"
},
"product_reference": "python27-python-jinja2-0:2.6-16.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-jinja2-0:2.6-16.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src"
},
"product_reference": "python27-python-jinja2-0:2.6-16.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-libs-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-libs-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-libs-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-libs-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-libs-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-libs-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-pygments-0:1.5-5.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch"
},
"product_reference": "python27-python-pygments-0:1.5-5.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-pygments-0:1.5-5.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src"
},
"product_reference": "python27-python-pygments-0:1.5-5.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-test-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-test-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-test-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-test-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-test-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-test-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-tools-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-tools-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-tools-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-tools-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-tools-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-tools-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-tkinter-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-tkinter-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-tkinter-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-tkinter-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-tkinter-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)",
"product_id": "7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-tkinter-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-babel-0:0.9.6-10.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch"
},
"product_reference": "python27-babel-0:0.9.6-10.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-babel-0:0.9.6-10.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src"
},
"product_reference": "python27-babel-0:0.9.6-10.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-0:2.7.18-3.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src"
},
"product_reference": "python27-python-0:2.7.18-3.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-babel-0:0.9.6-10.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch"
},
"product_reference": "python27-python-babel-0:0.9.6-10.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debug-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-debug-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debug-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-debug-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debug-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-debug-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debuginfo-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debuginfo-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-devel-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-devel-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-devel-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-devel-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-devel-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-devel-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-jinja2-0:2.6-16.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch"
},
"product_reference": "python27-python-jinja2-0:2.6-16.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-jinja2-0:2.6-16.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src"
},
"product_reference": "python27-python-jinja2-0:2.6-16.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-libs-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-libs-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-libs-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-libs-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-libs-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-libs-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-pygments-0:1.5-5.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch"
},
"product_reference": "python27-python-pygments-0:1.5-5.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-pygments-0:1.5-5.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src"
},
"product_reference": "python27-python-pygments-0:1.5-5.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-test-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-test-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-test-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-test-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-test-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-test-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-tools-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-tools-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-tools-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-tools-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-tools-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-tools-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-tkinter-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-tkinter-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-tkinter-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-tkinter-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-tkinter-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-tkinter-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-babel-0:0.9.6-10.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch"
},
"product_reference": "python27-babel-0:0.9.6-10.el7.noarch",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-babel-0:0.9.6-10.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src"
},
"product_reference": "python27-babel-0:0.9.6-10.el7.src",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-0:2.7.18-3.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src"
},
"product_reference": "python27-python-0:2.7.18-3.el7.src",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-babel-0:0.9.6-10.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch"
},
"product_reference": "python27-python-babel-0:0.9.6-10.el7.noarch",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debug-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-debug-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debug-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-debug-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debug-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-debug-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debuginfo-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-debuginfo-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-devel-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-devel-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-devel-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-devel-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-devel-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-devel-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-jinja2-0:2.6-16.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch"
},
"product_reference": "python27-python-jinja2-0:2.6-16.el7.noarch",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-jinja2-0:2.6-16.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src"
},
"product_reference": "python27-python-jinja2-0:2.6-16.el7.src",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-libs-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-libs-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-libs-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-libs-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-libs-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-libs-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-pygments-0:1.5-5.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch"
},
"product_reference": "python27-python-pygments-0:1.5-5.el7.noarch",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-pygments-0:1.5-5.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src"
},
"product_reference": "python27-python-pygments-0:1.5-5.el7.src",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-test-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-test-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-test-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-test-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-test-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-test-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-tools-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-python-tools-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-tools-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-python-tools-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-python-tools-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-python-tools-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-tkinter-0:2.7.18-3.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le"
},
"product_reference": "python27-tkinter-0:2.7.18-3.el7.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-tkinter-0:2.7.18-3.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x"
},
"product_reference": "python27-tkinter-0:2.7.18-3.el7.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python27-tkinter-0:2.7.18-3.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
},
"product_reference": "python27-tkinter-0:2.7.18-3.el7.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-27619",
"cwe": {
"id": "CWE-95",
"name": "Improper Neutralization of Directives in Dynamically Evaluated Code (\u0027Eval Injection\u0027)"
},
"discovery_date": "2020-10-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1889886"
}
],
"notes": [
{
"category": "description",
"text": "In Python3\u0027s Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python: Unsafe use of eval() on data retrieved via HTTP in the test suite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "As of Red Hat Quay 3.4 the python runtime will be consumed from RHEL. Currently releases up to 3.3 won\u0027t get fixes for this moderate issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-27619"
},
{
"category": "external",
"summary": "RHBZ#1889886",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1889886"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-27619",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27619"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27619",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27619"
}
],
"release_date": "2020-10-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-24T13:06:56+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3252"
},
{
"category": "workaround",
"details": "In versions of Python shipped with Red Hat Enterprise Linux and Red Hat Software Collections, the flaw can be mitigated by not running the python tests with network resources enabled. By default, the tests are not run with network resources enabled. Ensure that `-u network` or `-uall` are not passed as options to `python -m test`. For more information on how these commands work, see [1].\n\n1. https://docs.python.org/3/library/test.html",
"product_ids": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python: Unsafe use of eval() on data retrieved via HTTP in the test suite"
},
{
"cve": "CVE-2020-28493",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-02-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1928707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in python-jinja2. The ReDOS vulnerability of the regex is mainly due to the sub-pattern [a-zA-Z0-9._-]+.[a-zA-Z0-9._-]+. This issue can be mitigated by Markdown to format user content instead of the urlize filter, or by implementing request timeouts and limiting process memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-jinja2: ReDoS vulnerability in the urlize filter",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is out of support scope for the following products:\n\n* Red Hat Enterprise Linux 6\n* Red Hat Enterprise Linux 7\n* Red Hat Ceph Storage 2\n\nTo learn more about Red Hat Enterprise Linux support scopes, please see https://access.redhat.com/support/policy/updates/errata/\n\nIn Red Hat OpenStack Platform, because python-jinja2 is not directly customer exposed, the Impact has been moved to Low and no updated will be provided at this time for the RHOSP python-jinja2 package.\n\nRed Hat Quay does not make use of the vulnerable function, so the impact is Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-28493"
},
{
"category": "external",
"summary": "RHBZ#1928707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28493",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28493"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28493",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28493"
}
],
"release_date": "2021-02-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-24T13:06:56+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3252"
},
{
"category": "workaround",
"details": "If using the jinja2 library as a developer, this flaw can be mitigated by not using the vulnerable urlize() filter, and instead, using Markdown to format user content.",
"product_ids": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-jinja2: ReDoS vulnerability in the urlize filter"
},
{
"cve": "CVE-2021-3177",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2021-01-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1918168"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in python. A stack-based buffer overflow was discovered in the ctypes module provided within Python. Applications that use ctypes without carefully validating the input passed to it may be vulnerable to this flaw, which would allow an attacker to overflow a buffer on the stack and crash the application. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw could have had a higher Impact, however our packages are compiled with FORTIFY_SOURCE, which provides runtime protection to some memory and string functions and prevents this flaw from actually overwriting the buffer and potentially executing code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3177"
},
{
"category": "external",
"summary": "RHBZ#1918168",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1918168"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3177"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3177",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3177"
}
],
"release_date": "2021-01-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-24T13:06:56+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3252"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c"
},
{
"cve": "CVE-2021-20095",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2021-04-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1955615"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in python-babel. A path traversal vulnerability was found in how locale data files are checked and loaded within python-babel, allowing a local attacker to trick an application that uses python-babel to load a file outside of the intended locale directory. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "It is rather uncommon for applications to use Babel.Locale() with an untrusted attacker-controlled language argument. A static language abbreviation string (e.g. \"en\") is most commonly used instead. For this reason, this flaw has been rated as having a security impact of Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-20095"
},
{
"category": "external",
"summary": "RHBZ#1955615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1955615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-20095",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20095"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20095",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20095"
},
{
"category": "external",
"summary": "https://www.tenable.com/security/research/tra-2021-14",
"url": "https://www.tenable.com/security/research/tra-2021-14"
}
],
"release_date": "2021-04-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-24T13:06:56+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3252"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code"
},
{
"cve": "CVE-2021-20270",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2021-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1922136"
}
],
"notes": [
{
"category": "description",
"text": "An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the \"exception\" keyword.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-pygments: Infinite loop in SML lexer may lead to DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform 3.11, the vulnerable version of python-pygments is embedded in the google-cloud-sdk package, which is shipped in the openshift-ansible container (aos3-installation-container). As the access to the openshift-ansible container is restricted only to cluster administrators, this component is affected but with a Low impact. The google-cloud-sdk package was shipped in OpenShift Container Platform 4.1, which is End of Life.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-20270"
},
{
"category": "external",
"summary": "RHBZ#1922136",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922136"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-20270",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20270"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20270",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20270"
}
],
"release_date": "2020-12-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-24T13:06:56+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3252"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-pygments: Infinite loop in SML lexer may lead to DoS"
},
{
"cve": "CVE-2021-23336",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-02-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1928904"
}
],
"notes": [
{
"category": "description",
"text": "The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The python2.7 component in Red Hat Enterprise Linux 9 is listed as not affected as it was removed prior to the release of RHEL-9.0.\n\nThe python3.9 component in Red Hat Enterprise Linux 9 is listed as not affected as a patched version was verified in RHEL-9.0 beta and the RHEL-9.0 GA release included this patched version.\n\nThe python36 component in the python36:3.6 module in Red Hat Enterprise Linux 8 is listed as not affected, as it does not contain Python interpreter or libraries. Packages of the python36 component only provide convenient links to the Python interpreter included in the non-modular python3 component\u0027s platform-python packages. Users of python36:3.6 module also need to check the entry for the python3 component to determine if their systems are affected.\n\nRed Hat Ceph Storage (RHCS) 3 ships an older version of python-django without the directly affected function, but which is still vulnerable to a similar attack involving the semi colon separator. Hence, impact has been rated as Low.\n\nAlthough Red Hat OpenStack Platform 13 \u0026 16.1 both ship the affected code, since the proxy is controlled and configured by OpenStack, the impact has been lowered to Low. As a fix would require a substantial effort or commitment of time, no fix will be provided at this time.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform uses secure, encrypted HTTPS connections over TLS 1.2 to reduce the risk of smuggling attacks by preventing the injection of ambiguous or malformed requests between components. The environment employs IPS/IDS and antimalware solutions to detect and block malicious code while ensuring consistent interpretation of HTTP requests across network layers, mitigating request/response inconsistencies. Event logs are collected and analyzed for centralization, correlation, monitoring, alerting, and retention, enabling the detection of malformed or suspicious HTTP traffic. Static code analysis and peer reviews enforce strong input validation and error handling to ensure all user inputs adhere to HTTP protocol specifications.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-23336"
},
{
"category": "external",
"summary": "RHBZ#1928904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928904"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-23336",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23336"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23336",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23336"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933",
"url": "https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933"
}
],
"release_date": "2021-02-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-24T13:06:56+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3252"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters"
},
{
"cve": "CVE-2021-27291",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-03-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1940603"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service attack was discovered against pygments. Some of the regular expressions used to tokenise source code for highlighting have exponential complexity. A specially crafted input file could cause pygments to take effectively infinite time to parse, consuming CPU resources and denying access to the service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-pygments: ReDoS in multiple lexers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-27291"
},
{
"category": "external",
"summary": "RHBZ#1940603",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1940603"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-27291",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27291"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-27291",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27291"
}
],
"release_date": "2021-01-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-24T13:06:56+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3252"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-pygments: ReDoS in multiple lexers"
},
{
"cve": "CVE-2021-42771",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2021-04-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1955615"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in python-babel. A path traversal vulnerability was found in how locale data files are checked and loaded within python-babel, allowing a local attacker to trick an application that uses python-babel to load a file outside of the intended locale directory. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "It is rather uncommon for applications to use Babel.Locale() with an untrusted attacker-controlled language argument. A static language abbreviation string (e.g. \"en\") is most commonly used instead. For this reason, this flaw has been rated as having a security impact of Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-42771"
},
{
"category": "external",
"summary": "RHBZ#1955615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1955615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-42771",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42771"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-42771",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42771"
},
{
"category": "external",
"summary": "https://www.tenable.com/security/research/tra-2021-14",
"url": "https://www.tenable.com/security/research/tra-2021-14"
}
],
"release_date": "2021-04-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-24T13:06:56+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3252"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7-7.7.Z:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7-7.7.Z:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Server-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Server-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Server-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Server-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-babel-0:0.9.6-10.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.src",
"7Workstation-RHSCL-3.7:python27-python-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-babel-0:0.9.6-10.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debug-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-debuginfo-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-devel-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-jinja2-0:2.6-16.el7.src",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-libs-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.noarch",
"7Workstation-RHSCL-3.7:python27-python-pygments-0:1.5-5.el7.src",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-test-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-python-tools-0:2.7.18-3.el7.x86_64",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.ppc64le",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.s390x",
"7Workstation-RHSCL-3.7:python27-tkinter-0:2.7.18-3.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…