Published: 19/01/2021 Updated: 07/11/2023

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Python 3.x up to and including 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.

Vulnerable Product	Search on Vulmon	Subscribe to Product
python python
fedoraproject fedora 32
fedoraproject fedora 33
netapp ontap select deploy administration utility -
netapp active iq unified manager -
debian debian linux 9.0
oracle enterprise manager ops center 12.4.0.0
oracle communications offline mediation controller 12.0.0.3.0
oracle zfs storage appliance kit 8.8
oracle communications pricing design center 12.0.0.3.0
oracle communications cloud native core network function cloud native environment 22.2.0

Python could be made to execute arbitrary code or denial of service if it received a specially crafted input ...

概述 Moderate: python security update 类型/严重性 Security Advisory: Moderate 标题 An update for python is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating ...

Synopsis Moderate: Red Hat Advanced Cluster Management 2312 security updates and bug fixes Type/Severity Security Advisory: Moderate Topic Red Hat Advanced Cluster Management for Kubernetes 2312 GeneralAvailability release images, which provide security updates and bug fixesRed Hat Product Security has rated this update as having a secur ...

Synopsis Moderate: OpenShift Container Platform 311784 security update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Container Platform release 311784 is now available withupdates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Container Pl ...

A flaw was found in python A stack-based buffer overflow was discovered in the ctypes module provided within Python Applications that use ctypes without carefully validating the input passed to it may be vulnerable to this flaw, which would allow an attacker to overflow a buffer on the stack and crash the application The highest threat from this ...

Python 3x through 391 has a buffer overflow in PyCArg_repr in _ctypes/callprocc, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_doublefrom_param This occurs because sprintf is used unsafely ...

Critical Infrastructure Sectors: Critical Manufacturing

关于我公众号: leveryd 我关注: 安全产品、云/云原生、应用安全以下是公众号上的原创文章 WAF 开源WAF规则运营入门安全规则中的正则表达式基于openresty-lua的反爬插件反爬检测小结(1) WAF攻防(5) WAF攻防实践(4) 你的扫描器可以绕过防火墙么（三）你的扫描器可以绕过防火墙么？（二）

Repository for the edkrepo utility

EdkRepo - The Multi-Repository Tool for EDK II Introduction EdkRepo is the multi-repository tool for EDK II firmware development EdkRepo is built on top of git It is intended to automate common developer workflows for projects that use more than one git repository For example many of the new projects in the edk2-platforms repository require the user to clone several git repo

python_dos_demo A simple demo of the CVE-2021-3177 using python 391 nvdnistgov/vuln/detail/CVE-2021-3177 Docker image r0ach20/python_dos

CVE-2021-3177

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

ICS Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect