Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:24486
HistoryApr 10, 2020 - 12:55 a.m.

Denial Of Service (DoS)

2020-04-1000:55:28
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
18
python
buffer over-read
expat parser
vulnerability
xml
file
denial of service
software

EPSS

0.029

Percentile

91.0%

python is vulnerable to denial of service (DoS). The vulnerability exists as a buffer over-read flaw was found in the way the Python Expat parser handled malformed UTF-8 sequences when processing XML files. A specially-crafted XML file could cause Python applications using the Python Expat parser to crash while parsing the file.

References