CVE-2022-48565

Updated: 2023-11-07 20:29:22.551584

Description:

An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x CRITICAL 9.8

Status

OS name Project name Version Score Severity Status Errata Last updated
AlmaLinux 9 Python python2 2.7.18 9.8 CRITICAL Released CLSA-2023:1696877457 2023-10-09 17:05:06