CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS
Percentile
29.4%
IPython (Interactive Python) is a command shell for interactive computing
in multiple programming languages, originally developed for the Python
programming language. Affected versions are subject to an arbitrary code
execution vulnerability achieved by not properly managing cross user
temporary files. This vulnerability allows one user to run code as another
on the same machine. All users are advised to upgrade.
github.com/ipython/ipython/commit/46a51ed69cdf41b4333943d9ceeb945c4ede5668
github.com/ipython/ipython/security/advisories/GHSA-pq7m-3gw7-gq5x
ipython.readthedocs.io/en/stable/whatsnew/version8.html#ipython-8-0-1-cve-2022-21699
launchpad.net/bugs/cve/CVE-2022-21699
nvd.nist.gov/vuln/detail/CVE-2022-21699
security-tracker.debian.org/tracker/CVE-2022-21699
ubuntu.com/security/notices/USN-5953-1
www.cve.org/CVERecord?id=CVE-2022-21699
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS
Percentile
29.4%