ALPINE-CVE-2020-8315

ALPINE-CVE-2020-8315 PUBLISHED CVSS 5.5 MEDIUM

In Python (CPython) 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1, an insecure dependency load upon launch on Windows 7 may result in an attacker's copy of api-ms-win-core-path-l1-1-0.dll being loaded and used instead of the system's copy. Windows 8 and later are unaffected.

Risk Scores

CVSS v3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Affected Products

Vendor	Product	Versions
Alpine:v3.15	python3	3.6.7-r0, 3.6.8-r0, 3.6.8-r1
Alpine:v3.17	python3	3.6.3-r9, 3.6.4-r0, 3.6.4-r1
Alpine:v3.16	python3	3.5.2-r7, 3.5.2-r8, 3.6.1-r1
Alpine:v3.13	python3	3.3.0-r0, 3.6.6-r2, 3.6.7-r0
Alpine:v3.19	python3	3.1.3-r0, 3.8.1-r3, 3.8.1-r2
Alpine:v3.22	python3	3.5.2-r6, 3.5.2-r5, 3.5.2-r4
Alpine:v3.23	python3	3.6.6-r1, 3.6.6-r1, 3.6.6-r2
Alpine:v3.14	python3	3.6.6-r1, 3.6.6-r2, 3.6.6-r3
Alpine:v3.12	python3	3.8.1-r3, 3.2.0-r0, 0
Alpine:v3.20	python3	3.3.4-r0, 3.3.3-r0, 3.3.2-r0
Alpine:v3.18	python3	3.6.6-r3, 3.2.0-r0, 3.3.3-r0
Alpine:v3.21	python3	3.6.7-r0, 3.8.1-r3, 3.8.1-r2
Alpine:v3.10	python3	3.7.5-r1, 3.7.5-r0, 3.7.4-r0
Alpine:v3.11	python3	3.5.2-r3, 3.5.2-r4, 3.5.2-r5

Timeline

Jan 28, 2020 CVE Published
Dec 3, 2025 CVE Updated
Apr 30, 2026 Distribution Patch

References

https://security.alpinelinux.org/vuln/CVE-2020-8315 advisory

Open in Interactive Console →