Lucene search
K

28 matches found

AlpineLinux
AlpineLinux
added 2024/12/06 3:19 p.m.23 views

CVE-2024-12254

Starting in Python 3.12.0, the asyncio.SelectorSocketTransport.writelines method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the "high-water mark". Because of this, Protocols would not periodically drain the write buffer...

8.7CVSS7.3AI score0.0188EPSS
Exploits0
OSV
OSV
added 2024/12/06 3:19 p.m.15 views

PSF-2024-14

Starting in Python 3.12.0, the asyncio.SelectorSocketTransport.writelines method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the "high-water mark". Because of this, Protocols would not periodically drain the write buffer...

8.7CVSS7.2AI score0.0188EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/12/06 3:19 p.m.12 views

CVE-2024-12254 Unbounded memory buffering in SelectorSocketTransport.writelines()

Starting in Python 3.12.0, the asyncio.SelectorSocketTransport.writelines method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the "high-water mark". Because of this, Protocols would not periodically drain the write buffer...

8.7CVSS7AI score0.0188EPSS
Exploits0References6
CVE
CVE
added 2024/12/06 3:19 p.m.704 views

CVE-2024-12254

Summary (CVE-2024-12254): In Python 3.12.0+ the asyncio._SelectorSocketTransport.writelines() path may fail to pause and drain the write buffer at the high-water mark, causing unbounded memory buffering and potential exhaustion. Affected: Python 3.12.x with asyncio protocols using writelines(); r...

8.7CVSS6.6AI score0.0188EPSS
Exploits0References8
Snyk
Snyk
added 2024/12/06 3:19 p.m.3 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to the SelectorSocketTransport.writelines method not draining its buffers, when Protocols are in use. An attacker can cause this behavior which eventually exhausts available memor...

8.7CVSS7.1AI score0.0188EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/12/06 12:0 a.m.1 views

Python 安全漏洞

Python is an open source, object-oriented programming language from the Python Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. A security vulnerability exists in Python 3.12.0 and later, which stems from the fact that the...

8.7CVSS7.9AI score0.0188EPSS
Exploits0References8
Metasploit
Metasploit
added 2017/08/19 10:12 a.m.40 views

R Command Shell, Reverse TCP

Connect back and create a command shell via R This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 150 include Msf::Payload::Single include Msf::Payload::R include...

7.5AI score
Exploits0
Metasploit
Metasploit
added 2017/08/19 10:12 a.m.38 views

R Command Shell, Bind TCP

Continually listen for a connection and spawn a command shell via R This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 125 include Msf::Payload::Single include Msf::Payload::R include...

7.2AI score
Exploits0
Rows per page
Query Builder