There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to access. The highest risk of this flaw is to data confidentiality. This flaw affects Python versions before 3.8.9, Python versions before 3.9.3 and Python versions before 3.10.0a7.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2021-05-20T00:00:00
Updated: 2024-08-03T16:53:17.611Z
Reserved: 2021-03-09T00:00:00
Link: CVE-2021-3426
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-05-20T13:15:07.753
Modified: 2024-11-21T06:21:28.650
Link: CVE-2021-3426
Redhat