/
PSF-2010-5.json
41 lines (41 loc) · 1.17 KB
/
PSF-2010-5.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
{
"modified": "2010-06-17T09:00:00Z",
"published": "2010-05-27T19:00:00Z",
"schema_version": "1.5.0",
"id": "PSF-2010-5",
"aliases": [
"CVE-2010-2089"
],
"summary": "audioop input validation",
"details": "The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634.",
"affected": [
{
"ranges": [
{
"type": "GIT",
"events": [
{
"introduced": "0"
},
{
"fixed": "8e42fb7ada3198e66d3f060c5c87c52465a86e36"
},
{
"fixed": "e9123efa21a16584758b5ce7da93d3966cf0cd81"
}
],
"repo": "https://github.com/python/cpython"
}
]
}
],
"database_specific": {
"cwe_ids": []
},
"references": [
{
"type": "REPORT",
"url": "https://bugs.python.org/issue7673"
}
]
}