{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/98987?format=json","vulnerability_id":"VCID-pzy5-zxy9-g7hx","summary":"The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634.","aliases":[{"alias":"CVE-2010-2089"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/125528?format=json","purl":"pkg:deb/debian/python2.7@2.7-1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7-1%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/125526?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/190450?format=json","purl":"pkg:ebuild/dev-lang/python@2.6.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@2.6.8"},{"url":"http://public2.vulnerablecode.io/api/packages/190451?format=json","purl":"pkg:ebuild/dev-lang/python@2.7.3-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@2.7.3-r1"},{"url":"http://public2.vulnerablecode.io/api/packages/190452?format=json","purl":"pkg:ebuild/dev-lang/python@3.2.5-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.2.5-r1"},{"url":"http://public2.vulnerablecode.io/api/packages/190453?format=json","purl":"pkg:ebuild/dev-lang/python@3.3.2-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.3.2-r1"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/184105?format=json","purl":"pkg:rpm/redhat/python@2.3.4-14.10?arch=el4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-425q-pchy-2yfg"},{"vulnerability":"VCID-hgg5-afas-gqem"},{"vulnerability":"VCID-nmcu-anmn-nybp"},{"vulnerability":"VCID-pzy5-zxy9-g7hx"},{"vulnerability":"VCID-qff9-jcqa-jubc"},{"vulnerability":"VCID-xqzx-p4gv-kfdw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python@2.3.4-14.10%3Farch=el4"},{"url":"http://public2.vulnerablecode.io/api/packages/184741?format=json","purl":"pkg:rpm/redhat/python@2.4.3-43?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9qyx-2zhx-5qag"},{"vulnerability":"VCID-d5nm-cwte-qudf"},{"vulnerability":"VCID-hgg5-afas-gqem"},{"vulnerability":"VCID-kz5q-q45c-jub6"},{"vulnerability":"VCID-pzy5-zxy9-g7hx"},{"vulnerability":"VCID-ydue-93bt-e7h8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python@2.4.3-43%3Farch=el5"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2089.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2089.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2089","reference_id":"","reference_type":"","scores":[{"value":"0.09965","scoring_system":"epss","scoring_elements":"0.93176","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2089"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=598197","reference_id":"598197","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=598197"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/dos/34145.txt","reference_id":"CVE-2010-2089;OSVDB-65151","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/dos/34145.txt"},{"reference_url":"https://www.securityfocus.com/bid/40863/info","reference_id":"CVE-2010-2089;OSVDB-65151","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/40863/info"},{"reference_url":"https://security.gentoo.org/glsa/201401-04","reference_id":"GLSA-201401-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0027","reference_id":"RHSA-2011:0027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0491","reference_id":"RHSA-2011:0491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0491"}],"weaknesses":[],"exploits":[{"date_added":"2010-06-14","description":"Python 3.2 - 'audioop' Module Memory Corruption","required_action":null,"due_date":null,"notes":null,"known_ransomware_campaign_use":true,"source_date_published":"2010-06-14","exploit_type":"dos","platform":"unix","source_date_updated":"2014-07-23","data_source":"Exploit-DB","source_url":"https://www.securityfocus.com/bid/40863/info"}],"severity_range_score":null,"exploitability":"2.0","weighted_severity":"0.1","risk_score":0.2,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pzy5-zxy9-g7hx"}