ALT-PU-2022-4038-1
Package ipython3 updated to version 8.0.1-alt1 for branch sisyphus_mipsel.
Closed vulnerabilities
Published: 2022-01-21
BDU:2022-05761
Уязвимость команды shell командной оболочки для интерактивных вычислений IPython, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Severity: HIGH (8.8)
Vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
References:
Published: 2022-01-20
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2022-21699
IPython (Interactive Python) is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language. Affected versions are subject to an arbitrary code execution vulnerability achieved by not properly managing cross user temporary files. This vulnerability allows one user to run code as another on the same machine. All users are advised to upgrade.
Severity: HIGH (8.8)
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
References:
- https://github.com/ipython/ipython/commit/46a51ed69cdf41b4333943d9ceeb945c4ede5668
- https://github.com/ipython/ipython/commit/46a51ed69cdf41b4333943d9ceeb945c4ede5668
- https://github.com/ipython/ipython/security/advisories/GHSA-pq7m-3gw7-gq5x
- https://github.com/ipython/ipython/security/advisories/GHSA-pq7m-3gw7-gq5x
- https://ipython.readthedocs.io/en/stable/whatsnew/version8.html#ipython-8-0-1-cve-2022-21699
- https://ipython.readthedocs.io/en/stable/whatsnew/version8.html#ipython-8-0-1-cve-2022-21699
- [debian-lts-announce] 20220124 [SECURITY] [DLA 2896-1] ipython security update
- [debian-lts-announce] 20220124 [SECURITY] [DLA 2896-1] ipython security update
- FEDORA-2022-b58d156ab0
- FEDORA-2022-b58d156ab0
- FEDORA-2022-b9e38f8a56
- FEDORA-2022-b9e38f8a56