Description

read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format.

Remediation

References

CVE-2022-48564

Related Vulnerabilities

MySQL CVE-2016-5439 Vulnerability (CVE-2016-5439)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4400)

Apache Tomcat Other Vulnerability (CVE-2002-2007)

WordPress Plugin Popup Maker-Popup for opt-ins, lead gen, & more Security Bypass (1.7.29)

WordPress Multiple Cross-Site Scripting Vulnerabilities (2.0 - 2.0.1)

Severity

Medium

Classification

CVE-2022-48564 CWE-400 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities