CVE-2022-48565

Updated: 2024-11-23 05:35:28.210487

Description:

An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x CRITICAL 9.8

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

CentOS 6 ELS python 2.6.6 9.8 CRITICAL Released CLSA-2023:1696878189 2023-10-23 05:06:56
CentOS 7 ELS python 2.7.5 9.8 CRITICAL Released CLSA-2023:1696877835 2023-10-09 17:07:40
CentOS 7 ELS python3 3.6.8 9.8 CRITICAL Released CLSA-2023:1695834624 2023-09-27 14:08:01
CentOS 8.4 ELS python2 2.7.18 9.8 CRITICAL Released CLSA-2023:1696879417 2023-10-09 17:07:37
CentOS 8.4 ELS python3 3.6.8 9.8 CRITICAL Released CLSA-2023:1693986539 2023-09-06 05:06:45
CentOS 8.5 ELS python2 2.7.18 9.8 CRITICAL Released CLSA-2023:1696880318 2023-10-09 17:07:35
CentOS 8.5 ELS python3 3.6.8 9.8 CRITICAL Released CLSA-2023:1693986821 2023-09-06 05:06:44
CloudLinux 6 ELS python 2.6.6 9.8 CRITICAL Released CLSA-2023:1696878610 2023-10-23 05:06:57
CloudLinux 7 ELS python3 3.6.8 9.8 CRITICAL Released CLSA-2024:1727288754 2024-10-07 10:50:29
CloudLinux 7 ELS python 2.7.5 9.8 CRITICAL Released CLSA-2024:1727289167 2024-10-07 10:49:55
Total: 15