PSF-2017-6

See a problem?
Import Source
https://github.com/psf/advisory-database/blob/main/advisories/python/PSF-2017-6.json
JSON Data
https://api.osv.dev/v1/vulns/PSF-2017-6
Aliases
Published
2017-11-17T00:00:00Z
Modified
2023-11-01T05:44:02.045924Z
Summary
PyString_DecodeEscape integer overflow
Details

CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)

References

Affected packages

Git / github.com/python/cpython

Affected ranges

Type
GIT
Repo
https://github.com/python/cpython
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed
Fixed