In Python prior to 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This (in some situations) allows malicious users to bypass access control that is based on IP addresses.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
python python |
||
oracle zfs storage appliance kit 8.8 |
||
oracle graalvm 20.3.2 |
||
oracle graalvm 21.1.0 |
||
oracle communications cloud native core automated test suite 1.8.0 |
||
oracle communications cloud native core network slice selection function 1.8.0 |
||
oracle communications cloud native core binding support function 1.11.0 |