CVE-2024-0450 | CPython up to 3.8.18/3.9.18/3.10.13/3.11.8/3.12.2 on zipfile ZIP Bomb amplification

Inserito da Angelo Barbosa | Mar 19, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in CPython up to 3.8.18/3.9.18/3.10.13/3.11.8/3.12.2 on zipfile. This issue affects some unknown processing. The manipulation leads to asymmetric resource consumption.

The identification of this vulnerability is CVE-2024-0450. An attack has to be approached locally. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-0450 | CPython up to 3.8.18/3.9.18/3.10.13/3.11.8/3.12.2 on zipfile ZIP Bomb amplification

Post correlati

CVE-2023-7148 | ShifuML shifu 0.12.0 Java Expression Language DataPurifier.java FilterExpression code injection

CVE-2024-22239 | VMware Aria Operations for Networks prior 6.12 Console Local Privilege Escalation (VMSA-2024-0002)

CVE-2024-20363 | Cisco Open Source Snort HTTP Intrusion Prevention System Rule authentication spoofing (cisco-sa-snort3-ips-bypass-uE69KBMd)

CVE-2024-3085 | PHPGurukul Emergency Ambulance Hiring Portal 1.0 Admin Login Page /admin/login.php username sql injection