Lucene search
UbuntuUSN-5767-2HistoryDec 08, 2022 - 12:00 a.m.
Python vulnerability
2022-12-0800:00:00
ubuntu.com
23
ubuntu 14.04 esm
ubuntu 16.04 esm
python2.7
python3.5
idna inputs
cve-2022-45061
security issue
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.8 High
AI Score
Confidence
High
0.008 Low
EPSS
Percentile
81.5%
Releases
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Packages
- python2.7 - An interactive high-level object-oriented language
- python3.5 - An interactive high-level object-oriented language
Details
USN-5767-1 fixed a vulnerability in Python. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that Python incorrectly handled certain IDNA inputs.
An attacker could possibly use this issue to expose sensitive information
denial of service, or cause a crash.
(CVE-2022-45061)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 16.04 | noarch | libpython2.7 | < 2.7.12-1ubuntu0~16.04.18+esm3 | UNKNOWN |
| Ubuntu | 16.04 | noarch | idle-python2.7 | < 2.7.12-1ubuntu0~16.04.18 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libpython2.7 | < 2.7.12-1ubuntu0~16.04.18 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libpython2.7-dbg | < 2.7.12-1ubuntu0~16.04.18 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libpython2.7-dbgsym | < 2.7.12-1ubuntu0~16.04.18 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libpython2.7-dev | < 2.7.12-1ubuntu0~16.04.18 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libpython2.7-dev-dbgsym | < 2.7.12-1ubuntu0~16.04.18 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libpython2.7-minimal | < 2.7.12-1ubuntu0~16.04.18 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libpython2.7-minimal-dbgsym | < 2.7.12-1ubuntu0~16.04.18 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libpython2.7-stdlib | < 2.7.12-1ubuntu0~16.04.18 | UNKNOWN |
References
Related
ubuntucve
ubuntucve
CVE-2022-45061
2022-11-09 00:00:00
nessus
nessus
Ubuntu 16.04 ESM : Python vulnerability (USN-5767-2)
2022-12-08 00:00:00
Fedora 36 : python3.12 (2022-de755fd092)
2022-12-21 00:00:00
Fedora 35 : python3.7 (2022-fdb2739feb)
2022-12-22 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: python3.7-3.7.16-1.fc35
2022-12-09 00:49:31
[SECURITY] Fedora 36 Update: python3.7-3.7.16-1.fc36
2022-12-16 01:43:25
[SECURITY] Fedora 37 Update: python3.10-3.10.9-1.fc37
2022-12-17 01:48:41
osv
osv
CVE-2022-45061
2022-11-09 07:15:09
BIT-python-2022-45061
2024-03-06 11:04:55
python2.7, python3.5 vulnerability
2022-12-08 17:10:11
veracode
veracode
Denial Of Service (DoS)
2022-12-12 08:25:10
amazon
amazon
Important: python3
2023-01-18 00:17:00
Important: python
2023-03-02 22:35:00
Important: python27
2023-03-30 22:50:00
oraclelinux
oraclelinux
python3.9 security update
2023-02-28 00:00:00
python27:2.7 security update
2023-05-24 00:00:00
python3 security update
2023-02-22 00:00:00
almalinux
almalinux
Moderate: python3.9 security update
2023-02-28 00:00:00
Moderate: python27:2.7 security update
2023-05-16 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in Python below 3.9.16 affecting IBM Spectrum Protect Plus and its application agents for IBM Db2 and MongoDb2 using python.
2023-05-31 08:28:01
openvas
openvas
Huawei EulerOS: Security Advisory for python (EulerOS-SA-2023-1513)
2023-03-09 00:00:00
Fedora: Security Advisory for python3.10 (FEDORA-2022-e699dd5247)
2022-12-24 00:00:00
Fedora: Security Advisory for python3.10 (FEDORA-2022-b2f06fbb62)
2022-12-17 00:00:00
redhat
redhat
(RHSA-2023:2860) Moderate: python27:2.7 security update
2023-05-16 05:56:37
(RHSA-2023:0953) Moderate: python3.9 security update
2023-02-28 07:53:00
debiancve
debiancve
CVE-2022-45061
2022-11-09 07:15:09
redhatcve
redhatcve
CVE-2022-45061
2022-11-18 21:55:58
cbl_mariner
cbl_mariner
CVE-2022-45061 affecting package python3 3.7.13-6
2023-06-13 20:02:41
CVE-2022-45061 affecting package python2 2.7.18-13
2023-06-13 20:02:41
CVE-2022-45061 affecting package python3 for versions less than 3.9.14-5
2022-12-19 20:12:40
aix
aix
AIX is affected by a denial of service due to Python
2023-03-14 13:01:15
rocky
rocky
python3.9 security update
2023-04-06 15:53:31
python3 security update
2023-02-22 01:08:44
f5
f5
K000134706 : Python IDNA vulnerability CVE-2022-45061
2023-05-20 00:00:00
nvd
nvd
CVE-2022-45061
2022-11-09 07:15:09
cvelist
cvelist
CVE-2022-45061
2022-11-09 00:00:00
alpinelinux
alpinelinux
CVE-2022-45061
2022-11-09 07:15:09
cve
cve
CVE-2022-45061
2022-11-09 07:15:09
prion
prion
Code injection
2022-11-09 07:15:00
cloudlinux
cloudlinux
python: Fix of CVE-2022-45061
2022-11-23 20:50:30
cloudfoundry
cloudfoundry
USN-5767-1: Python vulnerabilities | Cloud Foundry
2023-01-26 00:00:00
redos
redos
ROS-20240409-01
2024-04-09 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2022-3.0-0489
2022-11-17 00:00:00
Important Photon OS Security Update - PHSA-2022-0283
2022-11-16 00:00:00
ubuntu
ubuntu
Python vulnerabilities
2022-12-08 00:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.8 High
AI Score
Confidence
High
0.008 Low
EPSS
Percentile
81.5%
Related for USN-5767-2