Python CVE-2018-14647 Remote Denial of Service Vulnerability
BID:105396
CVE-2018-14647 |Info
Python CVE-2018-14647 Remote Denial of Service Vulnerability
| Bugtraq ID: | 105396 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2018-14647 |
| Remote: | Yes |
| Local: | No |
| Published: | Sep 22 2018 12:00AM |
| Updated: | Sep 22 2018 12:00AM |
| Credit: | The Python Security Response Team. |
| Vulnerable: |
Python Software Foundation Python 3.8 Python Software Foundation Python 3.6.5 Python Software Foundation Python 3.6.4 Python Software Foundation Python 3.6.3 Python Software Foundation Python 3.6 Python Software Foundation Python 3.5.6 Python Software Foundation Python 3.5.5 Python Software Foundation Python 3.5.2 Python Software Foundation Python 3.5 Python Software Foundation Python 3.4.9 Python Software Foundation Python 3.4.8 Python Software Foundation Python 3.4.5 Python Software Foundation Python 3.4.3 Python Software Foundation Python 3.4.2 Python Software Foundation Python 3.4.1 Python Software Foundation Python 3.4 Python Software Foundation Python 2.7.15 Python Software Foundation Python 2.7.14 Python Software Foundation Python 2.7.12 Python Software Foundation Python 2.7.10 Python Software Foundation Python 2.7.9 Python Software Foundation Python 2.7.8 Python Software Foundation Python 2.7.7 Python Software Foundation Python 2.7.6 Python Software Foundation Python 2.7.3 Python Software Foundation Python 2.7.2 Python Software Foundation Python 2.7 Python Software Foundation Python 3.7.0 Python Software Foundation Python 3.6 Python Software Foundation Python 3.5 Python Software Foundation Python 3.4 Python Software Foundation Python 2.7.5 Python Software Foundation Python 2.7.4 Python Software Foundation Python 2.7.1150 Python Software Foundation Python 2.7.1 |
| Not Vulnerable: | |
Discussion
Python CVE-2018-14647 Remote Denial of Service Vulnerability
Python is prone to a remote denial-of-service vulnerability.
Exploiting this issue allows remote attackers to cause a denial-of-service condition due to excessive CPU and memory consumption.
Python is prone to a remote denial-of-service vulnerability.
Exploiting this issue allows remote attackers to cause a denial-of-service condition due to excessive CPU and memory consumption.
References
Python CVE-2018-14647 Remote Denial of Service Vulnerability
References:
References:
- _elementtree.c doesn't call XML_SetHashSalt() (Python)
- Bug 1631822 - (CVE-2018-14647) CVE-2018-14647 python: Missing salt initializatio (Red Hat Bugzilla)
- python home page (python)
- CVE-2018-14647 (Red Hat Bugzilla)