Mageia 8: MGASA-2021-0193 High Risk: Python3 Pydoc Data Exposure
mageia
April 18, 2021
There's a flaw in Python 3's pydoc
Summary
There's a flaw in Python 3's pydoc. A local or adjacent attacker who discoversor is able to convince another local or adjacent user to start a pydoc server
could access the server and use it to disclose sensitive information belonging
to the other user that they would not normally be able to access. The highest
risk of this flaw is to data confidentiality (CVE-2021-3426).
References
- https://bugs.mageia.org/show_bug.cgi?id=28729
- https://bugs.python.org/issue42988
- https://bugzilla.redhat.com/show_bug.cgi?id=1935913
- https://www.cve.org/CVERecord?id=CVE-2021-3426
Resolution
SRPMS
- 8/core/python3-3.8.9-1.mga8
- 7/core/python3-3.7.10-1.1.mga7
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Publication date: 18 Apr 2021
URL: https://advisories.mageia.org/MGASA-2021-0193.html
Type: security
CVE: CVE-2021-3426
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!