{"id":"BIT-python-min-2020-15523","details":"In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, and 3.9 through 3.9.0b4 on Windows, a Trojan horse python3.dll might be used in cases where CPython is embedded in a native application. This occurs because python3X.dll may use an invalid search path for python3.dll loading (after Py_SetPath has been used). NOTE: this issue CANNOT occur when using python.exe from a standard (non-embedded) Python installation on Windows.","aliases":["BIT-libpython-2020-15523","BIT-python-2020-15523","CVE-2020-15523","PSF-2020-4"],"modified":"2025-08-11T15:27:10.353556Z","published":"2025-01-16T07:24:13.896Z","database_specific":{"cpes":["cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","cpe:2.3:a:python:python:3.8.4:rc1:*:*:*:*:*:*","cpe:2.3:a:python:python:3.9.0:alpha1:*:*:*:*:*:*","cpe:2.3:a:python:python:3.9.0:alpha2:*:*:*:*:*:*","cpe:2.3:a:python:python:3.9.0:alpha3:*:*:*:*:*:*","cpe:2.3:a:python:python:3.9.0:alpha4:*:*:*:*:*:*","cpe:2.3:a:python:python:3.9.0:alpha5:*:*:*:*:*:*","cpe:2.3:a:python:python:3.9.0:alpha6:*:*:*:*:*:*","cpe:2.3:a:python:python:3.9.0:beta1:*:*:*:*:*:*","cpe:2.3:a:python:python:3.9.0:beta2:*:*:*:*:*:*","cpe:2.3:a:python:python:3.9.0:beta3:*:*:*:*:*:*","cpe:2.3:a:python:python:3.9.0:beta4:*:*:*:*:*:*"],"severity":"High"},"references":[{"type":"WEB","url":"https://bugs.python.org/issue29778"},{"type":"WEB","url":"https://github.com/python/cpython/pull/21297"},{"type":"WEB","url":"https://security.netapp.com/advisory/ntap-20210312-0004/"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-15523"}],"affected":[{"package":{"name":"python-min","ecosystem":"Bitnami","purl":"pkg:bitnami/python-min"},"ranges":[{"type":"SEMVER","events":[{"introduced":"3.5.0"},{"fixed":"3.5.10"},{"introduced":"3.6.0"},{"fixed":"3.6.12"},{"introduced":"3.7.0"},{"fixed":"3.7.9"},{"introduced":"3.8.0"},{"fixed":"3.8.4"}]}],"database_specific":{"source":"https://github.com/bitnami/vulndb/tree/main/data/python-min/BIT-python-min-2020-15523.json"},"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}],"schema_version":"1.7.3"}