CVE-2020-8315

In Python (CPython) 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1, an insecure dependency load upon launch on Windows 7 may result in an attacker's copy of api-ms-win-core-path-l1-1-0.dll being loaded and used instead of the system's copy. Windows 8 and later are unaffected.
References
Link Resource
https://bugs.python.org/issue39401 Issue Tracking Patch Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
cpe:2.3:a:python:python:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-01-28 19:15

Updated : 2024-02-04 20:39


NVD link : CVE-2020-8315

Mitre link : CVE-2020-8315

CVE.ORG link : CVE-2020-8315


JSON object : View

Products Affected

python

  • python
CWE
CWE-427

Uncontrolled Search Path Element