4 matches found
aihub-things (=0.5.0) potentially affected by CVE-2018-12680 via coapthon (=4.0.2)
coapthon PYPI version =4.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on coapthon and may be impacted: - aihub-things =0.5.0 Source cves: CVE-2018-12680 Source advisory: OSV:GHSA-5XC6-FPC7-4QVG...
aihub-things (=0.5.0) potentially affected by CVE-2018-12680 via coapthon (=4.0.2)
coapthon PYPI version =4.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on coapthon and may be impacted: - aihub-things =0.5.0 Source cves: CVE-2018-12680 Source advisory: OSV:PYSEC-2019-165...
CVE-2018-12680
The Serialize.deserialize method in CoAPthon 3.1, 4.0.0, 4.0.1, and 4.0.2 mishandles certain exceptions, leading to a denial of service in applications that use this library e.g., the standard CoAP server, CoAP client, CoAP reverse proxy, example collect CoAP server and client when they receive...
CVE-2018-12680
The CVE-2018-12680 entry concerns CoAPthon’s Serialize.deserialize() in versions 3.1, 4.0.0, 4.0.1 and 4.0.2, where certain exceptions are mishandled, causing a denial of service in applications using the library (e.g., standard CoAP server/client, reverse proxy, and example collect CoAP server/c...