JSONDecoder.raw_decode¶
Warning
This resource is maintained for historical reference and does not contain the latest vulnerability info for Python.
The canonical database for vulnerabilities affecting Python is available on GitHub in the Open Source Vulnerability (OSV) format. This vulnerability can be viewed online at the Open Source Vulnerability Database.
Fix arbitrary memory access in JSONDecoder.raw_decode() with a negative
second parameter.
Note: The issue #21529 was created at 2014-05-19, after the commit.
Dates:
Disclosure date: 2014-04-13 (commit)
Reported by: Guido Vranken
Red Hat impact: Moderate
Fixed In¶
Python 2.7.7 (2014-05-31) fixed by commit 6c939cb (branch 2.7) (2014-04-14)
Python 3.2.6 (2014-10-12) fixed by commit 99b5afa (branch 3.2) (2014-04-14)
Python 3.3.6 (2014-10-12) fixed by commit 99b5afa (branch 3.2) (2014-04-14)
Python 3.4.1 (2014-05-18) fixed by commit 99b5afa (branch 3.2) (2014-04-14)
Python 3.5.0 (2015-09-12) fixed by commit 99b5afa (branch 3.2) (2014-04-14)
Python issue¶
JSON module: reading arbitrary process memory.
Python issue: bpo-21529
Creation date: 2014-05-19
Reporter: Benjamin Peterson
CVE-2014-4616¶
Array index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the raw_decode function.
CVE ID: CVE-2014-4616
Published: 2017-08-24
CVSS Score: 4.3
Timeline¶
Timeline using the disclosure date 2014-04-13 as reference:
2014-04-13: Disclosure date (commit)
2014-04-14 (+1 days): commit 6c939cb (branch 2.7)
2014-04-14 (+1 days): commit 99b5afa (branch 3.2)
2014-05-18 (+35 days): Python 3.4.1 released
2014-05-19 (+36 days): Python issue bpo-21529 reported by Benjamin Peterson
2014-05-31 (+48 days): Python 2.7.7 released
2014-10-12 (+182 days): Python 3.2.6 released
2014-10-12 (+182 days): Python 3.3.6 released
2015-09-12: Python 3.5.0 released
2017-08-24 (+1229 days): CVE-2014-4616 published