Lucene search
K

38 matches found

Rockylinux
Rockylinux
added 2022/11/16 10:10 a.m.33 views

python39:3.9 security update

An update is available for python-psycopg2, python-PyMySQL, python-lxml, python3x-six, python-toml, python-urllib3, PyYAML, python-requests, modwsgi, python3x-pip, python-chardet, python-psutil, python-ply, python-wheel, python-pysocks, python-pycparser, python39, python-cffi, python3x-setuptools...

7.8CVSS7.8AI score0.00603EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/11/16 12:0 a.m.36 views

CentOS 8 : python39:3.9 (CESA-2022:8492)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:8492 advisory. - python: local privilege escalation via the multiprocessing forkserver start method CVE-2022-42919 Note that Nessus has not tested for this issue but has inste...

7.8CVSS7.2AI score0.00603EPSS
Exploits0References2
OSV
OSV
added 2022/11/16 12:0 a.m.21 views

ALSA-2022:8493 Important: python3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.8CVSS8.1AI score0.00603EPSS
Exploits0References4
OSV
OSV
added 2022/11/11 11:4 a.m.5 views

OESA-2022-2097 python3 security update

Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...

7.8CVSS9AI score0.00603EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2022/11/09 8:0 a.m.3 views

Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library when used with the forkserver start method on Linux allows pickles to be deserialized from any user in the same machine local network namespace which in many system configurations means any user on the same machine. Pickles can execute arbitrary code. Thus this allows for local user privilege escalation to the user that any forkserver process is running as. Setting multiprocessing.util.abstract_sockets_supported to False is a workaround. The forkserver start method for multiprocessing is not the default start method. This issue is Linux specific because only Linux supports abstract namespace sockets. CPython before 3.9 does not make use of Linux abstract namespace sockets by default. Support for users manually specifying an abstract namespace socket was added as a bugfix in 3.7.8 and 3.8.3 but users would need to make specific

...

7.8CVSS7.6AI score0.00603EPSS
Exploits0
NVD
NVD
added 2022/11/07 12:15 a.m.17 views

CVE-2022-42919

Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network...

7.8CVSS0.00603EPSS
Exploits0References15
OSV
OSV
added 2022/11/07 12:15 a.m.1 views

DEBIAN-CVE-2022-42919

Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network...

7.8CVSS7.6AI score0.00603EPSS
Exploits0References1
OSV
OSV
added 2022/11/07 12:15 a.m.1 views

ALPINE-CVE-2022-42919

Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network...

7.8CVSS7.3AI score0.00603EPSS
Exploits0References1
OSV
OSV
added 2022/11/07 12:15 a.m.8 views

AZL-11394 CVE-2022-42919 affecting package python3 for versions less than 3.9.19-1

Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network...

7.8CVSS7AI score0.00603EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/11/06 12:0 a.m.31 views

CVE-2022-42919

Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network...

8.2AI score0.00603EPSS
Exploits0References14
Debian CVE
Debian CVE
added 2022/11/06 12:0 a.m.103 views

CVE-2022-42919

Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network...

7.8CVSS7.7AI score0.00603EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2022/11/06 12:0 a.m.75 views

CVE-2022-42919

Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network...

7.8CVSS8.2AI score0.00603EPSS
Exploits0
OSV
OSV
added 2022/11/06 12:0 a.m.32 views

PSF-2022-9 Linux specific local privilege escalation via the multiprocessing forkserver start method

Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network...

7.8CVSS8AI score0.00603EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/11/03 12:0 a.m.31 views

Ubuntu 22.04 LTS : Python vulnerability (USN-5713-1)

The remote Ubuntu 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5713-1 advisory. Devin Jeanpierre discovered that Python incorrectly handled sockets when the multiprocessing module was being used. A local attacker could possibly use this issue...

7.8CVSS7.9AI score0.00603EPSS
Exploits0References2
OSV
OSV
added 2022/11/02 12:0 a.m.1 views

UBUNTU-CVE-2022-42919

Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network...

7.8CVSS7AI score0.00603EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2022/10/31 4:25 a.m.41 views

CVE-2022-42919

A vulnerability found in Python. The flaw occurs when used with the forkserver start method on Linux. The Python multiprocessing library allows Python pickles to be deserialized from any user in the same machine's local network namespace in many system configurations, which means any user on the...

7.8CVSS8AI score0.00603EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/10/28 12:0 a.m.2 views

Python 安全漏洞

Python is an open source, object-oriented programming language from the Python Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. Python suffers from a security vulnerability that stems from the Python multiprocessing library, when used with th...

7.8CVSS7.4AI score0.00603EPSS
Exploits0References24
Positive Technologies
Positive Technologies
added 2020/03/10 12:0 a.m.10 views

PT-2022-5291 · Python +9 · Python +9

Name of the Vulnerable Software and Affected Versions: Python versions 3.9.x through 3.9.15 Python versions 3.10.x through 3.10.8 Description: The issue is related to the Python multiprocessing library when used with the forkserver start method on Linux, allowing pickles to be deserialized from a...

9.8CVSS7.1AI score0.73461EPSS
Exploits53References354
Rows per page
Query Builder