PT-2023-9235 · Python+12 · Cpython+12

Seth Larson

·

Published

2023-12-15

·

Updated

2026-05-05

·

CVE-2024-4032

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions CPython versions prior to 3.12.4 CPython versions prior to 3.13.0a6
Description The issue is related to the "ipaddress" module, which contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as "globally reachable" or "private". This affected the is private and is global properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and ipaddress.IPv6Network classes, where values wouldn’t be returned in accordance with the latest information from the IANA Special-Purpose Address Registries.
Recommendations For versions prior to 3.12.4, update to CPython 3.12.4 or later to resolve the issue. For versions prior to 3.13.0a6, update to CPython 3.13.0a6 or later to resolve the issue.

Fix

DoS

RCE

Weakness Enumeration

CWE-20CWE-697

Related Identifiers

ALSA-2024:4766
ALSA-2024:4779
ALSA-2024:5962
ALSA-2024:6961
ALSA-2024:6962
ALSA-2024:6975
ALSA-2024:9190
ALT-PU-2024-12993
ALT-PU-2024-14497
AZL-42772
AZL-42811
BDU:2024-05196
BIT-LIBPYTHON-2024-4032
BIT-PYTHON-2024-4032
BIT-PYTHON-MIN-2024-4032
CESA-2024_5962
CESA-2024_6961
CESA-2024_6962
CESA-2024_6975
CVE-2024-4032
DLA-3980-1
DSA-5759-1
INFSA-2024_4766
INFSA-2024_4779
INFSA-2024_5962
INFSA-2024_6961
INFSA-2024_6962
INFSA-2024_6975
INFSA-2024_9190
MGASA-2024-0317
OESA-2024-1940
OPENSUSE-SU-2024:14078-1
OPENSUSE-SU-2024:14079-1
OPENSUSE-SU-2024:14082-1
OPENSUSE-SU-2024:14083-1
OPENSUSE-SU-2024:14295-1
OPENSUSE-SU-2024:14326-1
OPENSUSE-SU-2024:14434-1
OPENSUSE-SU-2024_2254-1
OPENSUSE-SU-2024_2280-1
OPENSUSE-SU-2024_2572-1
OPENSUSE-SU-2024_2982-1
OPENSUSE-SU-2025:15713-1
PSF-2024-5
RHSA-2024:4766
RHSA-2024:4779
RHSA-2024:5962
RHSA-2024:6030
RHSA-2024:6961
RHSA-2024:6962
RHSA-2024:6975
RHSA-2024:7417
RHSA-2024:9190
RHSA-2024_4766
RHSA-2024_4779
RHSA-2024_5962
RHSA-2024_6961
RHSA-2024_6962
RHSA-2024_6975
RHSA-2024_9190
RLSA-2024:6961
RLSA-2024:6962
RLSA-2024:6975
RLSA-2024:9190
SUSE-SU-2024:2249-1
SUSE-SU-2024:2254-1
SUSE-SU-2024:2274-1
SUSE-SU-2024:2280-1
SUSE-SU-2024:2414-1
SUSE-SU-2024:2479-1
SUSE-SU-2024:2572-1
SUSE-SU-2024:2959-1
SUSE-SU-2024:2982-1
SUSE-SU-2024:4020-1
SUSE-SU-2024:4021-1
SUSE-SU-2024:4029-1
SUSE-SU-2024_2414-1
SUSE-SU-2024_2959-1
SUSE-SU-2025:02089-1
SUSE-SU-2025:20025-1
SUSE-SU-2025:20154-1
SUSE-SU-2025:20374-1
SUSE-SU-2025_02089-1
USN-6928-1
USN-6941-1
USN-7348-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Cpython
Centos
Debian
Ibm Aix
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu