You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Path to dependency file: clusterfuzz/src/python/bot/untrusted_runner/build
Path to vulnerable library: clusterfuzz/src/python/bot/untrusted_runner/build,clusterfuzz/src/appengine/handlers/cron/project,clusterfuzz/src/local/butler/scripts,clusterfuzz/src/python/bot/tasks,clusterfuzz/resources/platform/linux/peach/peach_mutator/peach_mutator/third_party/peach/requirements.txt
psutil (aka python-psutil) through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object.
CVE-2019-18874 - High Severity Vulnerability
Vulnerable Library - psutil-2.1.1.tar.gz
Cross-platform lib for process and system monitoring in Python.
Library home page: https://files.pythonhosted.org/packages/64/4b/70601d39b8e445265ed148affc49f7bfbd246940637785be5c80e007fa6e/psutil-2.1.1.tar.gz
Path to dependency file: clusterfuzz/src/python/bot/untrusted_runner/build
Path to vulnerable library: clusterfuzz/src/python/bot/untrusted_runner/build,clusterfuzz/src/appengine/handlers/cron/project,clusterfuzz/src/local/butler/scripts,clusterfuzz/src/python/bot/tasks,clusterfuzz/resources/platform/linux/peach/peach_mutator/peach_mutator/third_party/peach/requirements.txt
Dependency Hierarchy:
Found in HEAD commit: aefe4b0859891117218fba5984e5c3e753ea9597
Vulnerability Details
psutil (aka python-psutil) through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object.
Publish Date: 2019-11-12
URL: CVE-2019-18874
CVSS 3 Score Details (7.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-18874
Release Date: 2019-11-12
Fix Resolution: 5.6.6
The text was updated successfully, but these errors were encountered: