Description

A use-after-free exists in Python through 3.9 via heappushpop in heapq.

Remediation

References

CVE-2022-48560

Related Vulnerabilities

Envoy Proxy Improper Certificate Validation Vulnerability (CVE-2022-21654)

WordPress Plugin Spotlight Social Feeds [Block, Shortcode, and Widget] Cross-Site Scripting (1.4.2)

Apache Tomcat CVE-2022-29885 Vulnerability (CVE-2022-29885)

Microsoft SQL Server CVE-2023-32026 Vulnerability (CVE-2023-32026)

WordPress Plugin Seo Spy Arbitrary File Upload (2.6)

Severity

High

Classification

CVE-2022-48560 CWE-416 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities