CVE-2022-21699

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-21699
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-21699.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-21699
Aliases
Downstream
Related
Published
2022-01-19T21:15:11Z
Modified
2025-10-20T20:00:24.612408Z
Severity
  • 8.2 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H CVSS Calculator
Summary
Execution with Unnecessary Privileges in ipython
Details

IPython (Interactive Python) is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language. Affected versions are subject to an arbitrary code execution vulnerability achieved by not properly managing cross user temporary files. This vulnerability allows one user to run code as another on the same machine. All users are advised to upgrade.

Database specific 
{
    "cwe_ids": [
        "CWE-250",
        "CWE-279"
    ]
}
References

Affected packages

Git / github.com/ipython/ipython

Affected ranges

Type
GIT
Repo
https://github.com/ipython/ipython
Events
Introduced
51ce9d73b29b9782d7f8a2f5d3d2af64a7ff37a0
Fixed
d43c7c79c1c8518f1917c3cd69e5384738ef0b37
Type
GIT
Repo
https://github.com/ipython/ipython
Events
Introduced
05c1664fbd31c526dcd543b0ce72f13a1fd6957a
Fixed
e321e760a4aefbe872e1703b24a19a28f87619c9
Type
GIT
Repo
https://github.com/ipython/ipython
Events
Introduced
b8d7dfa8d78108f3f01486d9fa67b6841acb8f74
Fixed
325262d1dfdaf65a95a2a94a8b70a7b8a8e119ce

Affected versions

6.*

6.0.0
6.1.0
6.2.0
6.3.0

7.*

7.0.0
7.0.0-doc
7.0.0b1
7.0.0rc1
7.0.1
7.1.0
7.1.1
7.10.0
7.10.1
7.11.0
7.11.1
7.12.0
7.13.0
7.14.0
7.15.0
7.16.0
7.16.1
7.16.2
7.17.0
7.18.0
7.18.1
7.19.0
7.2.0
7.20.0
7.21.0
7.22.0
7.23.0
7.23.1
7.24.0
7.24.1
7.25.0
7.26.0
7.27.0
7.28.0
7.29.0
7.3.0
7.30.0
7.30.1
7.31.0
7.4.0
7.5.0
7.6.0
7.6.1
7.7.0
7.8.0
7.9.0

8.*

8.0.0