vulnerability
Oracle Solaris 11: CVE-2019-20907: Vulnerability in Python
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | 2020-07-13 | 2021-01-19 | 2022-02-17 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
2020-07-13
Added
2021-01-19
Modified
2022-02-17
Description
In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.
Solution(s)
oracle-solaris-11-4-upgrade-legacy-library-python-tkinter-35-3-5-9-11-4-25-0-1-75-2oracle-solaris-11-4-upgrade-legacy-runtime-python-35-3-5-9-11-4-25-0-1-75-2oracle-solaris-11-4-upgrade-library-python-2-tkinter-27-2-7-3-11-4-0-0-1-9-0oracle-solaris-11-4-upgrade-library-python-tkinter-27-2-7-18-11-4-25-0-1-75-2oracle-solaris-11-4-upgrade-library-python-tkinter-37-3-7-5-11-4-25-0-1-75-2oracle-solaris-11-4-upgrade-runtime-python-27-2-7-18-11-4-25-0-1-75-2oracle-solaris-11-4-upgrade-runtime-python-27-tests-2-7-18-11-4-25-0-1-75-2oracle-solaris-11-4-upgrade-runtime-python-37-3-7-5-11-4-25-0-1-75-2
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.