Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Array index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the raw_decode function.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Python和simplejson _json模块信息泄露漏洞
Vulnerability Description
Python是Python软件基金会的一套开源的、面向对象的程序设计语言。该语言具有可扩展、支持模块和包、支持多种平台等特点。simplejson是一个可扩展的JSON解码/编码器。_json module是其中的一个数据交换模块。 Python 2.7版本至3.5版本和simplejson 2.6.1之前的版本中的_json模块的‘scanstring’函数存在安全漏洞。本地攻击者可通过向‘raw_decode’函数发送带有负的指针值的‘idx’参数利用该漏洞读取任意的进程内存。
CVSS Information
N/A
Vulnerability Type
N/A