Main Vulnerability Database Vulnerabilities #VU110144

Insecure DLL loading in Python - CVE-2017-20052

Published: November 5, 2022 / Updated: June 3, 2025

Vulnerability identifier: #VU110144

CSH Severity: High

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2017-20052

CWE-ID: CWE-427

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Python

Software vendor:
Python.org

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

A vulnerability classified as problematic was found in Python 2.7.13. This vulnerability affects unknown code of the component pgAdmin4. The manipulation leads to uncontrolled search path. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Remediation

Install update from vendor's website.

External links

https://vuldb.com/?id.97822
http://seclists.org/fulldisclosure/2017/Feb/92
https://security.netapp.com/advisory/ntap-20220804-0005/

Insecure DLL loading in Python - CVE-2017-20052

Description

Remediation

External links

Please verify you're human