Errata ALT-PU-2023-3007-1: Информация
Исправления
Опубликовано: 6 июня 2019 г.
BDU:2019-02881
Уязвимость функции BZ2_decompress утилиты для сжатия данных bzip2, позволяющая нарушителю выполнить произвольный код
Важность: HIGH (8,6) Вектор: AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Ссылки:
Опубликовано: 30 июня 2016 г.
BDU:2021-01720
Уязвимость функции bzip2recover программного обеспечения для сжатия данных Bzip2, связанная с использованием после освобождения, позволяющая нарушителю вызвать отказ в обслуживании
Важность: MEDIUM (6,5) Вектор: AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Ссылки:
Опубликовано: 23 марта 2022 г.
BDU:2022-01641
Уязвимость библиотеки zlib, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании
Важность: HIGH (8,2) Вектор: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
Ссылки:
Опубликовано: 13 апреля 2022 г.
BDU:2022-03962
Уязвимость модуля mailcap интерпретатора языка программирования Python, позволяющая нарушителю выполнить произвольную команду
Важность: CRITICAL (9,8) Вектор: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Ссылки:
Опубликовано: 21 октября 2022 г.
BDU:2022-06445
Уязвимость криптографической хэш-функции SHA-3 программного пакета eXtended Keccak Code Package (XKCP), позволяющая нарушителю выполнить произвольный код
Важность: CRITICAL (9,8) Вектор: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Ссылки:
Опубликовано: 21 января 2014 г.
Изменено: 7 ноября 2023 г.
Изменено: 7 ноября 2023 г.
CVE-2013-0340
expat 2.1.0 and earlier does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed, and each affected application would need its own CVE.
Важность: MEDIUM (6,8)
Ссылки:
- [oss-security] 20130221 CVEs for libxml2 and expat internal and external XML entity expansion
- [oss-security] 20130413 Re-evaluating expat/libxml2 CVE assignments
- 90634
- 1028213
- 58233
- GLSA-201701-21
- https://support.apple.com/kb/HT212814
- https://support.apple.com/kb/HT212815
- https://support.apple.com/kb/HT212819
- https://support.apple.com/kb/HT212807
- https://support.apple.com/kb/HT212804
- https://support.apple.com/kb/HT212805
- 20210921 APPLE-SA-2021-09-20-7 Additional information for APPLE-SA-2021-09-13-3 macOS Big Sur 11.6
- 20210921 APPLE-SA-2021-09-20-6 Additional information for APPLE-SA-2021-09-13-1 iOS 14.8 and iPadOS 14.8
- 20210921 APPLE-SA-2021-09-20-3 tvOS 15
- 20210921 APPLE-SA-2021-09-20-2 watchOS 8
- 20210921 APPLE-SA-2021-09-20-1 iOS 15 and iPadOS 15
- 20210921 APPLE-SA-2021-09-20-8 Additional information for APPLE-SA-2021-09-13-4 Security Update 2021-005 Catalina
- [oss-security] 20211007 CVE-2021-40439: Apache OpenOffice: Billion Laughs
- 20211027 APPLE-SA-2021-10-26-9 Additional information for APPLE-SA-2021-09-20-1 iOS 15 and iPadOS 15
- 20211027 APPLE-SA-2021-10-26-11 Additional information for APPLE-SA-2021-09-20-3 tvOS 15
- 20211027 APPLE-SA-2021-10-26-10 Additional information for APPLE-SA-2021-09-20-2 watchOS 8
- https://lists.apache.org/thread.html/rfb2c193360436e230b85547e85a41bea0916916f96c501f5b6fc4702%40%3Cusers.openoffice.apache.org%3E
- https://lists.apache.org/thread.html/r41eca5f4f09e74436cbb05dec450fc2bef37b5d3e966aa7cc5fada6d%40%3Cannounce.apache.org%3E
Опубликовано: 13 апреля 2022 г.
Изменено: 7 ноября 2023 г.
Изменено: 7 ноября 2023 г.
CVE-2015-20107
In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9
Важность: HIGH (7,6) Вектор: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
Ссылки:
- https://github.com/python/cpython/issues/68966
- https://bugs.python.org/issue24778
- https://security.netapp.com/advisory/ntap-20220616-0001/
- https://python-security.readthedocs.io/vuln/mailcap-shell-injection.html
- GLSA-202305-02
- [debian-lts-announce] 20230524 [SECURITY] [DLA 3432-1] python2.7 security update
- [debian-lts-announce] 20230630 [SECURITY] [DLA 3477-1] python3.7 security update
- FEDORA-2022-5ad25e3d3c
- FEDORA-2022-cece1d07d9
- FEDORA-2022-2e1d1205cf
- FEDORA-2022-4b0dfda810
- FEDORA-2022-1358cedf2d
- FEDORA-2022-0be85556b4
- FEDORA-2022-a8e50dc83e
- FEDORA-2022-4c788bdc40
- FEDORA-2022-9da5703d22
- FEDORA-2022-4a69d20cf4
- FEDORA-2022-5ea8aa7518
- FEDORA-2022-ec74ac4079
- FEDORA-2022-17a1bb7e78
- FEDORA-2022-dbe9a8f9ac
- FEDORA-2022-9dd70781cb
- FEDORA-2022-20e87fb0d1
- FEDORA-2022-9cd41b6709
- FEDORA-2022-d157a91e10
- FEDORA-2022-ce55d01569
- FEDORA-2022-b499f2a9c6
- FEDORA-2022-d1682fef04
- FEDORA-2022-79843dfb3c
Опубликовано: 30 июня 2016 г.
Изменено: 7 ноября 2023 г.
Изменено: 7 ноября 2023 г.
CVE-2016-3189
Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block.
Важность: MEDIUM (6,5) Вектор: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Ссылки:
- 1036132
- https://bugzilla.redhat.com/show_bug.cgi?id=1319648
- [oss-security] 20160620 CVE-2016-3189: bzip2 use-after-free on bzip2recover
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- 91297
- GLSA-201708-08
- [debian-lts-announce] 20190624 [SECURITY] [DLA 1833-1] bzip2 security update
- USN-4038-2
- USN-4038-1
- 20190715 [slackware-security] bzip2 (SSA:2019-195-01)
- http://packetstormsecurity.com/files/153644/Slackware-Security-Advisory-bzip2-Updates.html
- FreeBSD-SA-19:18
- 20190806 FreeBSD Security Advisory FreeBSD-SA-19:18.bzip2
- http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html
- https://www.oracle.com/security-alerts/cpuoct2020.html
- [kafka-dev] 20200413 [jira] [Created] (KAFKA-9858) CVE-2016-3189 Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block.
- [kafka-jira] 20200413 [jira] [Created] (KAFKA-9858) CVE-2016-3189 Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block.
- [kafka-jira] 20200413 [jira] [Updated] (KAFKA-9858) CVE-2016-3189 Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block.
- [kafka-users] 20200413 CVEs for the dependency software guava and rocksdbjni of Kafka
- [kafka-jira] 20200414 [jira] [Commented] (KAFKA-9858) CVE-2016-3189 Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block.
- [kafka-jira] 20210729 [jira] [Comment Edited] (KAFKA-9858) CVE-2016-3189 Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block.
- [kafka-jira] 20210729 [jira] [Commented] (KAFKA-9858) CVE-2016-3189 Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block.
- [kafka-jira] 20210729 [jira] [Resolved] (KAFKA-9858) CVE-2016-3189 Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block.
- [kafka-dev] 20210729 [jira] [Resolved] (KAFKA-9858) CVE-2016-3189 Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block.
- [kafka-jira] 20210729 [jira] [Commented] (KAFKA-9858) CVE-2016-3189 Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block.
Опубликовано: 25 марта 2022 г.
Изменено: 7 ноября 2023 г.
Изменено: 7 ноября 2023 г.
CVE-2018-25032
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
Важность: HIGH (7,5) Вектор: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Ссылки:
- https://www.openwall.com/lists/oss-security/2022/03/24/1
- https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
- [oss-security] 20220325 Re: zlib memory corruption on deflate (i.e. compress)
- [oss-security] 20220326 Re: zlib memory corruption on deflate (i.e. compress)
- https://www.openwall.com/lists/oss-security/2022/03/28/1
- https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
- https://www.openwall.com/lists/oss-security/2022/03/28/3
- https://github.com/madler/zlib/issues/605
- DSA-5111
- [debian-lts-announce] 20220402 [SECURITY] [DLA 2968-1] zlib security update
- [debian-lts-announce] 20220507 [SECURITY] [DLA 2993-1] libz-mingw-w64 security update
- https://support.apple.com/kb/HT213255
- https://support.apple.com/kb/HT213256
- https://support.apple.com/kb/HT213257
- 20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina
- 20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6
- 20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4
- https://security.netapp.com/advisory/ntap-20220526-0009/
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://security.netapp.com/advisory/ntap-20220729-0004/
- [debian-lts-announce] 20220916 [SECURITY] [DLA 3114-1] mariadb-10.3 security update
- GLSA-202210-42
- https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf
- FEDORA-2022-413a80a102
- FEDORA-2022-dbd2935e44
- FEDORA-2022-12b89e2aad
- FEDORA-2022-61cf1c64f6
- FEDORA-2022-3a92250fd5
- FEDORA-2022-b58a85e167
Опубликовано: 20 июня 2019 г.
Изменено: 7 ноября 2023 г.
Изменено: 7 ноября 2023 г.
CVE-2019-12900
BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.
Важность: CRITICAL (9,8) Вектор: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Ссылки:
- https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc
- [debian-lts-announce] 20190624 [SECURITY] [DLA 1833-1] bzip2 security update
- USN-4038-2
- USN-4038-1
- 20190715 [slackware-security] bzip2 (SSA:2019-195-01)
- http://packetstormsecurity.com/files/153644/Slackware-Security-Advisory-bzip2-Updates.html
- [debian-lts-announce] 20190718 [SECURITY] [DLA 1833-2] bzip2 regression update
- openSUSE-SU-2019:1781
- FreeBSD-SA-19:18
- 20190806 FreeBSD Security Advisory FreeBSD-SA-19:18.bzip2
- http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html
- openSUSE-SU-2019:1918
- USN-4146-1
- USN-4146-2
- [debian-lts-announce] 20191010 [SECURITY] [DLA 1953-1] clamav security update
- [debian-lts-announce] 20191014 [SECURITY] [DLA 1953-2] clamav regression update
- openSUSE-SU-2019:2595
- openSUSE-SU-2019:2597
- https://www.oracle.com/security-alerts/cpuoct2020.html
- [kafka-users] 20200413 CVEs for the dependency software guava and rocksdbjni of Kafka
- https://support.f5.com/csp/article/K68713584?utm_source=f5support&amp%3Butm_medium=RSS
- [flink-user] 20210716 Flink 1.13.1 - Vulnerabilities CVE-2019-12900 for librocksdbjni
- [flink-user] 20210717 Re: Flink 1.13.1 - Vulnerabilities CVE-2019-12900 for librocksdbjni
Опубликовано: 9 сентября 2022 г.
Изменено: 1 июля 2023 г.
Изменено: 1 июля 2023 г.
CVE-2020-10735
A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int("text"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability.
Важность: HIGH (7,5) Вектор: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Ссылки:
- https://access.redhat.com/security/cve/CVE-2020-10735
- https://docs.google.com/document/d/1KjuF_aXlzPUxTK4BMgezGJ2Pn7uevfX7g0_mvgHlL7Y
- https://bugzilla.redhat.com/show_bug.cgi?id=1834423
- https://github.com/python/cpython/issues/95778
- [oss-security] 20220921 big ints in python: CVE-2020-10735
- [oss-security] 20220921 Re: big ints in python: CVE-2020-10735
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OKYE2DOI2X7WZXAWTQJZAXYIWM37HDCY/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSRPVJZL6DJFWKYRHMNJB7VCEUCBKRF5/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZEOAJWGGY55QU35UM2OVZATBW5MX2OZD/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBPDVCDIUCEBE7C4NAGNA2KQJYOTPBAZ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2VCU6EVQDIXNCEDJUCTFIER2WVNNDTYZ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/32AAQKABEKFCB5DDV5OONRZK6BS23HPW/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PD7FTLJOIGMUSCDR3JAN6WRFHJEE4PH5/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TD7JDDKJXK6D26XAN3YRFNM2LAJHT5UO/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/76YE7AM37MRU76XJV4M27CWDAMUGNRYK/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFGV7P2PYFBMK32OKHCAC2ZPJQV5AUDF/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WXF6MQ74HVIDDSR5AE2UDR24I6D4FEPC/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OT5WQB7Z3CXOWVBD2AFAHYPA5ONYFFZ4/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NHC6IUU7CLRQ3QLPWUXLONSG3SXFTR47/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OT5U223OE5ZOUHZAZYSYSWVJQIKDE73E/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4EWKR2SPX3JORLWCXFY3KN2U5B5CIUQQ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XL6E5A3I36TRR73VNBOXNIQP4AMZDFZ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U4ZZV4CDFRMTPDBI7C5L43RFL3XLIGUY/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V7ZUJDHK7KNG6SLIFXW7MNZ6O2PUJYK6/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMWPRAAJS7I6U3U45V7GZVXWNSECI22M/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SZYJSGLSCQOKXXFVJVJQAXLEOJBIWGEL/
- https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html
Опубликовано: 23 августа 2022 г.
Изменено: 17 мая 2024 г.
Изменено: 17 мая 2024 г.
CVE-2021-28861
Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation page states "Warning: http.server is not recommended for production. It only implements basic security checks."
Важность: HIGH (7,4) Вектор: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
Ссылки:
- https://github.com/python/cpython/pull/93879
- https://bugs.python.org/issue43223
- https://github.com/python/cpython/pull/24848
- GLSA-202305-02
- FEDORA-2022-f511f8f58b
- FEDORA-2022-7fff0f2b0b
- FEDORA-2022-a27e239f5a
- FEDORA-2022-a2be4bd5d8
- FEDORA-2022-15f1aa7dc7
- FEDORA-2022-fde69532df
- FEDORA-2022-61d8e8d880
- FEDORA-2022-4ac2e16969
- FEDORA-2022-2173709172
- FEDORA-2022-01d5789c08
- FEDORA-2022-d1682fef04
- FEDORA-2022-79843dfb3c
- FEDORA-2022-20116fb6aa
- FEDORA-2022-7ca361a226
Опубликовано: 21 октября 2022 г.
Изменено: 3 мая 2023 г.
Изменено: 3 мая 2023 г.
CVE-2022-37454
The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.
Важность: CRITICAL (9,8) Вектор: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Ссылки:
- https://news.ycombinator.com/item?id=33281106
- https://csrc.nist.gov/projects/hash-functions/sha-3-project
- https://mouha.be/sha-3-buffer-overflow/
- https://github.com/XKCP/XKCP/security/advisories/GHSA-6w4m-2xhg-2658
- [debian-lts-announce] 20221031 [SECURITY] [DLA 3174-1] pysha3 security update
- [debian-lts-announce] 20221101 [SECURITY] [DLA 3175-1] python3.7 security update
- DSA-5267
- DSA-5269
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ/
- https://eprint.iacr.org/2023/331
- https://news.ycombinator.com/item?id=35050307
- https://security.gentoo.org/glsa/202305-02
Опубликовано: 7 ноября 2022 г.
Изменено: 7 ноября 2023 г.
Изменено: 7 ноября 2023 г.
CVE-2022-42919
Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network namespace, which in many system configurations means any user on the same machine. Pickles can execute arbitrary code. Thus, this allows for local user privilege escalation to the user that any forkserver process is running as. Setting multiprocessing.util.abstract_sockets_supported to False is a workaround. The forkserver start method for multiprocessing is not the default start method. This issue is Linux specific because only Linux supports abstract namespace sockets. CPython before 3.9 does not make use of Linux abstract namespace sockets by default. Support for users manually specifying an abstract namespace socket was added as a bugfix in 3.7.8 and 3.8.3, but users would need to make specific uncommon API calls in order to do that in CPython before 3.9.
Важность: HIGH (7,8) Вектор: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Ссылки:
- https://github.com/python/cpython/issues/97514
- https://security.netapp.com/advisory/ntap-20221209-0006/
- https://github.com/python/cpython/issues/97514#issuecomment-1310277840
- https://github.com/python/cpython/compare/v3.10.8...v3.10.9
- https://github.com/python/cpython/compare/v3.9.15...v3.9.16
- GLSA-202305-02
- FEDORA-2022-1166a1df1e
- FEDORA-2022-028c09eaa7
- FEDORA-2022-b17bf30e88
- FEDORA-2022-462f39dd2f
- FEDORA-2022-a7cad6bd22
- FEDORA-2022-f44dd1bec2
- FEDORA-2023-af5206f71d
- FEDORA-2023-097dd40685
Опубликовано: 9 ноября 2022 г.
Изменено: 7 ноября 2023 г.
Изменено: 7 ноября 2023 г.
CVE-2022-45061
An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor; in such a scenario, they could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied supposed hostname. For example, the attack payload could be placed in the Location header of an HTTP response with status code 302. A fix is planned in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16.
Важность: HIGH (7,5) Вектор: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Ссылки:
- https://github.com/python/cpython/issues/98433
- https://security.netapp.com/advisory/ntap-20221209-0007/
- GLSA-202305-02
- [debian-lts-announce] 20230524 [SECURITY] [DLA 3432-1] python2.7 security update
- [debian-lts-announce] 20230630 [SECURITY] [DLA 3477-1] python3.7 security update
- FEDORA-2022-45d2cfdfa4
- FEDORA-2022-3e859b6bc6
- FEDORA-2022-e1ce71ff40
- FEDORA-2022-fdb2739feb
- FEDORA-2022-6f4e6120d7
- FEDORA-2022-e6d0495206
- FEDORA-2022-6d51289820
- FEDORA-2022-50deb53896
- FEDORA-2022-93c6916349
- FEDORA-2022-18b234c18b
- FEDORA-2022-de755fd092
- FEDORA-2022-fd3771db30
- FEDORA-2022-6b8b96f883
- FEDORA-2022-3d7e44dbd5
- FEDORA-2022-b2f06fbb62
- FEDORA-2022-6ba889e0e3
- FEDORA-2022-dbb811d203
- FEDORA-2022-e699dd5247
- FEDORA-2022-fbf6a320fe
- FEDORA-2022-bcf089dd07
- FEDORA-2023-a990c93ed0
- FEDORA-2023-78b4ce2f23
- FEDORA-2023-af5206f71d
- FEDORA-2023-943556a733
- FEDORA-2023-097dd40685
- FEDORA-2023-f1381c83af
- FEDORA-2023-129178fd27
- FEDORA-2023-c43a940a93
- FEDORA-2023-5460cf6dfb