VDB
GCVE-110-MAGEIA-2018-495
GCVE-110-MAGEIA-2018-495
Advisory Published
Possible denial of service vulnerability due to a missing check in
Lib/wave.py to verify that at least one channel is provided
(CVE-2017-18207).
Python's elementtree C accelerator failed to initialise Expat's hash
salt during initialization. This could make it easy to conduct denial of
service attacks against Expat by contructing an XML document that would
cause pathological hash collisions in Expat's internal data structures,
consuming large amounts CPU and RAM (CVE-2018-14647).
It was discovered that the shutil module of python does not properly
sanitize input when creating a zip file on Windows. An attacker could
use this flaw to cause a denial of service or add unintended files to
the generated archive (CVE-2018-1000802).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | python | 0 (affected), 2.7.15-1.1.mga6 (unaffected) | — |
References
Browse GCVE Records
72,664 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.