RedosROS-20240409-02ROS-20240409-02
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.3 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
47.2%
Vulnerability of the hmac.compare_digest function of the Lib/hmac.py library of the programming language interpreter
Python is related to synchronization errors when using a shared resource (“Race Situation”).
Exploitation of the vulnerability could allow an attacker acting remotely to escalate their privileges
A vulnerability in the Python programming language interpreter is related to incorrect resource initialization.
Exploitation of the vulnerability could allow a remote intruder to disclose protected information
information
Vulnerability in the plistlib module of the Python programming language interpreter is related to incorrect restriction of XML links to external objects.
XML links to external objects. Exploitation of the vulnerability could allow an attacker acting remotely to conduct an XXE attack.
remotely to conduct XXE attacks
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.3 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
47.2%