Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2020-14422

A vulnerability was found in the way the ipaddress python module computes hash values in the IPv4Interface and IPv6Interface classes. This flaw allows an attacker to create many dictionary entries, due to the performance of a dictionary containing the IPv4Interface or IPv6Interface objects, possibly resulting in a denial of service. The highest threat from this vulnerability is to system availability. (CVE-2020-14422)

Source

ALAS2-2023-2151

Amazon Linux 2 Security Advisory: ALAS-2023-2151
Advisory Release Date: 2023-07-17 17:40 Pacific
Advisory Updated Date: 2023-07-19 22:18 Pacific

Severity: Medium

References: CVE-2020-14422
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

A vulnerability was found in the way the ipaddress python module computes hash values in the IPv4Interface and IPv6Interface classes. This flaw allows an attacker to create many dictionary entries, due to the performance of a dictionary containing the IPv4Interface or IPv6Interface objects, possibly resulting in a denial of service. The highest threat from this vulnerability is to system availability. (CVE-2020-14422)

Affected Packages:

python-pip

Issue Correction:
Run yum update python-pip to update your system.

New Packages:

noarch:
    python2-pip-20.2.2-1.amzn2.0.4.noarch
    python3-pip-20.2.2-1.amzn2.0.4.noarch
    python-pip-wheel-20.2.2-1.amzn2.0.4.noarch

src:
    python-pip-20.2.2-1.amzn2.0.4.src

Additional References

Red Hat: CVE-2020-14422

Mitre: CVE-2020-14422

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

ALAS2-2023-2151

ALAS2-2023-2151

Additional References

Vulmon Search

About

Products

Connect