Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2021-3177
Description:Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.
Test IDs: 1.3.6.1.4.1.25623.1.0.878873   1.3.6.1.4.1.25623.1.0.878845   1.3.6.1.4.1.25623.1.0.844856   1.3.6.1.4.1.25623.1.1.2.2021.1722   1.3.6.1.4.1.25623.1.1.2.2021.1886   1.3.6.1.4.1.25623.1.0.878869   1.3.6.1.4.1.25623.1.1.4.2021.0355.1   1.3.6.1.4.1.25623.1.1.4.2021.0428.1   1.3.6.1.4.1.25623.1.0.878956   1.3.6.1.4.1.25623.1.0.878933   1.3.6.1.4.1.25623.1.1.2.2021.1936   1.3.6.1.4.1.25623.1.0.878967   1.3.6.1.4.1.25623.1.0.853671   1.3.6.1.4.1.25623.1.1.2.2021.1747   1.3.6.1.4.1.25623.1.1.2.2021.1911   1.3.6.1.4.1.25623.1.0.844853   1.3.6.1.4.1.25623.1.0.878864   1.3.6.1.4.1.25623.1.0.878955   1.3.6.1.4.1.25623.1.1.2.2021.1957   1.3.6.1.4.1.25623.1.0.878987   1.3.6.1.4.1.25623.1.0.878850   1.3.6.1.4.1.25623.1.0.878895   1.3.6.1.4.1.25623.1.0.878922   1.3.6.1.4.1.25623.1.0.878893   1.3.6.1.4.1.25623.1.1.2.2021.1835   1.3.6.1.4.1.25623.1.1.4.2021.0432.1   1.3.6.1.4.1.25623.1.0.853637   1.3.6.1.4.1.25623.1.0.844854   1.3.6.1.4.1.25623.1.0.878919   1.3.6.1.4.1.25623.1.1.2.2021.2096   1.3.6.1.4.1.25623.1.1.2.2021.2007   1.3.6.1.4.1.25623.1.1.2.2021.2028   1.3.6.1.4.1.25623.1.1.4.2021.0529.1   1.3.6.1.4.1.25623.1.0.118180   1.3.6.1.4.1.25623.1.0.118178   1.3.6.1.4.1.25623.1.0.118179   1.3.6.1.4.1.25623.1.1.2.2021.2427  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2021-3177
https://security.netapp.com/advisory/ntap-20210226-0003/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NXSMBHES3ANXXS2RSO5G6Q24BR4B2PWK/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y4KSYYWMGAKOA2JVCQA422OINT6CKQ7O/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BRHOCQYX3QLDGDQGTWQAUUT2GGIZCZUO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YDTZVGSXQ7HR7OCGSUHTRNTMBG43OMKU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6XJAULOS5JVB2L67NCKKMJ5NTKZJBSD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NQPARTLNSFQVMMQHPNBFOCOZOO3TMQNA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCFZMVRQUKCBQIG5F2CBVADK63NFSE4A/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FPE7SMXYUIWPOIZV4DQYXODRXMFX3C5E/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7GZV74KM72O2PEJN2C4XP3V5Q5MZUOO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MGSV6BJQLRQ6RKVUXK7JGU7TP4QFGQXC/
https://security.gentoo.org/glsa/202101-18
https://bugs.python.org/issue42938
https://bugs.python.org/issue42938
https://github.com/python/cpython/pull/24239
https://github.com/python/cpython/pull/24239
https://news.ycombinator.com/item?id=26185005
https://news.ycombinator.com/item?id=26185005
https://python-security.readthedocs.io/vuln/ctypes-buffer-overflow-pycarg_repr.html
https://python-security.readthedocs.io/vuln/ctypes-buffer-overflow-pycarg_repr.html
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com//security-alerts/cpujul2021.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E




© 1998-2024 E-Soft Inc. All rights reserved.