A security issue was found in Python. Running "pydoc -p" allows any user to read arbitrary files on the filesystem by accessing "/getfile?key=path" over HTTP.
A security issue was found in Python. Running "pydoc -p" allows any user to read arbitrary files on the filesystem by accessing "/getfile?key=path" over HTTP.
https://python-security.readthedocs.io/vuln/pydoc-getfile.html https://bugs.python.org/issue42988 https://github.com/python/cpython/pull/24285 https://github.com/python/cpython/pull/24337