Integer Overflow Vulnerability in PyString_DecodeEscape Function in CPython
CVE-2017-1000158 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)
Learn more about our Web Application Penetration Testing UK.