Lucene search
K

6 matches found

CBLMariner
CBLMariner
added 2024/08/25 3:13 p.m.70 views

CVE-2023-6507 affecting package python3 for versions less than 3.12.3-1

CVE-2023-6507 affecting package python3 for versions less than 3.12.3-1. An upgraded version of the package is available that resolves this issue...

6.1CVSS6.9AI score0.01326EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/07/12 12:0 a.m.53 views

Ubuntu: Security Advisory (USN-6891-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.1AI score0.23293EPSS
Exploits27References2
SUSE CVE
SUSE CVE
added 2023/12/12 1:6 a.m.5 views

SUSE CVE-2023-6507

An issue was found in CPython 3.12.0 subprocess module on POSIX platforms. The issue was fixed in CPython 3.12.1 and does not affect other stable releases. When using the extragroups= parameter with an empty list as a value ie extragroups= the logic regressed to not call setgroups0, NULL before...

4.9CVSS8.7AI score0.01326EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2023/12/08 7:15 p.m.50 views

CVE-2023-6507

An issue was found in CPython 3.12.0 subprocess module on POSIX platforms. The issue was fixed in CPython 3.12.1 and does not affect other stable releases. When using the extragroups= parameter with an empty list as a value ie extragroups= the logic regressed to not call setgroups0, NULL before...

6.1CVSS6.7AI score0.01326EPSS
Exploits0References3
CVE
CVE
added 2023/12/08 6:20 p.m.103 views

CVE-2023-6507

Affects CPython 3.12.0 on POSIX via the subprocess module. When using extra_groups=[], the code regressed to not calling setgroups(0, NULL) before exec(), so original process groups aren’t dropped before starting the new process. The issue only impacts privileged CPython processes (typically root...

6.1CVSS5.7AI score0.01326EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2023/12/08 6:20 p.m.40 views

CVE-2023-6507 Groups not dropped before running subprocess when using empty 'extra_groups' parameter

An issue was found in CPython 3.12.0 subprocess module on POSIX platforms. The issue was fixed in CPython 3.12.1 and does not affect other stable releases. When using the extragroups= parameter with an empty list as a value ie extragroups= the logic regressed to not call setgroups0, NULL before...

6.1CVSS6.7AI score0.01326EPSS
Exploits0References5
Rows per page
Query Builder