5 matches found
Amazon Linux 2023 : python3.14, python3.14-devel, python3.14-freethreading (ALAS2023-2026-1774)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1774 advisory. The tarfile module would still apply normalization of AREGTYPE \x00 blocks to DIRTYPE, even while processing a multi-block member such as GNUTYPELONGNAME or GNUTYPELONGLINK. This could result ...
CPython 安全漏洞
CPython is a Python interpreter implemented in C language by the Python Foundation. CPython has a security vulnerability that stems from the sockrecfrominto method in asyncio, where the nbytes parameter lacks a data buffer boundary check. This could lead to out-of-buffer writing when the amount o...
K000149683: Python asyncio vulnerability CVE-2024-12254
Security Advisory Description Starting in Python 3.12.0, the asyncio.SelectorSocketTransport.writelines method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the "high-water mark". Because of this, Protocols would not periodicall...
Important: python3.12
Issue Overview: Starting in Python 3.12.0, the asyncio.SelectorSocketTransport.writelines method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the "high-water mark". Because of this, Protocols would not periodically drain the...
The vulnerability of the `asyncio._SelectorSocketTransport.writelines()` method in the Python programming language, which allows a hacker to cause a denial-of-service attack
The vulnerability of the asyncio.SelectorSocketTransport.writelines method in the Python programming language is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a remote attacker to cause a service failure...