Multiple vulnerabilities found in Python and must be updated within 4 weeks as per CVE‑2024‑4032, CVE‑2024‑28757, CVE‑2024‑4030 . For AIX ,we do not have the latest version for Python,when can we expect an update?
Description
Multiple vulnerabilities have been reported in Python, which can be exploited by malicious, local users to local users and by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).
|
1
|
An error when creating a directory using "tempfile.mkdtemp()" can be exploited to gain otherwise restricted read and write access to the temporary directory.
|
Note: The vulenrabiltiy #1 affects the Windows platform only.
|
2
|
An error in the ipaddress module when designating IPv4 and IPv6 addresses as globally reachable or private can be exploited to bypass certain security restrictions.
|
The vulnerabilities are reported in versions prior to 3.12.4.
Affected Software
The following software is affected by the described vulnerability. Please check the vendor links below to see if exactly your version is affected.
Solution
Update to version 3.12.4.
Thankyou
------------------------------
Prachi Chauhan
------------------------------