CVE-2024-3220

Name of the Vulnerable Software and Affected Versions CPython versions up to 3.13.x

Description The issue arises from the CPython standard library module "mimetypes" using default locations from Linux and macOS platforms on Windows, where these locations are user-writable. This allows other users to create invalid files, potentially causing a MemoryError when the Python runtime starts or leading to incorrect file type interpretations.

Recommendations To work around this issue, call mimetypes.init() with an empty list ([]) on Windows platforms to avoid using the default list of known file locations.