Lucene search
K

321 matches found

BDU FSTEC
BDU FSTEC
added 2021/09/20 12:0 a.m.5 views

The vulnerability of the ipaddress library in the Python programming language lies in insufficient input validation. This allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the ipaddress library in the Python programming language is related to the incorrect processing of initial zero characters in octal IP address strings. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause...

9.8CVSS7AI score0.06827EPSS
Exploits1References9Affected Software3
FreeBSD
FreeBSD
added 2021/08/30 12:0 a.m.39 views

Python -- multiple vulnerabilities

Python reports: bpo-42278: Replaced usage of tempfile.mktemp with TemporaryDirectory to avoid a potential race condition. bpo-44394: Update the vendored copy of libexpat to 2.4.1 from 2.2.8 to get the fix for the CVE-2013-0340 "Billion Laughs" vulnerability. This copy is most used on Windows and...

6.8CVSS2AI score0.19433EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2021/08/24 12:50 p.m.4 views

python-ipaddress: Improper input validation of octal strings

A flaw was found in python-ipaddress. Improper input validation of octal strings in stdlib ipaddress allows unauthenticated remote attackers to perform indeterminate SSRF, RFI, and LFI attacks on many programs that rely on Python stdlib ipaddress. The highest threat from this vulnerability is to...

9.8CVSS6.9AI score0.06827EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2021/08/10 12:0 a.m.235 views

EulerOS 2.0 SP8 : python-ipaddress (EulerOS-SA-2021-2313)

According to the version of the python-ipaddress packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allo...

5.9CVSS7.1AI score0.12826EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/08/09 12:0 a.m.14 views

Huawei EulerOS: Security Advisory for python-ipaddress (EulerOS-SA-2021-2313)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS7.1AI score0.12826EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/23 12:0 a.m.26 views

Python < 3.9.5 Authentication Bypass Vulnerability - Mac OS X

Python is prone to an authentication bypass vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.8AI score0.06827EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/06/23 12:0 a.m.27 views

Python < 3.9.5 Authentication Bypass Vulnerability - Windows

Python is prone to an authentication bypass vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.8AI score0.06827EPSS
Exploits1References2
OSV
OSV
added 2021/06/01 11:56 a.m.7 views

USN-4973-1 python3.8 vulnerability

It was discovered that the Python stdlib ipaddress API incorrectly handled octal strings. A remote attacker could possibly use this issue to perform a wide variety of attacks, including bypassing certain access restrictions...

9.8CVSS6.9AI score0.06827EPSS
Exploits1References2
Gitee
Gitee
added 2021/05/20 8:33 p.m.2 views

jexboss

Exploit module/targeting JBoss Application Server and others Java Platforms, Frameworks, Applications, etc. The provided code is a Python script that appears to be a tool for testing and exploiting vulnerabilities in JBoss Application Server and other Java-based platforms. The script is written i...

7AI score
Exploits0
NVD
NVD
added 2021/05/06 1:15 p.m.20 views

CVE-2021-29921

In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This in some situations allows attackers to bypass access control that is based on IP addresses...

9.8CVSS0.06827EPSS
Exploits1References17
OSV
OSV
added 2021/05/06 1:15 p.m.1 views

ALPINE-CVE-2021-29921

In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This in some situations allows attackers to bypass access control that is based on IP addresses...

9.8CVSS6.9AI score0.06827EPSS
Exploits1References1
OSV
OSV
added 2021/05/06 1:15 p.m.1 views

DEBIAN-CVE-2021-29921

In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This in some situations allows attackers to bypass access control that is based on IP addresses...

9.8CVSS7.3AI score0.06827EPSS
Exploits1References1
OSV
OSV
added 2021/05/06 1:15 p.m.35 views

CVE-2021-29921

In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This in some situations allows attackers to bypass access control that is based on IP addresses...

9.8CVSS6.9AI score
Exploits0References17
Prion
Prion
added 2021/05/06 1:15 p.m.84 views

Improper access control

In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This in some situations allows attackers to bypass access control that is based on IP addresses...

7.5CVSS8.3AI score0.06827EPSS
Exploits1References16Affected Software6
UbuntuCve
UbuntuCve
added 2021/05/06 1:15 p.m.47 views

CVE-2021-29921

In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This in some situations allows attackers to bypass access control that is based on IP addresses...

9.8CVSS6.9AI score0.06827EPSS
Exploits1References12
OSV
OSV
added 2021/05/06 1:15 p.m.2 views

UBUNTU-CVE-2021-29921

In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This in some situations allows attackers to bypass access control that is based on IP addresses...

9.8CVSS7.1AI score0.06827EPSS
Exploits1References13
Cvelist
Cvelist
added 2021/05/06 12:0 a.m.32 views

CVE-2021-29921

In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This in some situations allows attackers to bypass access control that is based on IP addresses...

9.6AI score0.06827EPSS
Exploits1References16
CVE
CVE
added 2021/05/06 12:0 a.m.5141 views

CVE-2021-29921

CVE-2021-29921 affects the ipaddress module in Python, where leading zeros in IPv4 octets are mishandled, potentially bypassing IP-based access controls. The issue is addressed by Python 3.9.5 and later; many advisories (Debian, AlmaLinux, Alpine, etc.) reference updates or security trackers conf...

9.8CVSS9.3AI score0.06827EPSS
Exploits1References17Affected Software1
Debian CVE
Debian CVE
added 2021/05/06 12:0 a.m.265 views

CVE-2021-29921

In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This in some situations allows attackers to bypass access control that is based on IP addresses...

9.8CVSS8AI score0.06827EPSS
Exploits1
OSV
OSV
added 2021/05/06 12:0 a.m.48 views

PSF-2021-2 ipaddress leading zeros in IPv4 address

In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This in some situations allows attackers to bypass access control that is based on IP addresses...

9.8CVSS9.5AI score0.06827EPSS
Exploits1References1
Rows per page
Query Builder