A vulnerability was found in StringIO 3.0.1/3.0.2. It has been rated as critical. This issue affects the function
ungetbyte/ungetc
. The manipulation leads to buffer overflow.
The identification of this vulnerability is CVE-2024-27280. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.