Search for vulnerabilities
Vulnerability details: VCID-cgzx-bygy-zyh7
Vulnerability ID VCID-cgzx-bygy-zyh7
Aliases CVE-2024-7592
Summary There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing cookies that contained backslashes for quoted characters in the cookie value, the parser would use an algorithm with quadratic complexity, resulting in excess CPU resources being used while parsing the value.
Status Published
Exploitability 0.5
Weighted Severity 6.8
Risk 3.4
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-1333 Inefficient Regular Expression Complexity
CWE-400 Uncontrolled Resource Consumption
System Score Found at
cvssv3 4.8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7592.json
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00175 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00175 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00175 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00175 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00175 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00175 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00175 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00175 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00175 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00175 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00175 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00175 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00175 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00175 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00175 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00175 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00175 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00175 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00175 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00194 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00203 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00203 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00203 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00203 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00203 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00203 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00203 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00203 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00203 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00203 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00203 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00229 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00229 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00229 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00229 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00229 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00229 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00229 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00229 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00229 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00255 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00255 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00255 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00255 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00255 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00255 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00255 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00255 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00255 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00255 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00255 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00255 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00255 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00255 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00255 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00277 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00277 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00277 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00277 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00277 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00277 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00277 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00277 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00277 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00277 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00283 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00283 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00283 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00325 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00325 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00325 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
epss 0.00512 https://api.first.org/data/v1/epss?cve=CVE-2024-7592
cvssv3.1 2.6 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1 7.5 https://github.com/python/cpython/commit/391e5626e3ee5af267b97e37abc7475732e67621
ssvc Track https://github.com/python/cpython/commit/391e5626e3ee5af267b97e37abc7475732e67621
cvssv3.1 7.5 https://github.com/python/cpython/commit/44e458357fca05ca0ae2658d62c8c595b048b5ef
ssvc Track https://github.com/python/cpython/commit/44e458357fca05ca0ae2658d62c8c595b048b5ef
cvssv3.1 7.5 https://github.com/python/cpython/commit/a77ab24427a18bff817025adb03ca920dc3f1a06
ssvc Track https://github.com/python/cpython/commit/a77ab24427a18bff817025adb03ca920dc3f1a06
cvssv3.1 7.5 https://github.com/python/cpython/commit/b2f11ca7667e4d57c71c1c88b255115f16042d9a
ssvc Track https://github.com/python/cpython/commit/b2f11ca7667e4d57c71c1c88b255115f16042d9a
cvssv3.1 7.5 https://github.com/python/cpython/commit/d4ac921a4b081f7f996a5d2b101684b67ba0ed7f
ssvc Track https://github.com/python/cpython/commit/d4ac921a4b081f7f996a5d2b101684b67ba0ed7f
cvssv3.1 7.5 https://github.com/python/cpython/commit/d662e2db2605515a767f88ad48096b8ac623c774
ssvc Track https://github.com/python/cpython/commit/d662e2db2605515a767f88ad48096b8ac623c774
cvssv3.1 7.5 https://github.com/python/cpython/commit/dcc3eaef98cd94d6cb6cb0f44bd1c903d04f33b1
ssvc Track https://github.com/python/cpython/commit/dcc3eaef98cd94d6cb6cb0f44bd1c903d04f33b1
cvssv3.1 7.5 https://github.com/python/cpython/issues/123067
cvssv3.1 7.5 https://github.com/python/cpython/issues/123067
ssvc Track https://github.com/python/cpython/issues/123067
ssvc Track https://github.com/python/cpython/issues/123067
cvssv3.1 7.5 https://github.com/python/cpython/pull/123075
cvssv3.1 7.5 https://github.com/python/cpython/pull/123075
ssvc Track https://github.com/python/cpython/pull/123075
ssvc Track https://github.com/python/cpython/pull/123075
cvssv3.1 7.5 https://mail.python.org/archives/list/security-announce@python.org/thread/HXJAAAALNUNGCQUS2W7WR6GFIZIHFOOK/
cvssv3.1 7.5 https://mail.python.org/archives/list/security-announce@python.org/thread/HXJAAAALNUNGCQUS2W7WR6GFIZIHFOOK/
ssvc Track https://mail.python.org/archives/list/security-announce@python.org/thread/HXJAAAALNUNGCQUS2W7WR6GFIZIHFOOK/
ssvc Track https://mail.python.org/archives/list/security-announce@python.org/thread/HXJAAAALNUNGCQUS2W7WR6GFIZIHFOOK/
cvssv3 7.5 https://nvd.nist.gov/vuln/detail/CVE-2024-7592
cvssv3.1 7.5 https://nvd.nist.gov/vuln/detail/CVE-2024-7592
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7592.json
https://api.first.org/data/v1/epss?cve=CVE-2024-7592
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7592
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://github.com/python/cpython/commit/391e5626e3ee5af267b97e37abc7475732e67621
https://github.com/python/cpython/commit/a77ab24427a18bff817025adb03ca920dc3f1a06
https://github.com/python/cpython/commit/b2f11ca7667e4d57c71c1c88b255115f16042d9a
https://github.com/python/cpython/commit/d4ac921a4b081f7f996a5d2b101684b67ba0ed7f
https://github.com/python/cpython/commit/d662e2db2605515a767f88ad48096b8ac623c774
https://github.com/python/cpython/commit/dcc3eaef98cd94d6cb6cb0f44bd1c903d04f33b1
https://github.com/python/cpython/issues/123067
https://github.com/python/cpython/pull/123075
https://mail.python.org/archives/list/security-announce@python.org/thread/HXJAAAALNUNGCQUS2W7WR6GFIZIHFOOK/
https://security.netapp.com/advisory/ntap-20241018-0006/
2305879 https://bugzilla.redhat.com/show_bug.cgi?id=2305879
44e458357fca05ca0ae2658d62c8c595b048b5ef https://github.com/python/cpython/commit/44e458357fca05ca0ae2658d62c8c595b048b5ef
cpe:2.3:a:python:python:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
cpe:2.3:a:python:python:3.13.0:alpha0:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.13.0:alpha0:*:*:*:*:*:*
cpe:2.3:a:python:python:3.13.0:alpha1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.13.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:python:python:3.13.0:alpha2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.13.0:alpha2:*:*:*:*:*:*
cpe:2.3:a:python:python:3.13.0:alpha3:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.13.0:alpha3:*:*:*:*:*:*
cpe:2.3:a:python:python:3.13.0:alpha4:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.13.0:alpha4:*:*:*:*:*:*
cpe:2.3:a:python:python:3.13.0:alpha5:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.13.0:alpha5:*:*:*:*:*:*
cpe:2.3:a:python:python:3.13.0:alpha6:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.13.0:alpha6:*:*:*:*:*:*
cpe:2.3:a:python:python:3.13.0:beta1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.13.0:beta1:*:*:*:*:*:*
cpe:2.3:a:python:python:3.13.0:beta2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.13.0:beta2:*:*:*:*:*:*
cpe:2.3:a:python:python:3.13.0:beta3:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.13.0:beta3:*:*:*:*:*:*
cpe:2.3:a:python:python:3.13.0:beta4:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.13.0:beta4:*:*:*:*:*:*
cpe:2.3:a:python:python:3.13.0:rc1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.13.0:rc1:*:*:*:*:*:*
CVE-2024-7592 https://nvd.nist.gov/vuln/detail/CVE-2024-7592
RHSA-2025:3631 https://access.redhat.com/errata/RHSA-2025:3631
RHSA-2025:3634 https://access.redhat.com/errata/RHSA-2025:3634
USN-7015-1 https://usn.ubuntu.com/7015-1/
USN-7015-2 https://usn.ubuntu.com/7015-2/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7592.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/python/cpython/commit/391e5626e3ee5af267b97e37abc7475732e67621
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-03T17:21:02Z/ Found at https://github.com/python/cpython/commit/391e5626e3ee5af267b97e37abc7475732e67621
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/python/cpython/commit/44e458357fca05ca0ae2658d62c8c595b048b5ef
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-03T17:21:02Z/ Found at https://github.com/python/cpython/commit/44e458357fca05ca0ae2658d62c8c595b048b5ef
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/python/cpython/commit/a77ab24427a18bff817025adb03ca920dc3f1a06
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-03T17:21:02Z/ Found at https://github.com/python/cpython/commit/a77ab24427a18bff817025adb03ca920dc3f1a06
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/python/cpython/commit/b2f11ca7667e4d57c71c1c88b255115f16042d9a
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-03T17:21:02Z/ Found at https://github.com/python/cpython/commit/b2f11ca7667e4d57c71c1c88b255115f16042d9a
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/python/cpython/commit/d4ac921a4b081f7f996a5d2b101684b67ba0ed7f
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-03T17:21:02Z/ Found at https://github.com/python/cpython/commit/d4ac921a4b081f7f996a5d2b101684b67ba0ed7f
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/python/cpython/commit/d662e2db2605515a767f88ad48096b8ac623c774
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-03T17:21:02Z/ Found at https://github.com/python/cpython/commit/d662e2db2605515a767f88ad48096b8ac623c774
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/python/cpython/commit/dcc3eaef98cd94d6cb6cb0f44bd1c903d04f33b1
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-03T17:21:02Z/ Found at https://github.com/python/cpython/commit/dcc3eaef98cd94d6cb6cb0f44bd1c903d04f33b1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/python/cpython/issues/123067
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/python/cpython/issues/123067
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-03T17:21:02Z/ Found at https://github.com/python/cpython/issues/123067
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-03T17:21:02Z/ Found at https://github.com/python/cpython/issues/123067
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/python/cpython/pull/123075
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/python/cpython/pull/123075
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-03T17:21:02Z/ Found at https://github.com/python/cpython/pull/123075
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-03T17:21:02Z/ Found at https://github.com/python/cpython/pull/123075
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://mail.python.org/archives/list/security-announce@python.org/thread/HXJAAAALNUNGCQUS2W7WR6GFIZIHFOOK/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://mail.python.org/archives/list/security-announce@python.org/thread/HXJAAAALNUNGCQUS2W7WR6GFIZIHFOOK/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-03T17:21:02Z/ Found at https://mail.python.org/archives/list/security-announce@python.org/thread/HXJAAAALNUNGCQUS2W7WR6GFIZIHFOOK/
Vector: SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-03T17:21:02Z/ Found at https://mail.python.org/archives/list/security-announce@python.org/thread/HXJAAAALNUNGCQUS2W7WR6GFIZIHFOOK/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2024-7592
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2024-7592
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.44760
EPSS Score 0.00108
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
2024-09-17T19:12:22.064154+00:00 NVD Importer Import https://nvd.nist.gov/vuln/detail/CVE-2024-7592 34.0.1