Version: latest

CVE-2022-48560

CVE Details

CVE-2022-48560

Last Update

10/10/24

NIST CVE Summary

A use-after-free exists in Python through 3.9 via heappushpop in heapq.

Our Official Summary

This CVE affects python versions upto 3.9. The use-after-free vulnerability in Python's heapq module allows an attacker to manipulate memory after it has been freed, potentially leading to arbitrary code execution or a denial of service. This vulnerability can be exploited by carefully crafting a malicious input that triggers the use-after-free condition. There is no known workaround for this vulnerability. Python version needs to be upgraded in the images reported.

CVE Severity

7.5

Status

Ongoing

Affected Products & Versions

Palette VerteX airgap 4.4.18

Revision History

1.0 9/13/2024 Initial Publication
2.0 9/13/2024 Added Palette VerteX airgap 4.4.18 to Affected Products
3.0 10/10/2024 CVE remediated in Palette VerteX airgap 4.5.3

CVE Details​

Last Update​

NIST CVE Summary​

Our Official Summary​

CVE Severity​

Status​

Affected Products & Versions​

Revision History​