VDB
CVE-2020-15523
CVE-2020-15523
PUBLISHED
In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, and 3.9 through 3.9.0b4 on Windows, a Trojan horse python3.dll might be used in cases where CPython is embedded in a native application. This occurs because python3X.dll may use an invalid search path for python3.dll loading (after Py_SetPath has been used). NOTE: this issue CANNOT occur when using python.exe from a standard (non-embedded) Python installation on Windows.
EPSS 0.09% · 24.8th percentile
Risk Scores
EPSS Score
0.09%
24.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | libpython | 3.5.0, 3.6.0, 3.7.0 |
| Bitnami | libpython | 3.8.0, 3.7.0, 3.6.0 |
| Bitnami | python-min | 3.8.0, 3.7.0, 3.8.0 |
| Bitnami | python | 3.6.0, 3.5.0, 3.7.0 |
| Bitnami | python | 3.6.0, 3.5.0, 3.8.0 |
| Bitnami | python-min | 3.8.0, 3.5.0, 3.6.0 |
Exploit Intelligence
- CVE-2025-38062.yara (github-yara)
- CVE-2025-38062.yara (github-yara)
- CVE-2025-38062.yara (github-yara)
- CVE-2025-38062.yara (github-yara)
- CVE-2025-38062.yara (github-yara)
- CVE-2025-38062.yara (github-yara)
- CVE-2025-38062.yara (github-yara)
- zephyr-crosstool-arm-grype.html (github-poc)
- zephyr-crosstool-arm-grype.html (github-poc)
- zephyr-crosstool-arm-grype.html (github-poc)
…and 5 more exploits
Timeline
- Jul 4, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Nov 6, 2022 EPSS Score