In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This (in some situations) allows attackers to bypass access control that is based on IP addresses.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-05-06T00:00:00

Updated: 2024-08-03T22:18:03.310Z

Reserved: 2021-04-01T00:00:00

Link: CVE-2021-29921

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-05-06T13:15:12.573

Modified: 2024-11-21T06:01:59.150

Link: CVE-2021-29921

cve-icon Redhat

Severity : Moderate

Publid Date: 2021-04-30T00:00:00Z

Links: CVE-2021-29921 - Bugzilla