Vulnerabilities > CVE-2020-25489 - Out-of-bounds Write vulnerability in Sqreen Python Mini Racer
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
A heap overflow in Sqreen PyMiniRacer (aka Python Mini Racer) before 0.3.0 allows remote attackers to potentially exploit heap corruption.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://blog.sqreen.com/vulnerability-disclosure-finding-a-vulnerability-in-sqreens-php-agent-and-how-we-fixed-it/
- https://blog.sqreen.com/vulnerability-disclosure-finding-a-vulnerability-in-sqreens-php-agent-and-how-we-fixed-it/
- https://github.com/sqreen/PyMiniRacer/compare/v0.2.0...v0.3.0
- https://github.com/sqreen/PyMiniRacer/compare/v0.2.0...v0.3.0