Test Kennung:	1.3.6.1.4.1.25623.1.0.113724
Kategorie:	Denial of Service
Titel:	Python <= 3.8.3 DoS Vulnerability - Mac OS X
Zusammenfassung:	Python is prone to a denial of service (DoS) vulnerability.
Beschreibung:	Summary: Python is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: An attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation. Vulnerability Impact: Successful exploitation would allow an attacker to deny legitimate users access to the application or exhaust a system's resources. Affected Software/OS: Python through version 3.8.3. Solution: Updates are available. Please see the references for more information. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2019-20907 https://bugs.python.org/issue39017 https://github.com/python/cpython/pull/21454 https://security.netapp.com/advisory/ntap-20200731-0002/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YILCHHTNLH4GG4GSQBX2MZRKZBXOLCKE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PDKKRXLNVXRF6VGERZSR3OMQR5D5QI6I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NTBKKOLFFNHG6CM4ACDX4APHSD5ZX5N4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TOGKLGTXZLHQQFBVCAPSUDA6DOOJFNRY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CTUNTBJ3POHONQOTLEZC46POCIYYTAKZ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YSL3XWVDMSMKO23HR74AJQ6VEM3C2NTS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LE4O3PNDNNOMSKHNUKZKD3NGHIFUFDPX/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V3TALOUBYU2MQD4BPLRTDQUMBKGCAXUA/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36XI3EEQNMHGOZEI63Y7UV6XZRELYEAU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXI72HIHMXCQFWTULUXDG7VDA2BCYL4Y/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V53P2YOLEQH4J7S5QHXMKMZYFTVVMTMO/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VT4AF72TJ2XNIKCR4WEBR7URBJJ4YZRD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CAXHCY4V3LPAAJOBCJ26ISZ4NUXQXTUZ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CNHPQGSP2YM3JAUD2VAMPXTIUQTZ2M2U/ https://security.gentoo.org/glsa/202008-01 https://www.oracle.com/security-alerts/cpujan2021.html https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html https://lists.debian.org/debian-lts-announce/2020/11/msg00032.html https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html SuSE Security Announcement: openSUSE-SU-2020:1254 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00051.html SuSE Security Announcement: openSUSE-SU-2020:1257 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00052.html SuSE Security Announcement: openSUSE-SU-2020:1258 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00053.html SuSE Security Announcement: openSUSE-SU-2020:1265 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00056.html https://usn.ubuntu.com/4428-1/
Copyright	Copyright (C) 2020 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.