Updated: 2025-08-20 00:11:33.644366
Description:
read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0.0 | |
| CVSS Version 3.x | MEDIUM | 6.5 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| CentOS 6 ELS | python | 2.6.6 | 6.5 | MEDIUM | Ignored | 2023-10-09 05:07:34 | Ignored due to low severity | |
| CentOS 7 ELS | python | 2.7.5 | 6.5 | MEDIUM | Ignored | 2023-10-09 05:07:34 | Ignored due to low severity | |
| CentOS 7 ELS | python3 | 3.6.8 | 6.5 | MEDIUM | Released | CLSA-2024:1710437461 | 2024-03-25 09:57:29 | Ignored due to low severity |
| CentOS 8.4 ELS | python3 | 3.6.8 | 6.5 | MEDIUM | Released | CLSA-2024:1717693112 | 2024-06-06 14:32:51 | |
| CentOS 8.4 ELS | python2 | 2.7.18 | 6.5 | MEDIUM | Not Vulnerable | 2024-05-21 10:22:25 | ||
| CentOS 8.5 ELS | python2 | 2.7.18 | 6.5 | MEDIUM | Not Vulnerable | 2024-05-22 17:29:36 | ||
| CentOS 8.5 ELS | python3 | 3.6.8 | 6.5 | MEDIUM | Released | CLSA-2024:1717692229 | 2024-06-06 14:32:50 | |
| CloudLinux 6 ELS | python | 2.6.6 | 6.5 | MEDIUM | Ignored | 2023-10-09 05:07:34 | Ignored due to low severity | |
| CloudLinux 7 ELS | python3 | 3.6.8 | 6.5 | MEDIUM | Released | CLSA-2024:1727288754 | 2024-10-07 10:50:29 | |
| Oracle Linux 6 ELS | python | 2.6.6 | 6.5 | MEDIUM | Ignored | 2023-10-09 05:07:34 | Ignored due to low severity |