Python 3.8.0 Beta 1
Approved changes feed: RSS · Atom
cpe:2.3:a:python:python:3.8.0:beta1:*:*:*:*:*:*
part: a version: 3.8.0 update: beta1
| Vendor | Python (b57ad93a-6195-5192-9423-6cfad6044a8b) |
|---|---|
| Product | Python (fc328eef-0a85-5ddb-b629-b8866ec518c8) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:deb/debian/python |
purl2cpe | 2026-06-01 10:16:29.496921 |
pkg:github/python/cpython |
purl2cpe | 2026-06-01 10:16:29.496923 |
pkg:python/python |
purl2cpe | 2026-06-01 10:16:29.496924 |
pkg:rpm/opensuse/python |
purl2cpe | 2026-06-01 10:16:29.496926 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2019-10160 |
vulnerable | 2026-06-03 14:39:21.549231 |
Details available
CRITICAL (9.8)
A security regression of CVE-2019-9636 was discovered in python since commit d537ab0ff9767ef024f26246899728f0116b1ec3 affecting versions 2.7, 3.5, 3.6, 3.7 and from v3.8.0a4 through v3.8.0b1, which still allows an attacker to exploit CVE-2019-9636 by abusing the user and password parts of a URL. When an application parses user-supplied URLs to store cookies, authentication credentials, or other kind of information, it is possible for an attacker to provide specially crafted URLs to make the application locate host-related information (e.g. cookies, authentication data) and send them to a different host than where it should, unlike if the URLs had been correctly parsed. The result of an attack may vary based on the application.
Published: 2019-06-07T17:50:33.000Z
Updated: 2024-08-04T22:10:10.028Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.