It was discovered that multiple Python standard library modules implementing network protocols (such as httplib or smtplib) failed to restrict sizes of server responses. A malicious server could cause a client using one of the affected modules to consume an excessive amount of memory.
Platform | Package | Release Date | Advisory |
---|---|---|---|
Amazon Linux 1 | python26 | 2015-12-14 10:00 | ALAS-2015-621 |
Amazon Linux 1 | python26 | 2013-11-03 12:09 | ALAS-2013-241 |
Amazon Linux 1 | python27 | 2015-06-22 10:31 | ALAS-2015-552 |
Score Type | Score | Vector | |
---|---|---|---|
Amazon Linux | CVSSv2 | 4.3 | AV:N/AC:M/Au:N/C:N/I:N/A:P |