Описание
OpenStack Object Storage (swift) before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, which allows remote attackers to execute arbitrary code via a crafted pickle object.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| hardy | DNE | |
| lucid | DNE | |
| natty | ignored | end of life |
| oneiric | ignored | end of life |
| precise | released | 1.4.8-0ubuntu2.2 |
| quantal | not-affected | 1.7.2-0ubuntu1 |
| raring | not-affected | |
| upstream | released | 1.7.0 |
Показывать по
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
OpenStack Object Storage (swift) before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, which allows remote attackers to execute arbitrary code via a crafted pickle object.
OpenStack Object Storage (swift) before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, which allows remote attackers to execute arbitrary code via a crafted pickle object.
OpenStack Object Storage (swift) before 1.7.0 uses the loads function ...
OpenStack Object Storage (swift) Code Injection vulnerability
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3