CVE-2021-29921

Name of the Vulnerable Software and Affected Versions Python versions prior to 3.9.5 Python versions 3.8.0 through 3.10

Description The issue is related to the ipaddress library in Python, which mishandles leading zero characters in the octets of an IP address string. This can allow attackers to bypass access control based on IP addresses, potentially leading to unauthorized access to confidential data, disruption of data integrity, and denial of service. The vulnerability can be exploited by remote attackers and may result in indeterminate SSRF and RFI vulnerabilities.

Recommendations For Python versions prior to 3.9.5, update to version 3.9.5 or later to resolve the issue. For Python versions 3.8.0 through 3.10, update to a version outside of this range to mitigate the risk. As a temporary workaround, consider restricting the use of the ipaddress library until a patch is available. Avoid using the ipaddress library for access control decisions based on IP addresses until the issue is resolved. At the moment, there is no information about additional mitigation measures.