AIX Open Source

 View Only
Expand all | Collapse all

Vulnerable to CVE-2024-4032 and CVE-2024-37891

  • 1.  Vulnerable to CVE-2024-4032 and CVE-2024-37891

    Posted Tue July 02, 2024 12:35 PM

    Hi Team, we have 2 new vulnerablities found

    CVE-2024-4032 (urllib3)
    CVE-2024-37891 (cPython)

    Wondering if there is something in the scope to resolve this? Please let me know

    Thanks in advance!



    ------------------------------
    Pablo Daniel Zuñiga TREJO
    ------------------------------


  • 2.  RE: Vulnerable to CVE-2024-4032 and CVE-2024-37891

    Posted Wed July 03, 2024 01:56 AM

    There is no new release of python which has the fix for CVE-2024-4032. 
    We will update urllib3 to 2.2.2 (CVE-2024-37891) in couple of weeks. 



    ------------------------------
    Ayappan P
    ------------------------------



  • 3.  RE: Vulnerable to CVE-2024-4032 and CVE-2024-37891

    Posted Wed July 03, 2024 10:41 AM

    Thank you for the quick response Ayappan!

    Sounds good, I will wait for new urllib3, thanks again.



    ------------------------------
    Pablo Daniel Zuñiga TREJO
    ------------------------------