CVE-2022-48560
CVE Details
Last Update
9/15/24
NIST CVE Summary
A use-after-free exists in Python through 3.9 via heappushpop in heapq.
Our Official Summary
This CVE affects python versions upto 3.9. The use-after-free vulnerability in Python's heapq module allows an attacker to manipulate memory after it has been freed, potentially leading to arbitrary code execution or a denial of service. This vulnerability can be exploited by carefully crafting a malicious input that triggers the use-after-free condition. There is no known workaround for this vulnerability. Python version needs to be upgraded in the images reported.
CVE Severity
Status
Ongoing
Affected Products & Versions
- Palette VerteX 4.4.18
Revision History
- 1.0 9/13/2024 Initial Publication
- 2.0 9/13/2024 Added Palette VerteX 4.4.18 to Affected Products