RHSA-2024:0430MediumCVSS 7.5
Red Hat Security Advisory: python3 security update
🔗 CVE IDs covered (6)
📋 Description
CVE-2007-4559 — python: tarfile module directory traversal CVE-2020-10735 — python: int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS CVE-2022-45061 — python: CPU denial of service via inefficient IDNA decoder CVE-2022-48560 — python: use after free in heappushpop() of heapq module CVE-2022-48564 — python: DoS when processing malformed Apple Property List files in binary format CVE-2023-27043 — python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple
🔗 References (9)
- selfhttps://access.redhat.com/errata/RHSA-2024:0430
- externalhttps://access.redhat.com/security/updates/classification/#moderate
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=263261
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1834423
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2144072
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2196183
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2249750
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2249755
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0430.json