CVE
CVE-2021-3177
| CVE ID |
CVE-2021-3177
|
|---|---|
| CVSS Score |
9.8
|
| Operating System | |
| Affected Versions | |
| Patched Versions |
python3-3.6.8-21_ol009.el7_9
|
| Patch Date |
|
| Last Updated Date | |
| Vector String |
Additional Information
OL CVE Issue Summary :
Python has a buffer overflow in `PyCArg_repr` in `_ctypes/callproc.c`, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a `1e300` argument to `c_double.from_param`. This occurs because `sprintf` is used unsafely.