CVE-2022-48560

A use-after-free exists in Python through 3.9 via heappushpop in heapq.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
cpe:2.3:a:python:python:3.9.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:python:python:3.9.0:alpha2:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

History

08 Dec 2023, 03:15

Type Values Removed Values Added
References
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VO7Y2YZSDK3UYJD2KBGLXRTGNG6T326J/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZ5OOBWNYWXFTZDMCGHJVGDLDTHLWITJ/ -

11 Oct 2023, 23:15

Type Values Removed Values Added
References
  • (MLIST) https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html -

29 Sep 2023, 22:15

Type Values Removed Values Added
References
  • (CONFIRM) https://security.netapp.com/advisory/ntap-20230929-0008/ -

28 Sep 2023, 16:05

Type Values Removed Values Added
First Time Debian debian Linux
Debian
CPE cpe:2.3:a:python:python:3.9.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:python:python:3.9.0:alpha2:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
References (MLIST) https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html - (MLIST) https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html - Mailing List, Third Party Advisory

20 Sep 2023, 22:15

Type Values Removed Values Added
References
  • (MLIST) https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html -

26 Aug 2023, 02:16

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
CWE CWE-416
CPE cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
References (MISC) https://bugs.python.org/issue39421 - (MISC) https://bugs.python.org/issue39421 - Exploit, Issue Tracking, Patch, Vendor Advisory
First Time Python
Python python

22 Aug 2023, 20:10

Type Values Removed Values Added
New CVE

Information

Published : 2023-08-22 19:16

Updated : 2024-02-28 20:33


NVD link : CVE-2022-48560

Mitre link : CVE-2022-48560

CVE.ORG link : CVE-2022-48560


JSON object : View

Products Affected

debian

  • debian_linux

python

  • python
CWE
CWE-416

Use After Free