MGASA-2021-0193

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2021-0193.html

Import Source

https://advisories.mageia.org/MGASA-2021-0193.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2021-0193

Related

CVE-2021-3426

Published

2021-04-18T18:34:40Z

Modified

2021-04-18T17:36:55Z

Summary

Updated python3 packages fix security vulnerability

Details

There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to access. The highest risk of this flaw is to data confidentiality (CVE-2021-3426).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:8 / python3

Package

Name: python3
Purl: pkg:rpm/mageia/python3?distro=mageia-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.8.9-1.mga8

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / python3

Package

Name: python3
Purl: pkg:rpm/mageia/python3?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.7.10-1.1.mga7

Ecosystem specific

{
    "section": "core"
}