netapp active-iq-unified-manager CVE-2019-20907 vulnerability in NetApp and Other Products
Published on July 13, 2020

product logo product logo product logo product logo product logo product logo product logo
In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD


Products Associated with CVE-2019-20907

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2019-20907 are published in these products:

NetApp Active Iq Unified Manager
 
Python
 
Canonical Ubuntu Linux
 
Debian Linux
 
Fedora Project Fedora
 
OpenSuse Leap
 
NetApp Cloud Volumes Ontap Mediator
 
Oracle Zfs Storage Appliance Kit
 

Exploit Probability

EPSS
0.33%
Percentile
55.66%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.