Search for vulnerabilities
Vulnerability details: VCID-dg6w-9abx-aaap
Vulnerability ID VCID-dg6w-9abx-aaap
Aliases CVE-2024-4032
Summary The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the is_private and is_global properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and ipaddress.IPv6Network classes, where values wouldn’t be returned in accordance with the latest information from the IANA Special-Purpose Address Registries. CPython 3.12.4 and 3.13.0a6 contain updated information from these registries and thus have the intended behavior.
Status Published
Exploitability 0.5
Weighted Severity 3.3
Risk 1.6
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-440 Expected Behavior Violation
System Score Found at
cvssv3 3.7 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4032.json
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00317 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00404 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00404 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00404 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00404 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00413 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00448 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00448 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00448 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00448 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00448 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00448 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00448 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00448 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00448 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00448 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00526 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
epss 0.00832 https://api.first.org/data/v1/epss?cve=CVE-2024-4032
cvssv3.1 3.7 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4032.json
https://api.first.org/data/v1/epss?cve=CVE-2024-4032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4032
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://github.com/python/cpython/commit/22adf29da8d99933ffed8647d3e0726edd16f7f8
https://github.com/python/cpython/commit/40d75c2b7f5c67e254d0a025e0f2e2c7ada7f69f
https://github.com/python/cpython/commit/895f7e2ac23eff4743143beef0f0c5ac71ea27d3
https://github.com/python/cpython/commit/ba431579efdcbaed7a96f2ac4ea0775879a332fb
https://github.com/python/cpython/commit/c62c9e518b784fe44432a3f4fc265fb95b651906
https://github.com/python/cpython/commit/f86b17ac511e68192ba71f27e752321a3252cee3
https://github.com/python/cpython/issues/113171
https://github.com/python/cpython/pull/113179
https://mail.python.org/archives/list/security-announce@python.org/thread/NRUHDUS2IV2USIZM2CVMSFL6SCKU3RZA/
https://security.netapp.com/advisory/ntap-20240726-0004/
https://www.iana.org/assignments/iana-ipv4-special-registry/iana-ipv4-special-registry.xhtml
https://www.iana.org/assignments/iana-ipv6-special-registry/iana-ipv6-special-registry.xhtml
http://www.openwall.com/lists/oss-security/2024/06/17/3
2292921 https://bugzilla.redhat.com/show_bug.cgi?id=2292921
CVE-2024-4032 https://nvd.nist.gov/vuln/detail/CVE-2024-4032
RHSA-2024:4766 https://access.redhat.com/errata/RHSA-2024:4766
RHSA-2024:4779 https://access.redhat.com/errata/RHSA-2024:4779
RHSA-2024:5962 https://access.redhat.com/errata/RHSA-2024:5962
RHSA-2024:6030 https://access.redhat.com/errata/RHSA-2024:6030
RHSA-2024:6961 https://access.redhat.com/errata/RHSA-2024:6961
RHSA-2024:6962 https://access.redhat.com/errata/RHSA-2024:6962
RHSA-2024:6975 https://access.redhat.com/errata/RHSA-2024:6975
RHSA-2024:7417 https://access.redhat.com/errata/RHSA-2024:7417
RHSA-2024:9190 https://access.redhat.com/errata/RHSA-2024:9190
USN-6928-1 https://usn.ubuntu.com/6928-1/
USN-6941-1 https://usn.ubuntu.com/6941-1/
USN-7348-1 https://usn.ubuntu.com/7348-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4032.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.18115
EPSS Score 0.00046
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
2024-06-17T20:19:43.314434+00:00 SUSE Severity Score Importer Import https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml 34.0.0rc4