VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-mjvp-khak-aaad

Essentials
Severities (117)
References (38)
Severity details (24)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-mjvp-khak-aaad
Aliases	CVE-2024-6923
Summary	There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized.
Status	Published
Exploitability	0.5
Weighted Severity	6.1
Risk	3.0
Affected and Fixed Packages	Package Details

Weaknesses (0)

There are no known CWE.

System	Score	Found at
cvssv3	6.8	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6923.json
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00051	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00051	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00051	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00051	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00051	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00056	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00056	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00056	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00056	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00056	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00056	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00056	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00056	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00056	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00056	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00056	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00056	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00063	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00063	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00063	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00063	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00063	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00063	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00063	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00063	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00063	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00063	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.0007	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.0007	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.0007	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.0007	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.0007	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.0007	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.0007	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.0007	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.0007	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.0007	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.0007	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.0007	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.0007	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.0007	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.0007	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.0007	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.0007	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00082	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00082	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00082	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00089	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00089	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00089	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00089	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00089	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00089	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00089	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00089	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00089	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00089	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00089	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00089	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00089	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00089	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00089	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00089	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00089	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00089	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00097	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00097	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
epss	0.00182	https://api.first.org/data/v1/epss?cve=CVE-2024-6923
cvssv3.1	7.5	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	5.5	https://github.com/python/cpython/commit/06f28dc236708f72871c64d4bc4b4ea144c50147
ssvc	Track*	https://github.com/python/cpython/commit/06f28dc236708f72871c64d4bc4b4ea144c50147
cvssv3.1	5.5	https://github.com/python/cpython/commit/097633981879b3c9de9a1dd120d3aa585ecc2384
ssvc	Track*	https://github.com/python/cpython/commit/097633981879b3c9de9a1dd120d3aa585ecc2384
cvssv3.1	5.5	https://github.com/python/cpython/commit/4766d1200fdf8b6728137aa2927a297e224d5fa7
ssvc	Track*	https://github.com/python/cpython/commit/4766d1200fdf8b6728137aa2927a297e224d5fa7
cvssv3.1	5.5	https://github.com/python/cpython/commit/4aaa4259b5a6e664b7316a4d60bdec7ee0f124d0
ssvc	Track*	https://github.com/python/cpython/commit/4aaa4259b5a6e664b7316a4d60bdec7ee0f124d0
cvssv3.1	5.5	https://github.com/python/cpython/commit/b158a76ce094897c870fb6b3de62887b7ccc33f1
ssvc	Track*	https://github.com/python/cpython/commit/b158a76ce094897c870fb6b3de62887b7ccc33f1
cvssv3.1	5.5	https://github.com/python/cpython/commit/f7be505d137a22528cb0fc004422c0081d5d90e6
ssvc	Track*	https://github.com/python/cpython/commit/f7be505d137a22528cb0fc004422c0081d5d90e6
cvssv3.1	5.5	https://github.com/python/cpython/commit/f7c0f09e69e950cf3c5ada9dbde93898eb975533
ssvc	Track*	https://github.com/python/cpython/commit/f7c0f09e69e950cf3c5ada9dbde93898eb975533
cvssv3.1	5.5	https://github.com/python/cpython/issues/121650
ssvc	Track*	https://github.com/python/cpython/issues/121650
cvssv3.1	5.5	https://github.com/python/cpython/pull/122233
cvssv3.1	5.5	https://github.com/python/cpython/pull/122233
ssvc	Track*	https://github.com/python/cpython/pull/122233
ssvc	Track*	https://github.com/python/cpython/pull/122233
cvssv3.1	5.5	https://mail.python.org/archives/list/security-announce@python.org/thread/QH3BUOE2DYQBWP7NAQ7UNHPPOELKISRW/
ssvc	Track*	https://mail.python.org/archives/list/security-announce@python.org/thread/QH3BUOE2DYQBWP7NAQ7UNHPPOELKISRW/

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6923.json
		https://api.first.org/data/v1/epss?cve=CVE-2024-6923
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6923
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://github.com/python/cpython/commit/06f28dc236708f72871c64d4bc4b4ea144c50147
		https://github.com/python/cpython/commit/4766d1200fdf8b6728137aa2927a297e224d5fa7
		https://github.com/python/cpython/commit/4aaa4259b5a6e664b7316a4d60bdec7ee0f124d0
		https://github.com/python/cpython/commit/b158a76ce094897c870fb6b3de62887b7ccc33f1
		https://github.com/python/cpython/commit/f7be505d137a22528cb0fc004422c0081d5d90e6
		https://github.com/python/cpython/commit/f7c0f09e69e950cf3c5ada9dbde93898eb975533
		https://github.com/python/cpython/issues/121650
		https://github.com/python/cpython/pull/122233
		https://lists.debian.org/debian-lts-announce/2025/01/msg00005.html
		https://mail.python.org/archives/list/security-announce@python.org/thread/QH3BUOE2DYQBWP7NAQ7UNHPPOELKISRW/
		https://security.netapp.com/advisory/ntap-20240926-0003/
		http://www.openwall.com/lists/oss-security/2024/08/01/3
		http://www.openwall.com/lists/oss-security/2024/08/02/2
097633981879b3c9de9a1dd120d3aa585ecc2384		https://github.com/python/cpython/commit/097633981879b3c9de9a1dd120d3aa585ecc2384
2302255		https://bugzilla.redhat.com/show_bug.cgi?id=2302255
CVE-2024-6923		https://nvd.nist.gov/vuln/detail/CVE-2024-6923
RHSA-2024:10135		https://access.redhat.com/errata/RHSA-2024:10135
RHSA-2024:11109		https://access.redhat.com/errata/RHSA-2024:11109
RHSA-2024:5962		https://access.redhat.com/errata/RHSA-2024:5962
RHSA-2024:6146		https://access.redhat.com/errata/RHSA-2024:6146
RHSA-2024:6163		https://access.redhat.com/errata/RHSA-2024:6163
RHSA-2024:6179		https://access.redhat.com/errata/RHSA-2024:6179
RHSA-2024:6909		https://access.redhat.com/errata/RHSA-2024:6909
RHSA-2024:6915		https://access.redhat.com/errata/RHSA-2024:6915
RHSA-2024:6961		https://access.redhat.com/errata/RHSA-2024:6961
RHSA-2024:6962		https://access.redhat.com/errata/RHSA-2024:6962
RHSA-2024:6975		https://access.redhat.com/errata/RHSA-2024:6975
RHSA-2024:7137		https://access.redhat.com/errata/RHSA-2024:7137
RHSA-2024:7213		https://access.redhat.com/errata/RHSA-2024:7213
RHSA-2024:7374		https://access.redhat.com/errata/RHSA-2024:7374
RHSA-2024:7415		https://access.redhat.com/errata/RHSA-2024:7415
RHSA-2024:8103		https://access.redhat.com/errata/RHSA-2024:8103
USN-7015-1		https://usn.ubuntu.com/7015-1/
USN-7015-5		https://usn.ubuntu.com/7015-5/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6923.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L Found at https://github.com/python/cpython/commit/06f28dc236708f72871c64d4bc4b4ea144c50147

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-01T18:15:02Z/ Found at https://github.com/python/cpython/commit/06f28dc236708f72871c64d4bc4b4ea144c50147

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L Found at https://github.com/python/cpython/commit/097633981879b3c9de9a1dd120d3aa585ecc2384

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-01T18:15:02Z/ Found at https://github.com/python/cpython/commit/097633981879b3c9de9a1dd120d3aa585ecc2384

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L Found at https://github.com/python/cpython/commit/4766d1200fdf8b6728137aa2927a297e224d5fa7

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-01T18:15:02Z/ Found at https://github.com/python/cpython/commit/4766d1200fdf8b6728137aa2927a297e224d5fa7

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L Found at https://github.com/python/cpython/commit/4aaa4259b5a6e664b7316a4d60bdec7ee0f124d0

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-01T18:15:02Z/ Found at https://github.com/python/cpython/commit/4aaa4259b5a6e664b7316a4d60bdec7ee0f124d0

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L Found at https://github.com/python/cpython/commit/b158a76ce094897c870fb6b3de62887b7ccc33f1

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-01T18:15:02Z/ Found at https://github.com/python/cpython/commit/b158a76ce094897c870fb6b3de62887b7ccc33f1

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L Found at https://github.com/python/cpython/commit/f7be505d137a22528cb0fc004422c0081d5d90e6

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-01T18:15:02Z/ Found at https://github.com/python/cpython/commit/f7be505d137a22528cb0fc004422c0081d5d90e6

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L Found at https://github.com/python/cpython/commit/f7c0f09e69e950cf3c5ada9dbde93898eb975533

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-01T18:15:02Z/ Found at https://github.com/python/cpython/commit/f7c0f09e69e950cf3c5ada9dbde93898eb975533

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L Found at https://github.com/python/cpython/issues/121650

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-01T18:15:02Z/ Found at https://github.com/python/cpython/issues/121650

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L Found at https://github.com/python/cpython/pull/122233

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L Found at https://github.com/python/cpython/pull/122233

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-01T18:15:02Z/ Found at https://github.com/python/cpython/pull/122233

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L Found at https://mail.python.org/archives/list/security-announce@python.org/thread/QH3BUOE2DYQBWP7NAQ7UNHPPOELKISRW/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-01T18:15:02Z/ Found at https://mail.python.org/archives/list/security-announce@python.org/thread/QH3BUOE2DYQBWP7NAQ7UNHPPOELKISRW/

Exploit Prediction Scoring System (EPSS)

Percentile	0.14083
EPSS Score	0.00044
Published At	Nov. 1, 2024, midnight

Date	Actor	Action	Source	VulnerableCode Version
2024-08-02T12:11:32.000608+00:00	NVD Importer	Import	https://nvd.nist.gov/vuln/detail/CVE-2024-6923	34.0.0rc4