IBM Advanced Management Module (AMM) has addressed the following vulnerabilities in python.
CVEID: CVE-2018-1061 DESCRIPTION: Python is vulnerable to a denial of service, caused by catastrophic backtracking in the difflib.IS_LINE_JUNK method. A remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 6.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/145115> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
CVEID: CVE-2018-1060 DESCRIPTION: Python is vulnerable to a denial of service, caused by catastrophic backtracking in the pop3lib’'s apop() method. A remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 6.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/145116> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
CVEID: CVE-2016-5636 DESCRIPTION: zipimport module for Python is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the get_data() function in zipimport.c. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVSS Base Score: 7.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/114309> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Product
|
Affected Version
—|—
IBM BladeCenter Advanced Management Module (AMM)
| BPET
IBM BladeCenter T Advanced Management Module (AMM)
| BBET
Firmware fix versions are available on Fix Central: <http://www.ibm.com/support/fixcentral/>
Product
|
Affected Version
—|—
IBM BladeCenter Advanced Management Module (AMM)
(ibm_fw_amm_bpet68l-3.68l_anyos_noarch)
| bpet68l-3.68l
IBM BladeCenter T Advanced Management Module (AMM)
(ibm_fw_amm_bbet68l-3.68l_anyos_noarch)
| bbet68l-3.68l
None
CPE | Name | Operator | Version |
---|---|---|---|
system x blades | eq | any |