CVE-2024-4032

The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the isprivate and isglobal properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and...

CVE-2024-4032

The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the isprivate and isglobal properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and...

UBUNTU-CVE-2024-4032

The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the isprivate and isglobal properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and...

CVE-2024-4032 Incorrect IPv4 and IPv6 private ranges

The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the isprivate and isglobal properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and...

CVE-2024-4032

CVE-2024-4032 affects the Python ipaddress module, where is_private and is_global could be incorrect for IPv4/IPv6 addresses due to registry data prior to updates. Connected advisories confirm that CPython releases 3.12.4 and 3.13.0a6 include updated IANA Special-Purpose Address Registry data and...

CVE-2021-47156

The Net::IPAddress::Util module before 5.000 for Perl does not properly consider extraneous zero characters in an IP address string, which in some situations allows attackers to bypass access control that is based on IP addresses...

CVE-2021-47156

CVE-2021-47156 affects the Perl module Net::IPAddress::Util (before 5.000). The flaw arises from not properly handling extraneous zero characters in IP address strings, which can allow bypassing IP‑address based access control. Impact is access control bypass (no general exploitation details prov...

Net-IPAddress-Util Security Vulnerability

Net-IPAddress-Util is a software package. A security vulnerability exists in Net-IPAddress-Util versions prior to 5.000 that stems from not properly filtering IP address strings beginning with 0, which allows an attacker to bypass IP address-based access control...

Fedora: Security Advisory for IPAddress (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

BIT-PYTHON-2021-29921

In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This in some situations allows attackers to bypass access control that is based on IP addresses...

kernel: scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress

In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during logout when accessing the shost ipaddress Bug report and analysis from Ding Hui. During iSCSI session logout, if another task accesses the shost ipaddress attr, we can get a KASAN UAF report like...

kernel: UAF during login when accessing the shost ipaddress

A use-after-free flaw was found in iscsiswtcpsessioncreate in drivers/scsi/iscsitcp.c in the SCSI sub-component in the Linux Kernel. This issue could allow an attacker to leak kernel internal information...

kernel: scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress

In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during logout when accessing the shost ipaddress Bug report and analysis from Ding Hui. During iSCSI session logout, if another task accesses the shost ipaddress attr, we can get a KASAN UAF report like...

kernel: UAF during login when accessing the shost ipaddress

A use-after-free flaw was found in iscsiswtcpsessioncreate in drivers/scsi/iscsitcp.c in the SCSI sub-component in the Linux Kernel. This issue could allow an attacker to leak kernel internal information...

kernel: scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress

A vulnerability was found in the Linux kernel's iscsi tcp drivers. Improper resource allocation management can lead to a use-after-free scenario, triggered when the userspace attempts to access the session host's ipaddress attribute while the kernel is performing a session teardown via...

kernel: UAF during login when accessing the shost ipaddress

A use-after-free flaw was found in iscsiswtcpsessioncreate in drivers/scsi/iscsitcp.c in the SCSI sub-component in the Linux Kernel. This issue could allow an attacker to leak kernel internal information...

Denial Of Service (DoS)

com.github.seancfoley: ipaddress is vulnerable to Denial Of Service DoS. The vulnerability is due to missing checks for a radix value of 2 or greater when the radix value is passed as an argument to the IPAddressBitsDivision constructor. The IPAddressBitsDivision constructor internally calls the...

GHSA-QPHF-W3CQ-JPMX IPAddress Infinite Loop vulnerability (Disputed)

An issue in the component IPAddressBitsDivision of IPAddress v5.1.0 leads to an infinite loop...

IPAddress Infinite Loop vulnerability (Disputed)

An issue in the component IPAddressBitsDivision of IPAddress v5.1.0 leads to an infinite loop...

CVE-2023-50570

An issue in the component IPAddressBitsDivision of IPAddress v5.1.0 leads to an infinite loop. This is disputed because an infinite loop occurs only for cases in which the developer supplies invalid arguments. The product is not intended to always halt for contrived inputs...