USN-7101-1: Pydantic vulnerability
12 November 2024
Pydantic could be made to crash if it received specially crafted input.
Releases
Packages
- pydantic - Data validation using Python type hints.
Details
It was discovered that Pydantic incorrectly handled certain regular
expressions. A remote attacker could possibly use this issue to cause a
denial of service via a crafted email string.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 22.04
-
python3-pydantic
-
1.8.2-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 20.04
-
python3-pydantic
-
1.2-1ubuntu0.1~esm3
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.