Описание
Array index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the raw_decode function.
A flaw was found in the way the json module handled negative index argument passed to certain functions (such as raw_decode()). An attacker able to control index value passed to one of the affected functions could possibly use this flaw to disclose portions of the application memory.
Отчет
This issue affects the versions of python as shipped with Red Hat Enterprise Linux 7, the versions of python-simplejson as shipped with Red Hat Enterprise Linux 5 and 6, and the versions of python33-python and python33-python-simplejson as shipped with Red Hat Software Collections. Red Hat Product Security has rated this issue as having Moderate security impact. Future updates may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | python | Not affected | ||
| Red Hat Enterprise Linux 5 | python-simplejson | Will not fix | ||
| Red Hat Enterprise Linux 6 | python | Not affected | ||
| Red Hat Enterprise Linux 6 | python-simplejson | Will not fix | ||
| Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7 | python-simplejson | Affected | ||
| Red Hat Software Collections | python27-python | Affected | ||
| Red Hat Software Collections | python27-python-simplejson | Affected | ||
| Red Hat Software Collections | python33-python | Will not fix | ||
| Red Hat Software Collections | python33-python-simplejson | Will not fix | ||
| Red Hat Software Collections | rh-python34-python | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
4 Medium
CVSS2
Связанные уязвимости
Array index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the raw_decode function.
Array index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the raw_decode function.
Array index error in the scanstring function in the _json module in Py ...
simplejson before 2.6.1 vulnerable to array index error
ELSA-2015-2101: python security, bug fix, and enhancement update (MODERATE)
EPSS
4 Medium
CVSS2