{"id":"CVE-2020-8315","details":"In Python (CPython) 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1, an insecure dependency load upon launch on Windows 7 may result in an attacker's copy of api-ms-win-core-path-l1-1-0.dll being loaded and used instead of the system's copy. Windows 8 and later are unaffected.","aliases":["BIT-libpython-2020-8315","BIT-python-2020-8315","BIT-python-min-2020-8315","PSF-2020-7"],"modified":"2026-03-14T10:34:44.856196Z","published":"2020-01-28T19:15:17.500Z","references":[{"type":"FIX","url":"https://bugs.python.org/issue39401"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/python/cpython","events":[{"introduced":"5c4568a05a0a62b5947c55f68f9f2ecfb90a4f12"},{"last_affected":"02dff8b01100e7cd6d4c93be27202ccb4ea05811"},{"introduced":"1bf9cc509326bc42cd8cb1650eb9bf64550d817e"},{"last_affected":"43364a7ae01fbe4288ef42622259a0038ce1edcc"},{"introduced":"fa919fdf2583bdfead1df00e842f24f30b2a34bf"},{"last_affected":"1b293b60067f6f4a95984d064ce0f6b6d34c1216"}],"database_specific":{"versions":[{"introduced":"3.6.0"},{"last_affected":"3.6.10"},{"introduced":"3.7.0"},{"last_affected":"3.7.6"},{"introduced":"3.8.0"},{"last_affected":"3.8.1"}]}}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-8315.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}]}