Python Key Management Interoperability Protocol · Pykmip · CVE-2018-1000872
Name of the Vulnerable Software and Affected Versions:
PyKMIP version prior to 0.8.0
Description:
The issue is related to resource management errors, where the PyKMIP server can be made unavailable due to one or more clients opening all available sockets and never closing them. This can result in a denial-of-service (DOS) condition.
Recommendations:
For versions prior to 0.8.0, update to version 0.8.0 to resolve the issue. As a temporary workaround, consider restricting access to the PyKMIP server to minimize the risk of exploitation.