CVE-2013-1753 | Vulnerability Database | Aqua Security

The gzip_decode function in the xmlrpc client library in Python 3.4 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP request.

Affected Software

Name	Vendor	Start Version	End Version
Python	Python	2.7.0 (including)	2.7.9 (excluding)
Python	Python	3.2.0 (including)	3.2.6 (excluding)
Python	Python	3.3.0 (including)	3.3.6 (excluding)
Python	Python	3.4.0 (including)	3.4.3 (excluding)
Red Hat Enterprise Linux 7	RedHat	python-0:2.7.5-34.el7	*
Red Hat Software Collections for Red Hat Enterprise Linux 6	RedHat	python27-0:1.1-17.el6	*
Red Hat Software Collections for Red Hat Enterprise Linux 6	RedHat	python27-python-0:2.7.8-3.el6	*
Red Hat Software Collections for Red Hat Enterprise Linux 6	RedHat	python27-python-pip-0:1.5.6-5.el6	*
Red Hat Software Collections for Red Hat Enterprise Linux 6	RedHat	python27-python-setuptools-0:0.9.8-3.el6	*
Red Hat Software Collections for Red Hat Enterprise Linux 6	RedHat	python27-python-simplejson-0:3.2.0-2.el6	*
Red Hat Software Collections for Red Hat Enterprise Linux 6	RedHat	python27-python-wheel-0:0.24.0-2.el6	*
Red Hat Software Collections for Red Hat Enterprise Linux 6.5 EUS	RedHat	python27-0:1.1-17.el6	*
Red Hat Software Collections for Red Hat Enterprise Linux 6.5 EUS	RedHat	python27-python-0:2.7.8-3.el6	*
Red Hat Software Collections for Red Hat Enterprise Linux 6.5 EUS	RedHat	python27-python-pip-0:1.5.6-5.el6	*
Red Hat Software Collections for Red Hat Enterprise Linux 6.5 EUS	RedHat	python27-python-setuptools-0:0.9.8-3.el6	*
Red Hat Software Collections for Red Hat Enterprise Linux 6.5 EUS	RedHat	python27-python-simplejson-0:3.2.0-2.el6	*
Red Hat Software Collections for Red Hat Enterprise Linux 6.5 EUS	RedHat	python27-python-wheel-0:0.24.0-2.el6	*
Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS	RedHat	python27-0:1.1-17.el6	*
Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS	RedHat	python27-python-0:2.7.8-3.el6	*
Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS	RedHat	python27-python-pip-0:1.5.6-5.el6	*
Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS	RedHat	python27-python-setuptools-0:0.9.8-3.el6	*
Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS	RedHat	python27-python-simplejson-0:3.2.0-2.el6	*
Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS	RedHat	python27-python-wheel-0:0.24.0-2.el6	*
Red Hat Software Collections for Red Hat Enterprise Linux 7	RedHat	python27-0:1.1-20.el7	*
Red Hat Software Collections for Red Hat Enterprise Linux 7	RedHat	python27-python-0:2.7.8-3.el7	*
Red Hat Software Collections for Red Hat Enterprise Linux 7	RedHat	python27-python-pip-0:1.5.6-5.el7	*
Red Hat Software Collections for Red Hat Enterprise Linux 7	RedHat	python27-python-setuptools-0:0.9.8-5.el7	*
Red Hat Software Collections for Red Hat Enterprise Linux 7	RedHat	python27-python-simplejson-0:3.2.0-3.el7	*
Red Hat Software Collections for Red Hat Enterprise Linux 7	RedHat	python27-python-wheel-0:0.24.0-2.el7	*
Python2.7	Ubuntu	precise	*
Python2.7	Ubuntu	trusty	*
Python2.7	Ubuntu	upstream	*
Python2.7	Ubuntu	utopic	*
Python3.2	Ubuntu	precise	*
Python3.4	Ubuntu	trusty	*
Python3.4	Ubuntu	upstream	*
Python3.4	Ubuntu	utopic	*

References

https://bugs.python.org/issue16043

NVD	https://nvd.nist.gov/vuln/detail/CVE-2013-1753
CWE	https://cwe.mitre.org/data/definitions/.html