[issue42988] [security] CVE-2021-3426: Information disclosure via pydoc -p: /getfile?key=path allows to read arbitrary file on the filesystem

STINNER Victor Wed, 10 Mar 2021 10:59:03 -0800


STINNER Victor <vstin...@python.org> added the comment:


I created https://python-security.readthedocs.io/vuln/pydoc-getfile.html to 
track this vulnerability. The is no CVE section yet since the CVE is currently 
only *RESERVED*.

----------

_______________________________________
Python tracker <rep...@bugs.python.org>
<https://bugs.python.org/issue42988>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue42988] [security] CVE-2021-3426: Information disclosure via pydoc -p: /getfile?key=path allows to read arbitrary file on the filesystem

Reply via email to