CVE-2022-48565

Updated: 2023-11-07 20:29:22.551584

Description:

An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x CRITICAL 9.8

Status

OS name Project name Version Score Severity Status Errata Last updated
CentOS 6 ELS python 2.6.6 9.8 CRITICAL Released CLSA-2023:1696878189 2023-10-23 05:06:56
CentOS 7 ELS python 2.7.5 9.8 CRITICAL Released CLSA-2023:1696877835 2023-10-09 17:07:40
CentOS 7 ELS python3 3.6.8 9.8 CRITICAL Released CLSA-2023:1695834624 2023-09-27 14:08:01
CentOS 8.4 ELS python3 3.6.8 9.8 CRITICAL Released CLSA-2023:1693986539 2023-09-06 05:06:45
CentOS 8.4 ELS python2 2.7.18 9.8 CRITICAL Released CLSA-2023:1696879417 2023-10-09 17:07:37
CentOS 8.5 ELS python2 2.7.18 9.8 CRITICAL Released CLSA-2023:1696880318 2023-10-09 17:07:35
CentOS 8.5 ELS python3 3.6.8 9.8 CRITICAL Released CLSA-2023:1693986821 2023-09-06 05:06:44
CloudLinux 6 ELS python 2.6.6 9.8 CRITICAL Released CLSA-2023:1696878610 2023-10-23 05:06:57
Oracle Linux 6 ELS python 2.6.6 9.8 CRITICAL Released CLSA-2023:1696878020 2023-10-09 17:07:38
Ubuntu 16.04 ELS python2.7 2.7.12 9.8 CRITICAL Released CLSA-2023:1694538236 2023-09-12 14:06:28
Total: 13