Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2022-48564HistoryAug 22, 2023 - 7:16 p.m.
CVE-2022-48564
2023-08-2219:16:31
Debian Security Bug Tracker
security-tracker.debian.org
15
python
read_ints
vulnerability
dos attack
apple property list
binary format
cpu exhaustion
ram exhaustion
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
24.1%
read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | pypy3 | < 7.3.5+dfsg-2 | pypy3_7.3.5+dfsg-2_all.deb |
| Debian | 11 | all | pypy3 | < 7.3.5+dfsg-2 | pypy3_7.3.5+dfsg-2_all.deb |
| Debian | 999 | all | pypy3 | < 7.3.5+dfsg-2 | pypy3_7.3.5+dfsg-2_all.deb |
| Debian | 13 | all | pypy3 | < 7.3.5+dfsg-2 | pypy3_7.3.5+dfsg-2_all.deb |
| Debian | 11 | all | python2.7 | < 2.7.18-8+deb11u1 | python2.7_2.7.18-8+deb11u1_all.deb |
| Debian | 11 | all | python3.9 | < 3.9.1~rc1-1 | python3.9_3.9.1~rc1-1_all.deb |
Related
osv
osv
CVE-2022-48564
2023-08-22 19:16:31
DoS when reading malformed Apple Property List files in binary format
2023-08-22 00:00:00
BIT-python-2022-48564
2024-03-06 11:04:33
cvelist
cvelist
CVE-2022-48564
2023-08-22 00:00:00
veracode
veracode
Denial Of Service (DoS)
2023-08-30 22:31:02
redhatcve
redhatcve
CVE-2022-48564
2023-11-15 17:43:48
nvd
nvd
CVE-2022-48564
2023-08-22 19:16:31
openvas
openvas
ubuntucve
ubuntucve
CVE-2022-48564
2023-08-22 00:00:00
ibm
ibm
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in Python [CVE-2022-48564]
2023-11-30 19:02:30
Security Bulletin: Vulnerability in Python affects IBM Process Mining . Multiple CVEs
2023-10-09 10:43:31
Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps
2024-03-27 20:12:33
prion
prion
Format string
2023-08-22 19:16:00
cve
cve
CVE-2022-48564
2023-08-22 19:16:31
f5
f5
K000140251: Python vulnerabilities CVE-2022-48564 and CVE-2022-48566
2024-07-03 00:00:00
nessus
nessus
Ubuntu 16.04 ESM / 18.04 ESM : Python vulnerabilities (USN-6513-1)
2023-11-23 00:00:00
RHEL 8 : python3 (RHSA-2024:0114)
2024-01-10 00:00:00
Oracle Linux 8 : python3 (ELSA-2024-0114)
2024-01-10 00:00:00
almalinux
almalinux
Moderate: python3 security update
2024-01-10 00:00:00
ubuntu
ubuntu
Python vulnerabilities
2023-11-23 00:00:00
Python vulnerability
2023-11-27 00:00:00
cloudfoundry
cloudfoundry
USN-6513-2: Python vulnerability | Cloud Foundry
2024-03-18 00:00:00
oraclelinux
oraclelinux
python3 security update
2024-01-10 00:00:00
redhat
redhat
(RHSA-2024:0114) Moderate: python3 security update
2024-01-10 09:25:45
(RHSA-2024:0586) Moderate: python3 security update
2024-01-30 12:53:25
(RHSA-2024:0430) Moderate: python3 security update
2024-01-24 14:40:33
debian
debian
[SECURITY] [DLA 3614-1] python3.7 security update
2023-10-11 19:33:59
photon
photon
Critical Photon OS Security Update - PHSA-2023-3.0-0646
2023-09-09 00:00:00
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
24.1%
Related for DEBIANCVE:CVE-2022-48564