Описание
In Python 3.8.4, sys.path restrictions specified in a python38._pth file are ignored, allowing code to be loaded from arbitrary locations. The ._pth file (e.g., the python._pth file) is not affected.
Ссылки
- Issue TrackingPatchVendor Advisory
- PatchVendor Advisory
- Third Party Advisory
- Issue TrackingPatchVendor Advisory
- PatchVendor Advisory
- Third Party Advisory
Уязвимые конфигурации
Одновременно
Одно из
EPSS
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
Связанные уязвимости
In Python 3.8.4, sys.path restrictions specified in a python38._pth file are ignored, allowing code to be loaded from arbitrary locations. The <executable-name>._pth file (e.g., the python._pth file) is not affected.
In Python 3.8.4, sys.path restrictions specified in a python38._pth file are ignored, allowing code to be loaded from arbitrary locations. The <executable-name>._pth file (e.g., the python._pth file) is not affected.
In Python 3.8.4, sys.path restrictions specified in a python38._pth fi ...
In Python 3.8.4, sys.path restrictions specified in a python38._pth file are ignored, allowing code to be loaded from arbitrary locations. The <executable-name>._pth file (e.g., the python._pth file) is not affected.
Уязвимость файла python38._pth интерпретатора языка программирования Python, связанная с игнорированием ограничений sys.path, указанных в файле python38._pth, позволяющая нарушителю выполнить произвольный код
EPSS
9.8 Critical
CVSS3
7.5 High
CVSS2