In Lib/tarfile.py in Python through... CVE-2019-20907

- AV AC AU C I A
发布: 2020-07-13
修订: 2020-09-24

In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.

0%
暂无可用Exp或PoC
产品及版本信息(CPE)暂不可用