Lucene search
+L

12 matches found

OSV
OSV
added 2026/07/06 3:28 p.m.5 views

BIT-PYTHON-MIN-2026-6100 Use-after-free in lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile after re-use under memory pressure

Use-after-free UAF was possible in the lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile when a memory allocation fails with a MemoryError and the decompression instance is re-used. This scenario can be triggered if the process is under memory pressure. The fix cleans up the dangling...

9.1CVSS5.7AI score0.00579EPSS
Exploits0References54
RedHat Linux
RedHat Linux
added 2026/05/20 11:27 a.m.11 views

python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

A flaw was found in Python's decompression modules, including lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile. This vulnerability, a use-after-free, can occur if a program attempts to re-use a decompression object after a memory allocation error, especially when the system is...

9.1CVSS7.7AI score0.00579EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2026/05/19 6:24 p.m.10 views

python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

A flaw was found in Python's decompression modules, including lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile. This vulnerability, a use-after-free, can occur if a program attempts to re-use a decompression object after a memory allocation error, especially when the system is...

9.1CVSS7.7AI score0.00579EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2026/05/19 1:35 p.m.9 views

python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

A flaw was found in Python's decompression modules, including lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile. This vulnerability, a use-after-free, can occur if a program attempts to re-use a decompression object after a memory allocation error, especially when the system is...

9.1CVSS7.7AI score0.00579EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.28 views

Amazon Linux 2 : python, --advisory ALAS2-2026-3280 (ALAS-2026-3280)

The version of python installed on the remote host is prior to 2.7.18-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3280 advisory. Mitgation of CVE-2026-4519 was incomplete. If the URL contained %action the mitigation could be bypassed for certain brows...

9.1CVSS7.3AI score0.00579EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/27 9:31 p.m.10 views

python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

A flaw was found in Python's decompression modules, including lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile. This vulnerability, a use-after-free, can occur if a program attempts to re-use a decompression object after a memory allocation error, especially when the system is...

9.1CVSS6AI score0.00579EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2026/04/27 3:0 p.m.10 views

python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

A flaw was found in Python's decompression modules, including lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile. This vulnerability, a use-after-free, can occur if a program attempts to re-use a decompression object after a memory allocation error, especially when the system is...

9.1CVSS6AI score0.00579EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2026/04/27 9:47 a.m.12 views

python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

A flaw was found in Python's decompression modules, including lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile. This vulnerability, a use-after-free, can occur if a program attempts to re-use a decompression object after a memory allocation error, especially when the system is...

9.1CVSS6AI score0.00579EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2026/04/27 2:7 a.m.19 views

python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

A flaw was found in Python's decompression modules, including lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile. This vulnerability, a use-after-free, can occur if a program attempts to re-use a decompression object after a memory allocation error, especially when the system is...

9.1CVSS6AI score0.00579EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.4 views

FreeBSD : Python -- use-after-free vulnerability in decompressors under memory pressure (b8e9f33c-375d-11f1-a119-e36228bfe7d4)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the b8e9f33c-375d-11f1-a119-e36228bfe7d4 advisory. Seth Larson reports: There is a CRITICAL severity vulnerability affecting CPython. Use-after-free UAF w...

9.1CVSS5.7AI score0.00579EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/13 5:15 p.m.12 views

CVE-2026-6100

Use-after-free UAF was possible in the lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile when a memory allocation fails with a MemoryError and the decompression instance is re-used. This scenario can be triggered if the process is under memory pressure. The fix cleans up the dangling...

9.1CVSS5.8AI score0.00579EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/04/13 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-6100

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free UAF was possible in the lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile when a memory allocation fails with a MemoryError and the...

9.1CVSS7AI score0.00579EPSS
Exploits0References4
Rows per page
Query Builder