Описание
In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local attacker to add user-writable directories to the system search path. To exploit, an administrator must have installed Python for all users and enabled PATH entries. A non-administrative user can trigger a repair that incorrectly adds user-writable paths into PATH, enabling search-path hijacking of other users and system services. This affects Python (CPython) through 3.7.12, 3.8.x through 3.8.12, 3.9.x through 3.9.10, and 3.10.x through 3.10.2.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | windows only |
| devel | not-affected | windows only |
| esm-apps/focal | not-affected | windows only |
| esm-apps/jammy | not-affected | windows only |
| esm-infra-legacy/trusty | not-affected | windows only |
| esm-infra/bionic | not-affected | windows only |
| esm-infra/xenial | not-affected | windows only |
| focal | not-affected | windows only |
| impish | not-affected | windows only |
| jammy | not-affected | windows only |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | not-affected | windows only |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| impish | not-affected | windows only |
| jammy | not-affected | windows only |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | not-affected | windows only |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | not-affected | windows only |
| esm-infra/focal | DNE | |
| focal | DNE | |
| impish | DNE | |
| jammy | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | not-affected | windows only |
| upstream | not-affected | windows only |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | not-affected | windows only |
| esm-infra/focal | DNE | |
| esm-infra/xenial | not-affected | windows only |
| focal | DNE | |
| impish | DNE | |
| jammy | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | not-affected | windows only |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | windows only |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | not-affected | windows only |
| esm-infra/focal | DNE | |
| focal | DNE | |
| impish | DNE | |
| jammy | DNE | |
| trusty | DNE | |
| trusty/esm | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | windows only |
| devel | DNE | |
| esm-apps/bionic | not-affected | windows only |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| impish | DNE | |
| jammy | DNE | |
| trusty | DNE | |
| trusty/esm | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | windows only |
| devel | DNE | |
| esm-apps/bionic | not-affected | windows only |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | not-affected | windows only |
| focal | not-affected | windows only |
| impish | DNE | |
| jammy | DNE | |
| trusty | DNE | |
| trusty/esm | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-apps/focal | not-affected | windows only |
| esm-infra-legacy/trusty | DNE | |
| focal | not-affected | windows only |
| impish | not-affected | windows only |
| jammy | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | not-affected | windows only |
Показывать по
Ссылки на источники
EPSS
4.4 Medium
CVSS2
7 High
CVSS3
Связанные уязвимости
In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local attacker to add user-writable directories to the system search path. To exploit, an administrator must have installed Python for all users and enabled PATH entries. A non-administrative user can trigger a repair that incorrectly adds user-writable paths into PATH, enabling search-path hijacking of other users and system services. This affects Python (CPython) through 3.7.12, 3.8.x through 3.8.12, 3.9.x through 3.9.10, and 3.10.x through 3.10.2.
In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local attacker to add user-writable directories to the system search path. To exploit, an administrator must have installed Python for all users and enabled PATH entries. A non-administrative user can trigger a repair that incorrectly adds user-writable paths into PATH, enabling search-path hijacking of other users and system services. This affects Python (CPython) through 3.7.12, 3.8.x through 3.8.12, 3.9.x through 3.9.10, and 3.10.x through 3.10.2.
In Python before 3.10.3 on Windows, local users can gain privileges be ...
In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local attacker to add user-writable directories to the system search path. To exploit, an administrator must have installed Python for all users and enabled PATH entries. A non-administrative user can trigger a repair that incorrectly adds user-writable paths into PATH, enabling search-path hijacking of other users and system services. This affects Python (CPython) through 3.7.12, 3.8.x through 3.8.12, 3.9.x through 3.9.10, and 3.10.x through 3.10.2.
Уязвимость интерпретатора языка программирования Python, связанная с использованием ненадёжного пути поиска, позволяющая нарушителю повысить свои привилегии
EPSS
4.4 Medium
CVSS2
7 High
CVSS3