{"api_version":"1","generated_at":"2026-04-22T20:52:25+00:00","cve":"CVE-2015-20107","urls":{"html":"https://cve.report/CVE-2015-20107","api":"https://cve.report/api/cve/CVE-2015-20107.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2015-20107","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2015-20107"},"summary":{"title":"CVE-2015-20107","description":"In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2022-04-13 16:15:00","updated_at":"2023-11-07 02:25:00"},"problem_types":["CWE-77"],"metrics":[],"references":[{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPCLGZZJPVXFWUWVV5WCD5FNUAFLKBDN/","name":"FEDORA-2022-17a1bb7e78","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 35 Update: pypy3.9-7.3.9-2.3.9.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAY6VBNVEFUXKJF37WFHYXUSRDEK34N3/","name":"FEDORA-2022-5ea8aa7518","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 35 Update: python3-docs-3.10.5-1.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://bugs.python.org/issue24778","name":"https://bugs.python.org/issue24778","refsource":"MISC","tags":[],"title":"Issue 24778: mailcap.findmatch: document shell command Injection danger in filename parameter - Python tracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ERYMM2QVDPOJLX4LYXWYIQN5FOIJLDRY/","name":"FEDORA-2022-cece1d07d9","refsource":"","tags":[],"title":"[SECURITY] Fedora 35 Update: python3.6-3.6.15-3.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/python/cpython/issues/68966","name":"https://github.com/python/cpython/issues/68966","refsource":"MISC","tags":[],"title":"mailcap.findmatch: document shell command Injection danger in filename parameter · Issue #68966 · python/cpython · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WXF6MQ74HVIDDSR5AE2UDR24I6D4FEPC/","name":"FEDORA-2022-d1682fef04","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 36 Update: mingw-python3-3.10.8-1.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F3LNY2NHM6J22O6Q5ANOE3SZRK3OACKR/","name":"FEDORA-2022-ec74ac4079","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 35 Update: python2.7-2.7.18-22.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/53TQZFLS6O3FLIMVSXFEEPZSWLDZLBOX/","name":"FEDORA-2022-b499f2a9c6","refsource":"","tags":[],"title":"[SECURITY] Fedora 36 Update: pypy3.8-7.3.9-2.3.8.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PTTZGLD2YBMMG6U6F5HOTPOGGPBIURMA/","name":"FEDORA-2022-ce55d01569","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 36 Update: pypy-7.3.9-2.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46KWPTI72SSEOF53DOYQBQOCN4QQB2GE/","name":"FEDORA-2022-4b0dfda810","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 36 Update: python3.6-3.6.15-9.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PTTZGLD2YBMMG6U6F5HOTPOGGPBIURMA/","name":"FEDORA-2022-ce55d01569","refsource":"","tags":[],"title":"[SECURITY] Fedora 36 Update: pypy-7.3.9-2.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5DBVY4YC2P6EPZZ2DROOXHDOWZ4BJFLW/","name":"FEDORA-2022-dbe9a8f9ac","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 36 Update: pypy3.9-7.3.9-2.3.9.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html","name":"[debian-lts-announce] 20230630 [SECURITY] [DLA 3477-1] python3.7 security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 3477-1] python3.7 security update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QIKVSW3H6W2GQGDE5DTIWLGFNH6KKEW/","name":"FEDORA-2022-20e87fb0d1","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 36 Update: pypy3.7-7.3.9-2.3.7.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F3LNY2NHM6J22O6Q5ANOE3SZRK3OACKR/","name":"FEDORA-2022-ec74ac4079","refsource":"","tags":[],"title":"[SECURITY] Fedora 35 Update: python2.7-2.7.18-22.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UIOJUZ5JMEMGSKNISTOVI4PDP36FDL5Y/","name":"FEDORA-2022-4a69d20cf4","refsource":"","tags":[],"title":"[SECURITY] Fedora 36 Update: python2.7-2.7.18-22.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MYG3EMFR7ZHC46TDNM7SNWO64A3W7EUF/","name":"FEDORA-2022-0be85556b4","refsource":"","tags":[],"title":"[SECURITY] Fedora 35 Update: python3.9-3.9.13-2.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html","name":"[debian-lts-announce] 20230524 [SECURITY] [DLA 3432-1] python2.7 security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 3432-1] python2.7 security update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XO2H6CKWLRGTTZCGUQVELW6LUH437Q3O/","name":"FEDORA-2022-4c788bdc40","refsource":"","tags":[],"title":"[SECURITY] Fedora 36 Update: python3.7-3.7.13-2.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WXF6MQ74HVIDDSR5AE2UDR24I6D4FEPC/","name":"FEDORA-2022-d1682fef04","refsource":"","tags":[],"title":"[SECURITY] Fedora 36 Update: mingw-python3-3.10.8-1.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5664BGZVTA46LQDNTYX5THG6CN4FYJX/","name":"FEDORA-2022-9da5703d22","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 36 Update: python3.10-3.10.5-2.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y4E2WBEJ42CGLGDHD6ZXOLZ2W6G3YOVD/","name":"FEDORA-2022-a8e50dc83e","refsource":"","tags":[],"title":"[SECURITY] Fedora 36 Update: python3.8-3.8.13-3.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HAI2GBC7WKH7J5NH6J2IW5RT3VF2SF5M/","name":"FEDORA-2022-9dd70781cb","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 35 Update: pypy-7.3.9-2.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KAY6VBNVEFUXKJF37WFHYXUSRDEK34N3/","name":"FEDORA-2022-5ea8aa7518","refsource":"","tags":[],"title":"[SECURITY] Fedora 35 Update: python3-docs-3.10.5-1.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKGMYDVKI3XNM27B6I6RQ6QV3TVJAUCG/","name":"FEDORA-2022-9cd41b6709","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 35 Update: pypy3.8-7.3.9-2.3.8.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5664BGZVTA46LQDNTYX5THG6CN4FYJX/","name":"FEDORA-2022-9da5703d22","refsource":"","tags":[],"title":"[SECURITY] Fedora 36 Update: python3.10-3.10.5-2.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y4E2WBEJ42CGLGDHD6ZXOLZ2W6G3YOVD/","name":"FEDORA-2022-a8e50dc83e","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 36 Update: python3.8-3.8.13-3.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIOJUZ5JMEMGSKNISTOVI4PDP36FDL5Y/","name":"FEDORA-2022-4a69d20cf4","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 36 Update: python2.7-2.7.18-22.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FIRUTX47BJD2HYJDLMI7JJBVCYFAPKAQ/","name":"FEDORA-2022-2e1d1205cf","refsource":"","tags":[],"title":"[SECURITY] Fedora 35 Update: python3.8-3.8.13-3.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XO2H6CKWLRGTTZCGUQVELW6LUH437Q3O/","name":"FEDORA-2022-4c788bdc40","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 36 Update: python3.7-3.7.13-2.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security.gentoo.org/glsa/202305-02","name":"GLSA-202305-02","refsource":"GENTOO","tags":[],"title":"Python, PyPy3: Multiple Vulnerabilities (GLSA 202305-02) — Gentoo security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DBVY4YC2P6EPZZ2DROOXHDOWZ4BJFLW/","name":"FEDORA-2022-dbe9a8f9ac","refsource":"","tags":[],"title":"[SECURITY] Fedora 36 Update: pypy3.9-7.3.9-2.3.9.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://python-security.readthedocs.io/vuln/mailcap-shell-injection.html","name":"https://python-security.readthedocs.io/vuln/mailcap-shell-injection.html","refsource":"CONFIRM","tags":[],"title":"mailcap shell command injection — Python Security 0.0 documentation","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/57NECACX333A3BBZM2TR2VZ4ZE3UG3SN/","name":"FEDORA-2022-d157a91e10","refsource":"","tags":[],"title":"[SECURITY] Fedora 35 Update: pypy3.7-7.3.9-2.3.7.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AKGMYDVKI3XNM27B6I6RQ6QV3TVJAUCG/","name":"FEDORA-2022-9cd41b6709","refsource":"","tags":[],"title":"[SECURITY] Fedora 35 Update: pypy3.8-7.3.9-2.3.8.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IFGV7P2PYFBMK32OKHCAC2ZPJQV5AUDF/","name":"FEDORA-2022-79843dfb3c","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 37 Update: mingw-python3-3.10.8-1.fc37 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46KWPTI72SSEOF53DOYQBQOCN4QQB2GE/","name":"FEDORA-2022-4b0dfda810","refsource":"","tags":[],"title":"[SECURITY] Fedora 36 Update: python3.6-3.6.15-9.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HAI2GBC7WKH7J5NH6J2IW5RT3VF2SF5M/","name":"FEDORA-2022-9dd70781cb","refsource":"","tags":[],"title":"[SECURITY] Fedora 35 Update: pypy-7.3.9-2.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.netapp.com/advisory/ntap-20220616-0001/","name":"https://security.netapp.com/advisory/ntap-20220616-0001/","refsource":"CONFIRM","tags":[],"title":"CVE-2015-20107 Python Vulnerability in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MYG3EMFR7ZHC46TDNM7SNWO64A3W7EUF/","name":"FEDORA-2022-0be85556b4","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 35 Update: python3.9-3.9.13-2.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ONXSGLASNLGFL57YU6WT6Y5YURSFV43U/","name":"FEDORA-2022-1358cedf2d","refsource":"","tags":[],"title":"[SECURITY] Fedora 35 Update: python3.7-3.7.13-2.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FIRUTX47BJD2HYJDLMI7JJBVCYFAPKAQ/","name":"FEDORA-2022-2e1d1205cf","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 35 Update: python3.8-3.8.13-3.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FCIO2W4DUVVMI6L52QCC4TT2B3K5VWHS/","name":"FEDORA-2022-5ad25e3d3c","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 36 Update: python3.9-3.9.13-2.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GPCLGZZJPVXFWUWVV5WCD5FNUAFLKBDN/","name":"FEDORA-2022-17a1bb7e78","refsource":"","tags":[],"title":"[SECURITY] Fedora 35 Update: pypy3.9-7.3.9-2.3.9.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFGV7P2PYFBMK32OKHCAC2ZPJQV5AUDF/","name":"FEDORA-2022-79843dfb3c","refsource":"","tags":[],"title":"[SECURITY] Fedora 37 Update: mingw-python3-3.10.8-1.fc37 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FCIO2W4DUVVMI6L52QCC4TT2B3K5VWHS/","name":"FEDORA-2022-5ad25e3d3c","refsource":"","tags":[],"title":"[SECURITY] Fedora 36 Update: python3.9-3.9.13-2.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ERYMM2QVDPOJLX4LYXWYIQN5FOIJLDRY/","name":"FEDORA-2022-cece1d07d9","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 35 Update: python3.6-3.6.15-3.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/57NECACX333A3BBZM2TR2VZ4ZE3UG3SN/","name":"FEDORA-2022-d157a91e10","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 35 Update: pypy3.7-7.3.9-2.3.7.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/53TQZFLS6O3FLIMVSXFEEPZSWLDZLBOX/","name":"FEDORA-2022-b499f2a9c6","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 36 Update: pypy3.8-7.3.9-2.3.8.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ONXSGLASNLGFL57YU6WT6Y5YURSFV43U/","name":"FEDORA-2022-1358cedf2d","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 35 Update: python3.7-3.7.13-2.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIKVSW3H6W2GQGDE5DTIWLGFNH6KKEW/","name":"FEDORA-2022-20e87fb0d1","refsource":"","tags":[],"title":"[SECURITY] Fedora 36 Update: pypy3.7-7.3.9-2.3.7.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2015-20107","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-20107","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2015","cve_id":"20107","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"35","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"20107","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"36","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"20107","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"37","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"20107","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"active_iq_unified_manager","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"vmware_vsphere","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"20107","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"active_iq_unified_manager","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"windows","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"20107","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"ontap_select_deploy_administration_utility","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"20107","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"snapcenter","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"20107","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"python","cpe5":"python","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"20107","vulnerable":"1","versionEndIncluding":"3.10.4","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"python","cpe5":"python","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"20107","vulnerable":"1","versionEndIncluding":"3.7.15","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"python","cpe5":"python","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"20107","vulnerable":"1","versionEndIncluding":"3.8.15","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"python","cpe5":"python","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"20107","vulnerable":"1","versionEndIncluding":"3.9.15","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"python","cpe5":"python","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2015-20107","qid":"160086","title":"Oracle Enterprise Linux Security Update for python3 (ELSA-2022-6457)"},{"cve":"CVE-2015-20107","qid":"160209","title":"Oracle Enterprise Linux Security Update for python38:3.8 and python38-devel:3.8 (ELSA-2022-7581)"},{"cve":"CVE-2015-20107","qid":"160227","title":"Oracle Enterprise Linux Security Update for python39:3.9 and python39-devel:3.9 (ELSA-2022-7592)"},{"cve":"CVE-2015-20107","qid":"160249","title":"Oracle Enterprise Linux Security Update for python27:2.7 (ELSA-2022-7593)"},{"cve":"CVE-2015-20107","qid":"160271","title":"Oracle Enterprise Linux Security Update for python3.9 (ELSA-2022-8353)"},{"cve":"CVE-2015-20107","qid":"181802","title":"Debian Security Update for python2.7 (DLA 3432-1)"},{"cve":"CVE-2015-20107","qid":"198862","title":"Ubuntu Security Notification for Python Vulnerability (USN-5519-1)"},{"cve":"CVE-2015-20107","qid":"199497","title":"Ubuntu Security Notification for Python Vulnerabilities (USN-5888-1)"},{"cve":"CVE-2015-20107","qid":"240663","title":"Red Hat Update for python3 (RHSA-2022:6457)"},{"cve":"CVE-2015-20107","qid":"240700","title":"Red Hat Update for rh-python38-python (RHSA-2022:6766)"},{"cve":"CVE-2015-20107","qid":"240812","title":"Red Hat Update for python38:3.8 and python38-devel:3.8 (RHSA-2022:7581)"},{"cve":"CVE-2015-20107","qid":"240818","title":"Red Hat Update for python39:3.9 and python39-devel:3.9 (RHSA-2022:7592)"},{"cve":"CVE-2015-20107","qid":"240860","title":"Red Hat Update for python27:2.7 (RHSA-2022:7593)"},{"cve":"CVE-2015-20107","qid":"240914","title":"Red Hat Update for python3.9 security (RHSA-2022:8353)"},{"cve":"CVE-2015-20107","qid":"282839","title":"Fedora Security Update for python3.6 (FEDORA-2022-cece1d07d9)"},{"cve":"CVE-2015-20107","qid":"282840","title":"Fedora Security Update for python3.6 (FEDORA-2022-4b0dfda810)"},{"cve":"CVE-2015-20107","qid":"282841","title":"Fedora Security Update for python3.7 (FEDORA-2022-1358cedf2d)"},{"cve":"CVE-2015-20107","qid":"282842","title":"Fedora Security Update for python3.7 (FEDORA-2022-4c788bdc40)"},{"cve":"CVE-2015-20107","qid":"282843","title":"Fedora Security Update for python3.8 (FEDORA-2022-2e1d1205cf)"},{"cve":"CVE-2015-20107","qid":"282844","title":"Fedora Security Update for python3.8 (FEDORA-2022-a8e50dc83e)"},{"cve":"CVE-2015-20107","qid":"282849","title":"Fedora Security Update for python3.9 (FEDORA-2022-0be85556b4)"},{"cve":"CVE-2015-20107","qid":"282850","title":"Fedora Security Update for python3.9 (FEDORA-2022-5ad25e3d3c)"},{"cve":"CVE-2015-20107","qid":"282851","title":"Fedora Security Update for python2.7 (FEDORA-2022-4a69d20cf4)"},{"cve":"CVE-2015-20107","qid":"282853","title":"Fedora Security Update for python3 (FEDORA-2022-9da5703d22)"},{"cve":"CVE-2015-20107","qid":"282855","title":"Fedora Security Update for python3 (FEDORA-2022-5ea8aa7518)"},{"cve":"CVE-2015-20107","qid":"282871","title":"Fedora Security Update for python2.7 (FEDORA-2022-ec74ac4079)"},{"cve":"CVE-2015-20107","qid":"282911","title":"Fedora Security Update for pypy (FEDORA-2022-ce55d01569)"},{"cve":"CVE-2015-20107","qid":"282912","title":"Fedora Security Update for pypy (FEDORA-2022-9dd70781cb)"},{"cve":"CVE-2015-20107","qid":"282913","title":"Fedora Security Update for pypy3.7 (FEDORA-2022-20e87fb0d1)"},{"cve":"CVE-2015-20107","qid":"282914","title":"Fedora Security Update for pypy3.7 (FEDORA-2022-d157a91e10)"},{"cve":"CVE-2015-20107","qid":"282915","title":"Fedora Security Update for pypy3.8 (FEDORA-2022-b499f2a9c6)"},{"cve":"CVE-2015-20107","qid":"282916","title":"Fedora Security Update for pypy3.8 (FEDORA-2022-9cd41b6709)"},{"cve":"CVE-2015-20107","qid":"282917","title":"Fedora Security Update for pypy3.9 (FEDORA-2022-17a1bb7e78)"},{"cve":"CVE-2015-20107","qid":"282918","title":"Fedora Security Update for pypy3.9 (FEDORA-2022-dbe9a8f9ac)"},{"cve":"CVE-2015-20107","qid":"283294","title":"Fedora Security Update for mingw (FEDORA-2022-d1682fef04)"},{"cve":"CVE-2015-20107","qid":"283444","title":"Fedora Security Update for mingw (FEDORA-2022-79843dfb3c)"},{"cve":"CVE-2015-20107","qid":"285297","title":"Fedora Security Update for pypy3.10 (FEDORA-2023-ddde191e04)"},{"cve":"CVE-2015-20107","qid":"296098","title":"Oracle Solaris 11.4 Support Repository Update (SRU) 52.132.2 Missing (CPUOCT2022)"},{"cve":"CVE-2015-20107","qid":"377718","title":"Alibaba Cloud Linux Security Update for python3 (ALINUX3-SA-2022:0170)"},{"cve":"CVE-2015-20107","qid":"378004","title":"Splunk Enterprise Multiple Vulnerabilities (SVD-2023-0215,SVD-2023-0211,SVD-2023-0208)"},{"cve":"CVE-2015-20107","qid":"502787","title":"Alpine Linux Security Update for python3"},{"cve":"CVE-2015-20107","qid":"6000019","title":"Debian Security Update for python3.7 (DLA 3477-1)"},{"cve":"CVE-2015-20107","qid":"671909","title":"EulerOS Security Update for python3 (EulerOS-SA-2022-2008)"},{"cve":"CVE-2015-20107","qid":"671944","title":"EulerOS Security Update for python3 (EulerOS-SA-2022-1978)"},{"cve":"CVE-2015-20107","qid":"671988","title":"EulerOS Security Update for python3 (EulerOS-SA-2022-2144)"},{"cve":"CVE-2015-20107","qid":"672002","title":"EulerOS Security Update for python3 (EulerOS-SA-2022-2169)"},{"cve":"CVE-2015-20107","qid":"672252","title":"EulerOS Security Update for python (EulerOS-SA-2022-2632)"},{"cve":"CVE-2015-20107","qid":"672399","title":"EulerOS Security Update for python3 (EulerOS-SA-2022-2805)"},{"cve":"CVE-2015-20107","qid":"672408","title":"EulerOS Security Update for python2 (EulerOS-SA-2022-2804)"},{"cve":"CVE-2015-20107","qid":"672843","title":"EulerOS Security Update for python3 (EulerOS-SA-2023-1587)"},{"cve":"CVE-2015-20107","qid":"672853","title":"EulerOS Security Update for python3 (EulerOS-SA-2023-1577)"},{"cve":"CVE-2015-20107","qid":"710714","title":"Gentoo Linux Python, PyPy3 Multiple Vulnerabilities (GLSA 202305-02)"},{"cve":"CVE-2015-20107","qid":"752256","title":"SUSE Enterprise Linux Security Update for python36 (SUSE-SU-2022:2147-1)"},{"cve":"CVE-2015-20107","qid":"752259","title":"SUSE Enterprise Linux Security Update for python3 (SUSE-SU-2022:2166-1)"},{"cve":"CVE-2015-20107","qid":"752275","title":"SUSE Enterprise Linux Security Update for python39 (SUSE-SU-2022:2174-1)"},{"cve":"CVE-2015-20107","qid":"752281","title":"SUSE Enterprise Linux Security Update for python (SUSE-SU-2022:2248-1)"},{"cve":"CVE-2015-20107","qid":"752282","title":"SUSE Enterprise Linux Security Update for python (SUSE-SU-2022:2249-1)"},{"cve":"CVE-2015-20107","qid":"752327","title":"SUSE Enterprise Linux Security Update for python (SUSE-SU-2022:2344-1)"},{"cve":"CVE-2015-20107","qid":"752335","title":"SUSE Enterprise Linux Security Update for python3 (SUSE-SU-2022:2351-1)"},{"cve":"CVE-2015-20107","qid":"752336","title":"SUSE Enterprise Linux Security Update for python3 (SUSE-SU-2022:2357-1)"},{"cve":"CVE-2015-20107","qid":"753766","title":"SUSE Enterprise Linux Security Update for python39 (SUSE-SU-2023:0707-1)"},{"cve":"CVE-2015-20107","qid":"900829","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for python2 (9441)"},{"cve":"CVE-2015-20107","qid":"900845","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for python3 (9442)"},{"cve":"CVE-2015-20107","qid":"901670","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for python3 (9417)"},{"cve":"CVE-2015-20107","qid":"903956","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for python3 (9417-1)"},{"cve":"CVE-2015-20107","qid":"904186","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for python3 (9442-1)"},{"cve":"CVE-2015-20107","qid":"904206","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for python2 (9441-1)"},{"cve":"CVE-2015-20107","qid":"940653","title":"AlmaLinux Security Update for python3 (ALSA-2022:6457)"},{"cve":"CVE-2015-20107","qid":"940760","title":"AlmaLinux Security Update for python27:2.7 (ALSA-2022:7593)"},{"cve":"CVE-2015-20107","qid":"940776","title":"AlmaLinux Security Update for python39:3.9 and python39-devel:3.9 (ALSA-2022:7592)"},{"cve":"CVE-2015-20107","qid":"940777","title":"AlmaLinux Security Update for python38:3.8 and python38-devel:3.8 (ALSA-2022:7581)"},{"cve":"CVE-2015-20107","qid":"940790","title":"AlmaLinux Security Update for python3.9 (ALSA-2022:8353)"},{"cve":"CVE-2015-20107","qid":"960473","title":"Rocky Linux Security Update for python27:2.7 (RLSA-2022:7593)"},{"cve":"CVE-2015-20107","qid":"960542","title":"Rocky Linux Security Update for python3.9 (RLSA-2022:8353)"},{"cve":"CVE-2015-20107","qid":"960594","title":"Rocky Linux Security Update for python39:3.9 and python39-devel:3.9 (RLSA-2022:7592)"},{"cve":"CVE-2015-20107","qid":"960618","title":"Rocky Linux Security Update for python38:3.8 and python38-devel:3.8 (RLSA-2022:7581)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2015-20107","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9"}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"url":"https://bugs.python.org/issue24778","refsource":"MISC","name":"https://bugs.python.org/issue24778"},{"url":"https://github.com/python/cpython/issues/68966","refsource":"MISC","name":"https://github.com/python/cpython/issues/68966"},{"refsource":"CONFIRM","name":"https://security.netapp.com/advisory/ntap-20220616-0001/","url":"https://security.netapp.com/advisory/ntap-20220616-0001/"},{"refsource":"FEDORA","name":"FEDORA-2022-5ad25e3d3c","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FCIO2W4DUVVMI6L52QCC4TT2B3K5VWHS/"},{"refsource":"FEDORA","name":"FEDORA-2022-cece1d07d9","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ERYMM2QVDPOJLX4LYXWYIQN5FOIJLDRY/"},{"refsource":"FEDORA","name":"FEDORA-2022-2e1d1205cf","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FIRUTX47BJD2HYJDLMI7JJBVCYFAPKAQ/"},{"refsource":"FEDORA","name":"FEDORA-2022-4b0dfda810","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46KWPTI72SSEOF53DOYQBQOCN4QQB2GE/"},{"refsource":"FEDORA","name":"FEDORA-2022-1358cedf2d","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ONXSGLASNLGFL57YU6WT6Y5YURSFV43U/"},{"refsource":"FEDORA","name":"FEDORA-2022-0be85556b4","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MYG3EMFR7ZHC46TDNM7SNWO64A3W7EUF/"},{"refsource":"FEDORA","name":"FEDORA-2022-a8e50dc83e","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y4E2WBEJ42CGLGDHD6ZXOLZ2W6G3YOVD/"},{"refsource":"FEDORA","name":"FEDORA-2022-4c788bdc40","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XO2H6CKWLRGTTZCGUQVELW6LUH437Q3O/"},{"refsource":"FEDORA","name":"FEDORA-2022-9da5703d22","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5664BGZVTA46LQDNTYX5THG6CN4FYJX/"},{"refsource":"FEDORA","name":"FEDORA-2022-4a69d20cf4","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UIOJUZ5JMEMGSKNISTOVI4PDP36FDL5Y/"},{"refsource":"FEDORA","name":"FEDORA-2022-5ea8aa7518","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAY6VBNVEFUXKJF37WFHYXUSRDEK34N3/"},{"refsource":"FEDORA","name":"FEDORA-2022-ec74ac4079","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F3LNY2NHM6J22O6Q5ANOE3SZRK3OACKR/"},{"refsource":"FEDORA","name":"FEDORA-2022-17a1bb7e78","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPCLGZZJPVXFWUWVV5WCD5FNUAFLKBDN/"},{"refsource":"FEDORA","name":"FEDORA-2022-dbe9a8f9ac","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5DBVY4YC2P6EPZZ2DROOXHDOWZ4BJFLW/"},{"refsource":"FEDORA","name":"FEDORA-2022-9dd70781cb","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HAI2GBC7WKH7J5NH6J2IW5RT3VF2SF5M/"},{"refsource":"FEDORA","name":"FEDORA-2022-20e87fb0d1","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QIKVSW3H6W2GQGDE5DTIWLGFNH6KKEW/"},{"refsource":"FEDORA","name":"FEDORA-2022-9cd41b6709","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKGMYDVKI3XNM27B6I6RQ6QV3TVJAUCG/"},{"refsource":"FEDORA","name":"FEDORA-2022-d157a91e10","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/57NECACX333A3BBZM2TR2VZ4ZE3UG3SN/"},{"refsource":"FEDORA","name":"FEDORA-2022-ce55d01569","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PTTZGLD2YBMMG6U6F5HOTPOGGPBIURMA/"},{"refsource":"FEDORA","name":"FEDORA-2022-b499f2a9c6","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/53TQZFLS6O3FLIMVSXFEEPZSWLDZLBOX/"},{"refsource":"FEDORA","name":"FEDORA-2022-d1682fef04","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WXF6MQ74HVIDDSR5AE2UDR24I6D4FEPC/"},{"refsource":"FEDORA","name":"FEDORA-2022-79843dfb3c","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IFGV7P2PYFBMK32OKHCAC2ZPJQV5AUDF/"},{"refsource":"CONFIRM","name":"https://python-security.readthedocs.io/vuln/mailcap-shell-injection.html","url":"https://python-security.readthedocs.io/vuln/mailcap-shell-injection.html"},{"refsource":"GENTOO","name":"GLSA-202305-02","url":"https://security.gentoo.org/glsa/202305-02"},{"refsource":"MLIST","name":"[debian-lts-announce] 20230524 [SECURITY] [DLA 3432-1] python2.7 security update","url":"https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html"},{"refsource":"MLIST","name":"[debian-lts-announce] 20230630 [SECURITY] [DLA 3477-1] python3.7 security update","url":"https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html"}]}},"nvd":{"publishedDate":"2022-04-13 16:15:00","lastModifiedDate":"2023-11-07 02:25:00","problem_types":["CWE-77"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"LOW","baseScore":7.6,"baseSeverity":"HIGH"},"exploitabilityScore":2.8,"impactScore":4.7},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:C/A:P","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"COMPLETE","availabilityImpact":"PARTIAL","baseScore":8},"severity":"HIGH","exploitabilityScore":8,"impactScore":8.5,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","versionStartIncluding":"3.8.0","versionEndIncluding":"3.8.15","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","versionStartIncluding":"3.9.0","versionEndIncluding":"3.9.15","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","versionStartIncluding":"3.10.0","versionEndExcluding":"3.10.8","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","versionStartIncluding":"3.7.0","versionEndIncluding":"3.7.15","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}