Логотип exploitDog
bind:CVE-2019-12760
Консоль
Логотип exploitDog

exploitDog

bind:CVE-2019-12760

Количество 4

Количество 4

ubuntu логотип

CVE-2019-12760

около 6 лет назад

A deserialization vulnerability exists in the way parso through 0.4.0 handles grammar parsing from the cache. Cache loading relies on pickle and, provided that an evil pickle can be written to a cache grammar file and that its parsing can be triggered, this flaw leads to Arbitrary Code Execution. NOTE: This is disputed because "the cache directory is not under control of the attacker in any common configuration.

CVSS3: 3.3
EPSS: Низкий
nvd логотип

CVE-2019-12760

около 6 лет назад

A deserialization vulnerability exists in the way parso through 0.4.0 handles grammar parsing from the cache. Cache loading relies on pickle and, provided that an evil pickle can be written to a cache grammar file and that its parsing can be triggered, this flaw leads to Arbitrary Code Execution. NOTE: This is disputed because "the cache directory is not under control of the attacker in any common configuration.

CVSS3: 3.3
EPSS: Низкий
debian логотип

CVE-2019-12760

около 6 лет назад

A deserialization vulnerability exists in the way parso through 0.4.0 ...

CVSS3: 3.3
EPSS: Низкий
github логотип

GHSA-22mf-97vh-x8rw

около 6 лет назад

Deserialization vulnerability exists in parso

CVSS3: 7.5
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
ubuntu логотип
CVE-2019-12760

A deserialization vulnerability exists in the way parso through 0.4.0 handles grammar parsing from the cache. Cache loading relies on pickle and, provided that an evil pickle can be written to a cache grammar file and that its parsing can be triggered, this flaw leads to Arbitrary Code Execution. NOTE: This is disputed because "the cache directory is not under control of the attacker in any common configuration.

CVSS3: 3.3
1%
Низкий
около 6 лет назад
nvd логотип
CVE-2019-12760

A deserialization vulnerability exists in the way parso through 0.4.0 handles grammar parsing from the cache. Cache loading relies on pickle and, provided that an evil pickle can be written to a cache grammar file and that its parsing can be triggered, this flaw leads to Arbitrary Code Execution. NOTE: This is disputed because "the cache directory is not under control of the attacker in any common configuration.

CVSS3: 3.3
1%
Низкий
около 6 лет назад
debian логотип
CVE-2019-12760

A deserialization vulnerability exists in the way parso through 0.4.0 ...

CVSS3: 3.3
1%
Низкий
около 6 лет назад
github логотип
GHSA-22mf-97vh-x8rw

Deserialization vulnerability exists in parso

CVSS3: 7.5
1%
Низкий
около 6 лет назад

Уязвимостей на страницу