High severityNVD Advisory· Published Jan 15, 2020· Updated Aug 6, 2024
CVE-2015-8549
CVE-2015-8549
Description
XML external entity (XXE) vulnerability in PyAMF before 0.8.0 allows remote attackers to cause a denial of service or read arbitrary files via a crafted Action Message Format (AMF) payload.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
pyamfPyPI | < 0.8.0 | 0.8.0 |
Affected products
2- PyAMF/PyAMFdescription
Patches
Vulnerability mechanics
References
8- github.com/advisories/GHSA-m7m4-4vm8-55wgghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2015-8549ghsaADVISORY
- www.ocert.org/advisories/ocert-2015-011.htmlghsax_refsource_MISCWEB
- www.securityfocus.com/archive/1/archive/1/537151/100/0/threadedmitrex_refsource_MISC
- github.com/hydralabs/pyamf/pull/58ghsax_refsource_MISCWEB
- github.com/hydralabs/pyamf/releases/tag/v0.8.0ghsax_refsource_MISCWEB
- github.com/pypa/advisory-database/tree/main/vulns/pyamf/PYSEC-2020-339.yamlghsaWEB
- pypi.org/project/pyamfghsaWEB
News mentions
0No linked articles in our index yet.