Page 8 of 53 results (0.017 seconds)

CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 0

Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause pathological hash collisions in Expat's internal data structures, consuming large amounts CPU and RAM. The vulnerability exists in Python versions 3.7.0, 3.6.0 through 3.6.6, 3.5.0 through 3.5.6, 3.4.0 through 3.4.9, 2.7.0 through 2.7.15. El acelerador de C elementtree en Python no inicializa la sal del hash Expat durante la inicialización. Esto podría facilitar llevar a cabo ataques de denegación de servicio (DoS) contra Expat construyendo un documento XML que provocaría colisiones de hashes en las estructuras internas de datos de Expat, consumiendo grandes cantidades de CPU y RAM. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html http://www.securityfocus.com/bid/105396 http://www.securitytracker.com/id/1041740 https://access.redhat.com/errata/RHSA-2019:1260 https://access.redhat.com/errata/RHSA-2019:2030 https://access.redhat.com/errata/RHSA-2019:3725 https://bugs.python.org/issue34623 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14647 https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.boo • CWE-335: Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) CWE-665: Improper Initialization CWE-909: Missing Initialization of Resource •

CVSS: 7.5EPSS: 0%CPEs: 17EXPL: 1

python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service. Python antes de las versiones 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 y 3.7.0 es vulnerable a un retroceso catastrófico en el método apop () de pop3lib. Un atacante podría usar este fallo para causar la denegación de servicio. A flaw was found in the way catastrophic backtracking was implemented in python's pop3lib's apop() method. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html http://www.securitytracker.com/id/1042001 https://access.redhat.com/errata/RHBA-2019:0327 https://access.redhat.com/errata/RHSA-2018:3041 https://access.redhat.com/errata/RHSA-2018:3505 https://access.redhat.com/errata/RHSA-2019:1260 https://access.redhat.com/errata/RHSA-2019:3725 https://bugs.python.org/issue32981 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1060 https://docs.python.org/ • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: 27EXPL: 0

python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service. python en versiones anteriores a la 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 y 3.7.0 es vulnerable a backtracking catastrófico en el método difflib.IS_LINE_JUNK. Un atacante podría utilizar este fallo para provocar una denegación de servicio (DoS). A flaw was found in the way catastrophic backtracking was implemented in python's difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html http://www.securitytracker.com/id/1042001 https://access.redhat.com/errata/RHBA-2019:0327 https://access.redhat.com/errata/RHSA-2018:3041 https://access.redhat.com/errata/RHSA-2018:3505 https://access.redhat.com/errata/RHSA-2019:1260 https://access.redhat.com/errata/RHSA-2019:3725 https://bugs.python.org/issue32981 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1061 https://docs.python.org/ • CWE-20: Improper Input Validation •

CVSS: 7.2EPSS: 0%CPEs: 9EXPL: 1

Python Software Foundation CPython version From 3.2 until 3.6.4 on Windows contains a Buffer Overflow vulnerability in os.symlink() function on Windows that can result in Arbitrary code execution, likely escalation of privilege. This attack appears to be exploitable via a python script that creates a symlink with an attacker controlled name or location. This vulnerability appears to have been fixed in 3.7.0 and 3.6.5. Python Software Foundation CPython, desde la versión 3.2 hasta la 3.6.4 en Windows, contiene una vulnerabilidad de desbordamiento de búfer en la función os.symlink() de Windows que puede resultar en la ejecución de código arbitrario y en un escalado de privilegios. El ataque parece ser explotable mediante un script de python que crea un symlink con un nombre o ubicación controlado por un atacante. • https://github.com/u0pattern/CVE-2018-1000117-Exploit https://bugs.python.org/issue33001 https://github.com/python/cpython/pull/5989 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

The Wave_read._read_fmt_chunk function in Lib/wave.py in Python through 3.6.4 does not ensure a nonzero channel value, which allows attackers to cause a denial of service (divide-by-zero and exception) via a crafted wav format audio file. NOTE: the vendor disputes this issue because Python applications "need to be prepared to handle a wide variety of exceptions. ** EN DISPUTA ** La función Wave_read._read_fmt_chunk en Lib/wave.py en Python, hasta la versión 3.6.4, no garantiza un valor de canal nonzero, lo que permite que atacantes remotos provoquen una denegación de servicio (error de división entre cero y cierre inesperado de la aplicación) mediante un archivo de audio wav manipulado. NOTA: el vendedor informa que las aplicaciones de Python "necesitan estar preparadas para manejar una amplia variedad de excepciones". • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html https://bugs.python.org/issue32056 • CWE-369: Divide By Zero •