Vulnerability Database
Blog
FAQ
Docs
CVE-2022-48560
See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-48560
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48560.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-48560
Aliases
BIT-python-2022-48560
GHSA-pvw5-cvp6-cv92
PSF-2023-11
Related
ALSA-2024:0114
ALSA-2024:2987
CGA-grx3-mgr7-fqm5
CGA-jcfc-86xf-53qf
DLA-3575-1
DLA-3614-1
USN-6394-1
USN-6394-2
USN-6891-1
Published
2023-08-22T19:16:31Z
Modified
2024-05-29T21:34:53Z
Severity
7.5 (High)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS Calculator
Summary
[none]
Details
A use-after-free exists in Python through 3.9 via heappushpop in heapq.
References
https://bugs.python.org/issue39421
https://security.netapp.com/advisory/ntap-20230929-0008/
https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html
https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZ5OOBWNYWXFTZDMCGHJVGDLDTHLWITJ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VO7Y2YZSDK3UYJD2KBGLXRTGNG6T326J/
Affected packages
Git
/
github.com/python/cpython
Affected ranges
Type
GIT
Repo
https://github.com/python/cpython
Events
Introduced
1bf9cc509326bc42cd8cb1650eb9bf64550d817e
Fixed
d7c567b08f9d7d6aef21b881340a2b72731129db
CVE-2022-48560 - OSV