RHSA-2020:4641MediumCVSS 9.8

Red Hat Security Advisory: python38:3.8 security, bug fix, and enhancement update

Published
November 4, 2020
Last Modified
June 26, 2026

🔗 CVE IDs covered (5)

📋 Description

CVE-2019-20477 — PyYAML: command execution through python/object/apply constructor in FullLoader CVE-2019-20907 — python: infinite loop in the tarfile module via crafted TAR archive CVE-2020-1747 — PyYAML: arbitrary command execution through python/object/new when FullLoader is used CVE-2020-8492 — python: wrong backtracking in urllib.request.AbstractBasicAuthHandler allows for a ReDoS CVE-2020-14422 — python: DoS via inefficiency in IPv{4,6}Interface classes

🔗 References (11)