Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2021-3426

Опубликовано: 20 мая 2021
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 2.7
CVSS3: 5.7

Описание

There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to access. The highest risk of this flaw is to data confidentiality. This flaw affects Python versions before 3.8.9, Python versions before 3.9.3 and Python versions before 3.10.0a7.

РелизСтатусПримечание
bionic

not-affected

code not present
devel

DNE

esm-apps/focal

not-affected

code not present
esm-apps/jammy

not-affected

code not present
esm-infra-legacy/trusty

not-affected

code not present
esm-infra/bionic

not-affected

code not present
esm-infra/xenial

not-affected

code not present
focal

not-affected

code not present
groovy

not-affected

code not present
hirsute

not-affected

code not present

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

not-affected

3.10.0~a7-3
impish

not-affected

3.10.0~rc2-1build1
jammy

not-affected

3.10.0~rc2-1build1
kinetic

not-affected

3.10.0~rc2-1build1

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

not-affected

3.4.3-1ubuntu1~14.04.7+esm12
esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

jammy

DNE

kinetic

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

not-affected

3.5.2-2ubuntu0~16.04.4~14.04.1+esm1
esm-infra/focal

DNE

esm-infra/xenial

released

3.5.2-2ubuntu0~16.04.13+esm2
focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

jammy

DNE

Показывать по

РелизСтатусПримечание
bionic

released

3.6.9-1~18.04ubuntu1.7
devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

3.6.9-1~18.04ubuntu1.7
esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

jammy

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needed
devel

DNE

esm-apps/bionic

released

3.7.5-2ubuntu1~18.04.2+esm1
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

jammy

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

DNE

esm-apps/bionic

released

3.8.0-3ubuntu1~18.04.2+esm2
esm-infra-legacy/trusty

DNE

esm-infra/focal

not-affected

code not present
focal

not-affected

code not present
groovy

ignored

end of life
hirsute

DNE

impish

DNE

jammy

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-apps/focal

released

3.9.5-3~20.04.1
esm-infra-legacy/trusty

DNE

focal

released

3.9.5-3~20.04.1
groovy

released

3.9.5-3~20.10.1
hirsute

released

3.9.5-3~21.04
impish

released

3.9.5-2ubuntu1
jammy

DNE

kinetic

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 29%
0.00104
Низкий

2.7 Low

CVSS2

5.7 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2021-3426

CVSS3: 5.7
redhat
больше 4 лет назад

There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to access. The highest risk of this flaw is to data confidentiality. This flaw affects Python versions before 3.8.9, Python versions before 3.9.3 and Python versions before 3.10.0a7.

nvd логотип

CVE-2021-3426

CVSS3: 5.7
nvd
около 4 лет назад

There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to access. The highest risk of this flaw is to data confidentiality. This flaw affects Python versions before 3.8.9, Python versions before 3.9.3 and Python versions before 3.10.0a7.

debian логотип

CVE-2021-3426

CVSS3: 5.7
debian
около 4 лет назад

There's a flaw in Python 3's pydoc. A local or adjacent attacker who d ...

suse-cvrf логотип

SUSE-SU-2021:1557-1

suse-cvrf
около 4 лет назад

Security update for python3

suse-cvrf логотип

SUSE-SU-2021:1490-1

suse-cvrf
около 4 лет назад

Security update for python36

EPSS

Процентиль: 29%
0.00104
Низкий

2.7 Low

CVSS2

5.7 Medium

CVSS3

Уязвимость CVE-2021-3426