In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This (in some situations) allows attackers to bypass access control that is based on IP addresses.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-05-06T00:00:00
Updated: 2024-08-03T22:18:03.310Z
Reserved: 2021-04-01T00:00:00
Link: CVE-2021-29921
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-05-06T13:15:12.573
Modified: 2024-11-21T06:01:59.150
Link: CVE-2021-29921
Redhat