CVE-2013-1752
Public on 2013-11-03
Modified on 2017-08-31
Description
It was discovered that multiple Python standard library modules implementing network protocols (such as httplib or smtplib) failed to restrict sizes of server responses. A malicious server could cause a client using one of the affected modules to consume an excessive amount of memory.
Severity
Medium
CVSS v3 Base Score
See breakdown
Affected Packages
| Platform | Package | Release Date | Advisory | Status |
|---|---|---|---|---|
| Amazon Linux 1 | python26 | 2013-11-03 | ALAS-2013-241 | Fixed |
| Amazon Linux 1 | python26 | 2015-12-14 | ALAS-2015-621 | Fixed |
| Amazon Linux 1 | python27 | 2015-06-22 | ALAS-2015-552 | Fixed |
CVSS Scores
| Score Type | Score | Vector | |
|---|---|---|---|
| Amazon Linux | CVSSv2 | 4.3 | AV:N/AC:M/Au:N/C:N/I:N/A:P |