Extended Lifecycle Support CVE dashboard by TuxСare

CVEs Releases Projects

CVE-2021-3426

Updated: 2022-06-21 11:27:40.069241

Description:

There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to access. The highest risk of this flaw is to data confidentiality. This flaw affects Python versions before 3.8.9, Python versions before 3.9.3 and Python versions before 3.10.0a7.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x LOW 2.7
CVSS Version 3.x MEDIUM 5.7

Status

OS name Project name Version Status Errata Last updated
CentOS 6 ELS python 2.6.6 Not vulnerable 2022-03-01 11:49:16.539173
CentOS 8.4 ELS python2 2.7.18 Not vulnerable 2022-05-27 05:39:25.500216
CentOS 8.4 ELS python3 3.6.8 Released CLSA-2022:1653920195 2022-05-30 11:38:34.851699
CentOS 8.5 ELS python2 2.7.18 Not vulnerable 2022-05-27 05:39:25.454816
CentOS 8.5 ELS python3 3.6.8 Not vulnerable 2022-05-26 04:47:02.739155
CloudLinux 6 ELS python 2.6.6 Not vulnerable 2022-03-01 11:49:16.569394
Oracle Linux 6 ELS python 2.6.6 Not vulnerable 2022-03-01 11:49:16.582911
Ubuntu 16.04 ELS python3 3.5.2-2ubuntu0~16.04.13 Released CLSA-2021:1638804072 2022-02-07 12:01:38.735152
Ubuntu 16.04 ELS python 2.7.12-1ubuntu0~16.04.13 Not vulnerable 2022-03-01 11:49:16.594051