2 matches found
GO-2020-0015 Infinite loop when decoding some inputs in golang.org/x/text
An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an infinite loop if the String function on the Decoder is called, or the Decoder is passed to transform.String. If used to parse user supplied input, this may be used as a denial of service...
Ubuntu 11.04 / 11.10 / 12.04 LTS / 12.10 : python3.2 vulnerabilities (USN-1615-1)
It was discovered that Python distutils contained a race condition when creating the /.pypirc file. A local attacker could exploit this to obtain sensitive information. CVE-2011-4944 It was discovered that SimpleXMLRPCServer did not properly validate its input when handling HTTP POST requests. A...