{"id":"USN-7212-1","summary":"python2.7 vulnerabilities","details":"It was discovered that Python incorrectly handled certain ZIP files. An\nattacker could possibly use this issue to cause a denial of service. This\nissue only affected Ubuntu 22.04 LTS. (CVE-2019-9674)\n\nIt was discovered that Python incorrectly handled certain inputs. If a\nuser or an automated system were tricked into running a specially\ncrafted input, a remote attacker could possibly use this issue to cause a\ndenial of service. (CVE-2022-45061)\n\nIt was discovered that Python incorrectly handled certain crafted ZIP\nfiles. An attacker could possibly use this issue to crash the program,\nresulting in a denial of service. (CVE-2024-0450)\n","modified":"2026-02-10T04:46:29Z","published":"2025-01-16T13:53:32Z","related":["UBUNTU-CVE-2019-9674","UBUNTU-CVE-2022-45061","UBUNTU-CVE-2024-0450"],"upstream":["CVE-2019-9674","CVE-2022-45061","CVE-2024-0450","UBUNTU-CVE-2019-9674","UBUNTU-CVE-2022-45061","UBUNTU-CVE-2024-0450"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-7212-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-9674"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-45061"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-0450"}],"affected":[{"package":{"name":"python2.7","ecosystem":"Ubuntu:Pro:20.04:LTS","purl":"pkg:deb/ubuntu/python2.7@2.7.18-1~20.04.7+esm4?arch=source&distro=esm-apps/focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.7.18-1~20.04.7+esm4"}]}],"versions":["2.7.17~rc1-1","2.7.17-1","2.7.17-1ubuntu5","2.7.17-1ubuntu6","2.7.18~rc1-2","2.7.18-1~20.04","2.7.18-1~20.04.1","2.7.18-1~20.04.1+esm1","2.7.18-1~20.04.3","2.7.18-1~20.04.3+esm1","2.7.18-1~20.04.4","2.7.18-1~20.04.4+esm1","2.7.18-1~20.04.4+esm2","2.7.18-1~20.04.4+esm3","2.7.18-1~20.04.5","2.7.18-1~20.04.5+esm1","2.7.18-1~20.04.5+esm2","2.7.18-1~20.04.6","2.7.18-1~20.04.6+esm1","2.7.18-1~20.04.7","2.7.18-1~20.04.7+esm3"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro","binaries":[{"binary_name":"idle-python2.7","binary_version":"2.7.18-1~20.04.7+esm4"},{"binary_name":"libpython2.7","binary_version":"2.7.18-1~20.04.7+esm4"},{"binary_name":"libpython2.7-dev","binary_version":"2.7.18-1~20.04.7+esm4"},{"binary_name":"libpython2.7-minimal","binary_version":"2.7.18-1~20.04.7+esm4"},{"binary_name":"libpython2.7-stdlib","binary_version":"2.7.18-1~20.04.7+esm4"},{"binary_name":"libpython2.7-testsuite","binary_version":"2.7.18-1~20.04.7+esm4"},{"binary_name":"python2.7","binary_version":"2.7.18-1~20.04.7+esm4"},{"binary_name":"python2.7-dev","binary_version":"2.7.18-1~20.04.7+esm4"},{"binary_name":"python2.7-examples","binary_version":"2.7.18-1~20.04.7+esm4"},{"binary_name":"python2.7-minimal","binary_version":"2.7.18-1~20.04.7+esm4"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7212-1.json","cves_map":{"cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2022-45061"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2024-0450"}],"ecosystem":"Ubuntu:Pro:20.04:LTS"}}},{"package":{"name":"python2.7","ecosystem":"Ubuntu:Pro:22.04:LTS","purl":"pkg:deb/ubuntu/python2.7@2.7.18-13ubuntu1.5+esm3?arch=source&distro=esm-apps/jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.7.18-13ubuntu1.5+esm3"}]}],"versions":["2.7.18-8build1","2.7.18-13","2.7.18-13ubuntu1","2.7.18-13ubuntu1.1","2.7.18-13ubuntu1.1+esm2","2.7.18-13ubuntu1.2","2.7.18-13ubuntu1.2+esm1","2.7.18-13ubuntu1.2+esm2","2.7.18-13ubuntu1.2+esm3","2.7.18-13ubuntu1.3","2.7.18-13ubuntu1.3+esm1","2.7.18-13ubuntu1.4","2.7.18-13ubuntu1.4+esm1","2.7.18-13ubuntu1.5","2.7.18-13ubuntu1.5+esm2"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro","binaries":[{"binary_name":"idle-python2.7","binary_version":"2.7.18-13ubuntu1.5+esm3"},{"binary_name":"libpython2.7","binary_version":"2.7.18-13ubuntu1.5+esm3"},{"binary_name":"libpython2.7-dev","binary_version":"2.7.18-13ubuntu1.5+esm3"},{"binary_name":"libpython2.7-minimal","binary_version":"2.7.18-13ubuntu1.5+esm3"},{"binary_name":"libpython2.7-stdlib","binary_version":"2.7.18-13ubuntu1.5+esm3"},{"binary_name":"libpython2.7-testsuite","binary_version":"2.7.18-13ubuntu1.5+esm3"},{"binary_name":"python2.7","binary_version":"2.7.18-13ubuntu1.5+esm3"},{"binary_name":"python2.7-dev","binary_version":"2.7.18-13ubuntu1.5+esm3"},{"binary_name":"python2.7-examples","binary_version":"2.7.18-13ubuntu1.5+esm3"},{"binary_name":"python2.7-minimal","binary_version":"2.7.18-13ubuntu1.5+esm3"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7212-1.json","cves_map":{"cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"negligible"}],"id":"CVE-2019-9674"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2022-45061"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2024-0450"}],"ecosystem":"Ubuntu:Pro:22.04:LTS"}}}],"schema_version":"1.7.3"}