Lucene search
MitreCVE-2022-48564HistoryAug 22, 2023 - 7:16 p.m.
CVE-2022-48564
2023-08-2219:16:31
CWE-400
mitre
web.nvd.nist.gov
425
python
vulnerability
plistlib.py
cpu exhaustion
ram exhaustion
dos
cve-2022-48564
nvd
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
AI Score
6
Confidence
High
EPSS
0.001
Percentile
35.7%
read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format.
Affected configurations
Node
pythonpythonRange<3.6.13
ORpythonpythonRange3.7.0–3.7.10
ORpythonpythonRange3.8.0–3.8.7
ORpythonpythonRange3.9.0–3.9.1
Node
netappactive_iq_unified_managerMatch-vmware_vsphere
ORnetappactive_iq_unified_managerMatch-windows
| Vendor | Product | Version | CPE |
|---|---|---|---|
| python | python | * | cpe:2.3:a:python:python:*:*:*:*:*:*:*:* |
| netapp | active_iq_unified_manager | - | cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:* |
| netapp | active_iq_unified_manager | - | cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:* |
Related
osv
osv
CVE-2022-48564
2023-08-22 19:16:31
CGA-4qh5-c7fr-956h
2024-06-06 12:22:41
CGA-rf6m-7vpm-p4wp
2024-06-06 12:26:22
cvelist
cvelist
CVE-2022-48564
2023-08-22 00:00:00
redhatcve
redhatcve
CVE-2022-48564
2023-11-15 17:43:48
nvd
nvd
CVE-2022-48564
2023-08-22 19:16:31
veracode
veracode
Denial Of Service (DoS)
2023-08-30 22:31:02
ubuntucve
ubuntucve
CVE-2022-48564
2023-08-22 00:00:00
openvas
openvas
ibm
ibm
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in Python [CVE-2022-48564]
2023-11-30 19:02:30
Security Bulletin: Vulnerability in Python affects IBM Process Mining . Multiple CVEs
2023-10-09 10:43:31
Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps
2024-03-27 20:12:33
prion
prion
Format string
2023-08-22 19:16:00
debiancve
debiancve
CVE-2022-48564
2023-08-22 19:16:31
almalinux
almalinux
Moderate: python3 security update
2024-01-10 00:00:00
nessus
nessus
Ubuntu 16.04 ESM / 18.04 ESM : Python vulnerabilities (USN-6513-1)
2023-11-23 00:00:00
RHEL 8 : python3 (RHSA-2024:0114)
2024-01-10 00:00:00
Ubuntu 20.04 LTS / 22.04 LTS / 23.04 : Python vulnerability (USN-6513-2)
2023-11-27 00:00:00
f5
f5
K000140251: Python vulnerabilities CVE-2022-48564 and CVE-2022-48566
2024-07-03 00:00:00
ubuntu
ubuntu
Python vulnerabilities
2023-11-23 00:00:00
Python vulnerability
2023-11-27 00:00:00
Python vulnerabilities
2024-07-11 00:00:00
oraclelinux
oraclelinux
python3 security update
2024-01-10 00:00:00
redhat
redhat
(RHSA-2024:0114) Moderate: python3 security update
2024-01-10 09:25:45
(RHSA-2024:0586) Moderate: python3 security update
2024-01-30 12:53:25
(RHSA-2024:0430) Moderate: python3 security update
2024-01-24 14:40:33
cloudfoundry
cloudfoundry
USN-6513-2: Python vulnerability | Cloud Foundry
2024-03-18 00:00:00
amazon
amazon
Important: python3
2023-10-25 21:40:00
debian
debian
[SECURITY] [DLA 3614-1] python3.7 security update
2023-10-11 19:33:59
photon
photon
Critical Photon OS Security Update - PHSA-2023-3.0-0646
2023-09-09 00:00:00
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
AI Score
6
Confidence
High
EPSS
0.001
Percentile
35.7%
Related for CVE-2022-48564