Описание
An out-of-bounds read vulnerability was found in Pymongo. When using a crafted payload, this flaw allows an attacker to force the parser to deserialize unmanaged memory.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 8 | python27:2.7/python-pymongo | Will not fix | ||
| Red Hat Enterprise Linux 8 | python36:3.6/python-pymongo | Will not fix | ||
| Red Hat OpenStack Platform 16.1 | openstack-panko | Not affected | ||
| Red Hat OpenStack Platform 16.2 | openstack-panko | Not affected | ||
| Red Hat OpenStack Platform 17.1 | python-pymongo | Affected | ||
| Red Hat Satellite 6 | python-pymongo | Affected |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-125
https://bugzilla.redhat.com/show_bug.cgi?id=2273859python-pymongo: out of bounds read
5.2 Medium
CVSS3
Связанные уязвимости
5.2 Medium
CVSS3