There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to access. The highest risk of this flaw is to data confidentiality. This flaw affects Python versions before 3.8.9, Python versions before 3.9.3 and Python versions before 3.10.0a7.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
History
07 Nov 2023, 03:38
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
30 Jun 2023, 23:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
25 Oct 2022, 20:56
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-22 |
01 Mar 2022, 15:29
Type | Values Removed | Values Added |
---|---|---|
First Time |
Oracle
Netapp Netapp ontap Select Deploy Administration Utility Oracle zfs Storage Appliance Kit Oracle communications Cloud Native Core Binding Support Function Netapp snapcenter Netapp cloud Backup |
|
CPE | cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.10.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:* cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:* |
|
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20210629-0003/ - Third Party Advisory | |
References | (MISC) https://www.oracle.com/security-alerts/cpuoct2021.html - Patch, Third Party Advisory | |
References | (MISC) https://www.oracle.com/security-alerts/cpujan2022.html - Patch, Third Party Advisory |
07 Feb 2022, 16:16
Type | Values Removed | Values Added |
---|---|---|
References |
|
20 Oct 2021, 11:17
Type | Values Removed | Values Added |
---|---|---|
References |
|
27 May 2021, 20:36
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 2.7
v3 : 5.7 |
CPE | cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:a:python:python:*:*:*:*:*:*:*:* cpe:2.3:a:python:python:3.10.0:alpha6:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:a:redhat:software_collections:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:* cpe:2.3:a:python:python:3.10.0:alpha4:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:* cpe:2.3:a:python:python:3.10.0:alpha1:*:*:*:*:*:* cpe:2.3:a:python:python:3.10.0:alpha2:*:*:*:*:*:* cpe:2.3:a:python:python:3.10.0:alpha3:*:*:*:*:*:* cpe:2.3:a:python:python:3.10.0:alpha5:*:*:*:*:*:* |
|
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/25HVHLBGO2KNPXJ3G426QEYSSCECJDU5/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B/ - Mailing List, Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html - Mailing List, Third Party Advisory | |
References | (GENTOO) https://security.gentoo.org/glsa/202104-04 - Third Party Advisory | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1935913 - Issue Tracking, Patch, Third Party Advisory |
20 May 2021, 14:29
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-200 |
20 May 2021, 13:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-05-20 13:15
Updated : 2023-12-10 13:55
NVD link : CVE-2021-3426
Mitre link : CVE-2021-3426
CVE.ORG link : CVE-2021-3426
JSON object : View
Products Affected
redhat
- software_collections
- enterprise_linux
oracle
- zfs_storage_appliance_kit
- communications_cloud_native_core_binding_support_function
netapp
- snapcenter
- ontap_select_deploy_administration_utility
- cloud_backup
python
- python
debian
- debian_linux
fedoraproject
- fedora