N/A
CVE-2013-7338
Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function.
EPSS
7.8%
percentile 92.0%
Affected tracked apps
Vulnerable CPE configurations
| Vendor | Product | Platform | Versions | CPE 2.3 URI |
|---|---|---|---|---|
| python | python | Windows | — | cpe:2.3:a:python:python:3.3.0:-:*:*:*:*:*:* |
| python | python | Windows | — | cpe:2.3:a:python:python:3.3.0:alpha1:*:*:*:*:*:* |
| python | python | Windows | — | cpe:2.3:a:python:python:3.3.0:alpha2:*:*:*:*:*:* |
| python | python | Windows | — | cpe:2.3:a:python:python:3.3.0:alpha3:*:*:*:*:*:* |
| python | python | Windows | — | cpe:2.3:a:python:python:3.3.0:alpha4:*:*:*:*:*:* |
| python | python | Windows | — | cpe:2.3:a:python:python:3.3.0:beta1:*:*:*:*:*:* |
| python | python | Windows | — | cpe:2.3:a:python:python:3.3.0:beta2:*:*:*:*:*:* |
| python | python | Windows | — | cpe:2.3:a:python:python:3.3.0:rc1:*:*:*:*:*:* |
| python | python | Windows | — | cpe:2.3:a:python:python:3.3.0:rc2:*:*:*:*:*:* |
| python | python | Windows | — | cpe:2.3:a:python:python:3.3.0:rc3:*:*:*:*:*:* |
| python | python | Windows | — | cpe:2.3:a:python:python:3.3.1:-:*:*:*:*:*:* |
| python | python | Windows | — | cpe:2.3:a:python:python:3.3.1:rc1:*:*:*:*:*:* |
| python | python | Windows | — | cpe:2.3:a:python:python:3.3.2:*:*:*:*:*:*:* |
| python | python | Windows | — | cpe:2.3:a:python:python:3.3.3:*:*:*:*:*:*:* |
| python | python | Windows | — | cpe:2.3:a:python:python:3.3.3:rc1:*:*:*:*:*:* |
| python | python | Windows | — | cpe:2.3:a:python:python:3.3.3:rc2:*:*:*:*:*:* |