{"id":"MGASA-2020-0266","summary":"Updated scapy packages fix security vulnerability","details":"Updated scapy packages fix security vulnerabilities:\n\nA vulnerability was found in scapy 2.4.0 and earlier is affected by:\nDenial of Services. The impact is: busy loop forever. The component\nis:\n_RADIUSAttrPacketListField class. The attack vector is: a packet sent\nover the network or in a pcap (CVE-2019-1010262).\n\nscapy 2.4.0 is affected by: Denial of Service. The impact is: infinite\nloop, resource consumption and program unresponsive. The component is:\n_RADIUSAttrPacketListField.getfield(self..). The attack vector is: over\nthe network or in a pcap. both work (CVE-2019-1010142).\n","modified":"2026-04-16T04:43:07.345687703Z","published":"2020-06-16T07:45:15Z","upstream":["CVE-2019-1010142","CVE-2019-1010262"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2020-0266.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=25954"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/GICTAGUAV4OGIAPKKWXSEVIXU7DZEJ2V/"}],"affected":[{"package":{"name":"scapy","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/scapy?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.4.0-3.1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2020-0266.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}