CVE-2023-33595

Опубликовано: 07 июн. 2023

Источник: debian

Описание

CPython v3.12.0 alpha 7 was discovered to contain a heap use-after-free via the function ascii_decode at /Objects/unicodeobject.c.

Пакет	Статус	Тип
python3.11	not-affected	package
python3.10	not-affected	package
python3.9	not-affected	package
python3.7	not-affected	package
python2.7	not-affected	package

https://github.com/python/cpython/issues/103824
Introduced by: https://github.com/python/cpython/commit/1ef61cf71a218c71860ff6aecf0fd51edb8b65dc (v3.12.0b1)
Fixed by: https://github.com/python/cpython/commit/d5a97074d24cd14cb2a35a2b1ad3074863cde264 (v3.12.0b1)

CVE-2023-33595

CVSS3: 5.5

ubuntu

около 2 лет назад

CPython v3.12.0 alpha 7 was discovered to contain a heap use-after-free via the function ascii_decode at /Objects/unicodeobject.c.

CVE-2023-33595

CVSS3: 5.5

nvd

около 2 лет назад

CPython v3.12.0 alpha 7 was discovered to contain a heap use-after-free via the function ascii_decode at /Objects/unicodeobject.c.

GHSA-pqc2-g93j-9599

CVSS3: 5.5

github

около 2 лет назад

CPython v3.12.0 alpha 7 was discovered to contain a heap use-after-free via the function ascii_decode at /Objects/unicodeobject.c.