VIR Vulnerability Intelligence Relay

CVE-2019-11236

medium
Published 2022-05-13 · Modified 2020-04-28
CVSS v3
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVSS v2
VIR risk
5.5

Description

Moderate: python27:2.7 security, bug fix, and enhancement update

Predictions

Exploit likelihood
30%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2020-1605.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2019-3335.html

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2019-11236

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2019:3335

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2020:1605

OS impact
OSVersionStatusFixed in
rockylinux rocky8fixed
debian debianbookwormfixed1.25.6-4
debian debianbullseyefixed1.25.6-4
debian debianforkyfixed1.25.6-4
debian debiansidfixed1.25.6-4
debian debiantrixiefixed1.25.6-4

Package impact
EcosystemPackageVulnerableFixed
python PyPIurllib3<1.24.31.24.3

References

Verify integrity in audit chain (admin only). AS-IS.