Array index error in the scanstring function in the _json module in Python 2.7 up to and including 3.5 and simplejson prior to 2.6.1 allows context-dependent malicious users to read arbitrary process memory via a negative index value in the idx argument to the raw_decode function.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
python python |
||
simplejson project simplejson |
||
opensuse project opensuse 12.3 |
||
opensuse opensuse 13.1 |