PSF-2012-3

See a problem?
Import Source
https://github.com/psf/advisory-database/blob/main/advisories/python/PSF-2012-3.json
JSON Data
https://api.osv.dev/v1/vulns/PSF-2012-3
Aliases
Published
2012-10-05T21:00:00Z
Modified
2023-11-08T03:57:03.051816Z
Summary
XML-RPC DoS
Details

SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an XML-RPC POST request that contains a smaller amount of data than specified by the Content-Length header.

References

Affected packages

Git / github.com/python/cpython

Affected ranges

Type
GIT
Repo
https://github.com/python/cpython
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed

Affected versions

2.*

2.5

v0.*

v0.9.8
v0.9.9

v1.*

v1.0.1
v1.0.2
v1.1
v1.1.1
v1.2
v1.2b1
v1.2b2
v1.2b3
v1.2b4
v1.3
v1.3b1
v1.4
v1.4b1
v1.4b2
v1.4b3
v1.5
v1.5.1
v1.5.2
v1.5.2a1
v1.5.2a2
v1.5.2b1
v1.5.2b2
v1.5.2c1
v1.5a1
v1.5a2
v1.5a3
v1.5a4
v1.5b1
v1.5b2
v1.6a1
v1.6a2

v2.*

v2.0
v2.0b1
v2.0b2
v2.0c1
v2.1
v2.1a1
v2.1a2
v2.1b1
v2.1b2
v2.1c1
v2.1c2
v2.2a3
v2.3c1
v2.3c2
v2.4
v2.4a1
v2.4a2
v2.4a3
v2.4b1
v2.4b2
v2.4c1
v2.5
v2.5.1
v2.5.1c1
v2.5.2
v2.5.2c1
v2.5.3
v2.5.3c1
v2.5.4
v2.5.5
v2.5.5c1
v2.5.5c2
v2.5.6
v2.5.6c1
v2.5a0
v2.5a1
v2.5a2
v2.5b1
v2.5b2
v2.5b3
v2.5c1
v2.5c2
v2.6
v2.6.1
v2.6.2
v2.6.2c1
v2.6.3
v2.6.3rc1
v2.6.4
v2.6.4rc1
v2.6.4rc2
v2.6.5
v2.6.5rc1
v2.6.5rc2
v2.6.6
v2.6.6rc1
v2.6.6rc2
v2.6.7
v2.6a1
v2.6a2
v2.6a3
v2.6b1
v2.6b2
v2.6b3
v2.6rc1
v2.6rc2