PT-2023-24400 · Python · Cpython

Chgnrdv

·

Publicado

2023-06-07

·

Atualizado

2025-08-11

·

CVE-2023-33595

CVSS v3.1

5.5

Média

VetorAV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions CPython version 3.12.0 alpha 7
Description A heap use-after-free issue was discovered via the function ascii decode at /Objects/unicodeobject.c.
Recommendations For CPython version 3.12.0 alpha 7, consider disabling the ascii decode function as a temporary workaround until a patch is available.

Correção

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

BIT-LIBPYTHON-2023-33595
BIT-PYTHON-2023-33595
BIT-PYTHON-MIN-2023-33595
CVE-2023-33595
PSF-2023-3

Produtos afetados

Cpython