PYSEC-2020-339
See a problem?- Import Source
- https://github.com/pypa/advisory-database/blob/main/vulns/pyamf/PYSEC-2020-339.yaml
- JSON Data
- https://api.osv.dev/v1/vulns/PYSEC-2020-339
- Aliases
-
- CVE-2015-8549
- GHSA-m7m4-4vm8-55wg
- Published
- 2020-01-15T15:15:00Z
- Modified
- 2023-11-08T03:58:02.455853Z
- Summary
- [none]
- Details
-
XML external entity (XXE) vulnerability in PyAMF before 0.8.0 allows remote attackers to cause a denial of service or read arbitrary files via a crafted Action Message Format (AMF) payload.
- References
-
- http://www.securityfocus.com/archive/1/archive/1/537151/100/0/threaded
- https://github.com/hydralabs/pyamf/releases/tag/v0.8.0
- https://github.com/hydralabs/pyamf/pull/58
- http://www.ocert.org/advisories/ocert-2015-011.html
- https://pypi.org/project/pyamf
- https://nvd.nist.gov/vuln/detail/CVE-2015-8549
- https://github.com/advisories/GHSA-m7m4-4vm8-55wg
Affected packages
PyPI / pyamf
Package
- Name
- pyamf
- View open source insights on deps.dev
- Purl
- pkg:pypi/pyamf