In Python versions 3.12.0 and above a high severity vulnerability CVE-2024-12254 was detected. This vulnerability allows attackers to exploit a flaw in the asyncio._SelectorSocketTransport.writelines() method, leading to uncontrolled memory consumption in network-based Python applications. To address this issue, users should upgrade Python to version 3.14.0a2. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-12254.
Python: Memory Exhaustion Vulnerability
by the Hossted team
10.12.2024