ID de Prueba:	1.3.6.1.4.1.25623.1.0.118212
Categoría:	Denial of Service
Título:	Python <= 3.7.2 DoS Vulnerability (bpo-36260) - Windows
Resumen:	Python is prone to a denial of service (DoS) vulnerability.
Descripción:	Summary: Python is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: 'Lib/zipfile.py' in Python allows remote attackers to cause a DOS (resource consumption) via a ZIP bomb. Affected Software/OS: Python through version 3.7.2. Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-9674 https://bugs.python.org/issue36260 https://bugs.python.org/issue36462 https://github.com/python/cpython/blob/master/Lib/zipfile.py https://python-security.readthedocs.io/security.html#archives-and-zip-bomb https://www.python.org/news/security/ SuSE Security Announcement: openSUSE-SU-2020:0274 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html SuSE Security Announcement: openSUSE-SU-2020:0696 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00041.html https://usn.ubuntu.com/4428-1/
Copyright	Copyright (C) 2021 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.