First published: Tue Mar 07 2023(Updated: )
It was discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into running a specially crafted input, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2022-37454)
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/python3.8-minimal | <3.8.0-3ubuntu1~18.04.2+esm1 | 3.8.0-3ubuntu1~18.04.2+esm1 |
=18.04 | ||
All of | ||
ubuntu/python3.8 | <3.8.0-3ubuntu1~18.04.2+esm1 | 3.8.0-3ubuntu1~18.04.2+esm1 |
=18.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of USN-5931-1 is high.
Python vulnerability (CVE-2022-37454) affects Ubuntu 18.04.
A remote attacker can exploit this vulnerability by tricking a user or an automated system into running a specially crafted input, which could allow them to execute arbitrary code.
The recommended remedy for Python vulnerability (CVE-2022-37454) on Ubuntu 18.04 is to upgrade to version 3.8.0-3ubuntu1~18.04.2+esm1 of python3.8-minimal and python3.8 packages.
You can find more information about Python vulnerability (CVE-2022-37454) and USN-5931-1 on the Ubuntu Security Notices website: [link](https://ubuntu.com/security/notices/USN-5931-1)