CVE-2013-7338
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2013-7338
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Python‘ZipExtFile._read2()’方法拒绝服务漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Python是Python软件基金会的一套开源的、面向对象的程序设计语言。该语言具有可扩展、支持模块和包、支持多种平台等特点。 Python 3.3.4 RC1及之前的版本的Lib/zipfile.py文件的‘ZipExtFile._read2’函数中存在安全漏洞。远程攻击者可借助特制的ZIP_STORED或ZIP_DEFLATED文件利用该漏洞造成拒绝服务(无限循环和CPU消耗)。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2013-7338
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2013-7338
Please Login to view more intelligence information
- https://support.apple.com/kb/HT205031x_refsource_CONFIRM
- http://bugs.python.org/issue20078x_refsource_CONFIRM
- https://docs.python.org/3.3/whatsnew/changelog.htmlx_refsource_CONFIRM
- http://hg.python.org/cpython/rev/79ea4ce431b1x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2013-7338
Same Patch Batch · n/a · 2014-04-22 · 14 CVEs total
| CVE-2013-1421 | Craig Knudsen WebCalendar 跨站脚本漏洞 | |
| CVE-2013-2105 | Ruby 后置链接漏洞 | |
| CVE-2013-2187 | Apache Archiva 跨站脚本漏洞 | |
| CVE-2013-4116 | Node Packaged Modules 符号链接攻击本地提权漏洞 | |
| CVE-2013-4472 | Xpdf和Poppler 不安全临时文件创建漏洞 | |
| CVE-2014-1615 | Carbon Black 跨站请求伪造漏洞 | |
| CVE-2014-2654 | MobFox mAdserve SQL注入漏洞 | |
| CVE-2014-2659 | Apposite Papercut 跨站请求伪造漏洞 | |
| CVE-2014-2737 | KnowledgeTree SQL注入漏洞 | |
| CVE-2014-2890 | phpMyID‘openid_error’参数跨站脚本漏洞 | |
| CVE-2014-2892 | libmms MMSH Server Response 基于堆的缓冲区溢出漏洞 | |
| CVE-2014-2899 | WolfSSL CyaSSL 拒绝服务漏洞 | |
| CVE-2014-2900 | WolfSSL CyaSSL 欺骗漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial - CVE-2026-8225
Open5GS delete Endpoint sm-sm.c pcf_npcf_smpolicycontrol_han - CVE-2026-8224
Open5GS PCF context.c pcf_sess_set_ipv6prefix denial of serv - CVE-2026-8223
Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send - CVE-2026-8222
Open5GS sm-policies Endpoint nbsf-handler.c pcf_nbsf_managem
V. Comments for CVE-2013-7338
No comments yet