USN-4428-1

Advisory lineage Upstream: 8 Downstream: 0
Published: 22 Jul 2020, 12:59
Last modified:27 Apr 2026, 15:48

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

22 Jul 2020, 12:59
Published
Vulnerability first disclosed
27 Apr 2026, 15:48
Last Modified
Vulnerability information updated

Description

python2.7, python3.4, python3.5, python3.6, python3.8 vulnerabilities It was discovered that Python documentation had a misleading information. A security issue could be possibly caused by wrong assumptions of this information. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-17514) It was discovered that Python incorrectly handled certain TAR archives. An attacker could possibly use this issue to cause a denial of service. (CVE-2019-20907) It was discovered that incorrectly handled certain ZIP files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-9674) It was discovered that Python incorrectly handled certain IP values. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-14422)

Affected Systems

  • ubuntupython2.7

    < 2.7.6-8ubuntu0.6+esm6 | < 2.7.12-1ubuntu0~16.04.12 | < 2.7.17-1~18.04ubuntu1.1

  • ubuntupython3.4

    < 3.4.3-1ubuntu1~14.04.7+esm7

  • ubuntupython3.5

    < 3.5.2-2ubuntu0~16.04.11

  • ubuntupython3.6

    < 3.6.9-1~18.04ubuntu1.1

  • ubuntupython3.8

    < 3.8.2-1ubuntu1.2

References (5)