Описание
Array index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the raw_decode function.
Ссылки
- Issue TrackingVendor Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Issue TrackingMailing ListThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- ExploitPatchThird Party Advisory
- PatchThird Party AdvisoryVDB Entry
- Issue TrackingVendor Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Issue TrackingMailing ListThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- ExploitPatchThird Party Advisory
- PatchThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Одно из
Одно из
EPSS
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
Связанные уязвимости
Array index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the raw_decode function.
Array index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the raw_decode function.
Array index error in the scanstring function in the _json module in Py ...
simplejson before 2.6.1 vulnerable to array index error
ELSA-2015-2101: python security, bug fix, and enhancement update (MODERATE)
EPSS
5.9 Medium
CVSS3
4.3 Medium
CVSS2