CVE-2019-9674

Опубликовано: 04 фев. 2020

Источник: debian

Описание

Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.

Пакет	Статус	Тип
python3.8	removed	package
python3.7	removed	package
python3.5	removed	package
python3.4	removed	package
python2.7	unfixed	package

https://bugs.python.org/issue36260
https://bugs.python.org/issue36462
Improved documentation: https://github.com/python/cpython/commit/3ba51d587f6897a45301ce9126300c14fcd4eba2

CVE-2019-9674

CVSS3: 7.5

ubuntu

больше 5 лет назад

Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.

CVE-2019-9674

CVSS3: 4.2

redhat

больше 6 лет назад

Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.

CVE-2019-9674

CVSS3: 7.5

nvd

больше 5 лет назад

Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.

CVE-2019-9674

CVSS3: 7.5

msrc

9 месяцев назад

Описание отсутствует

GHSA-h33x-58qw-vqrp

CVSS3: 7.5

github

около 3 лет назад

Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.