Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2021-4189HistoryAug 24, 2022 - 4:15 p.m.
CVE-2021-4189
2022-08-2416:15:00
Debian Security Bug Tracker
security-tracker.debian.org
21
0.002 Low
EPSS
Percentile
55.4%
A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connecting back to a given IP address and port. This vulnerability could lead to FTP client scanning ports, which otherwise would not have been possible.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | pypy3 | < 7.3.8+dfsg-1 | pypy3_7.3.8+dfsg-1_all.deb |
| Debian | 11 | all | pypy3 | <= 7.3.5+dfsg-2+deb11u2 | pypy3_7.3.5+dfsg-2+deb11u2_all.deb |
| Debian | 10 | all | pypy3 | <= 7.0.0+dfsg-3 | pypy3_7.0.0+dfsg-3_all.deb |
| Debian | 999 | all | pypy3 | < 7.3.8+dfsg-1 | pypy3_7.3.8+dfsg-1_all.deb |
| Debian | 13 | all | pypy3 | < 7.3.8+dfsg-1 | pypy3_7.3.8+dfsg-1_all.deb |
| Debian | 11 | all | python2.7 | <= 2.7.18-8+deb11u1 | python2.7_2.7.18-8+deb11u1_all.deb |
| Debian | 10 | all | python2.7 | < 2.7.16-2+deb10u2 | python2.7_2.7.16-2+deb10u2_all.deb |
| Debian | 10 | all | python3.7 | < 3.7.3-2+deb10u5 | python3.7_3.7.3-2+deb10u5_all.deb |
| Debian | 11 | all | python3.9 | <= 3.9.2-1 | python3.9_3.9.2-1_all.deb |
Related
cvelist
cvelist
CVE-2021-4189
2022-08-24 00:00:00
openvas
openvas
prion
prion
Default credentials
2022-08-24 16:15:00
osv
osv
CVE-2021-4189
2022-08-24 16:15:09
BIT-python-2021-4189
2024-03-06 11:05:50
python2.7 vulnerabilities
2022-08-24 08:56:59
ibm
ibm
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a possible sensitive information exposure in Python (CVE-2021-4189).
2023-01-12 21:59:00
ubuntucve
ubuntucve
CVE-2021-4189
2021-12-31 00:00:00
nessus
nessus
EulerOS 2.0 SP5 : python (EulerOS-SA-2022-1911)
2022-06-17 00:00:00
EulerOS Virtualization 3.0.6.0 : python3 (EulerOS-SA-2022-2586)
2022-10-10 00:00:00
EulerOS 2.0 SP10 : python3 (EulerOS-SA-2022-1650)
2022-05-06 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-01-05 04:25:08
redhatcve
redhatcve
CVE-2021-4189
2021-12-29 14:01:02
cve
cve
CVE-2021-4189
2022-08-24 16:15:00
oraclelinux
oraclelinux
python3 security update
2022-05-17 00:00:00
python27:2.7 security update
2022-05-17 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: python2.7-2.7.18-20.fc34
2022-02-24 23:27:18
[SECURITY] Fedora 35 Update: python2.7-2.7.18-20.fc35
2022-02-24 23:09:24
redos
redos
ROS-20220407-03
2022-04-07 00:00:00
ubuntu
ubuntu
Python vulnerabilities
2022-08-24 00:00:00
Python vulnerability
2022-05-23 00:00:00
redhat
redhat
(RHSA-2022:1986) Moderate: python3 security update
2022-05-10 08:11:33
(RHSA-2022:1663) Moderate: python27-python and python27-python-pip security update
2022-05-02 07:48:36
(RHSA-2022:1821) Moderate: python27:2.7 security update
2022-05-10 08:02:50
almalinux
almalinux
Moderate: python3 security update
2022-05-10 08:11:33
Moderate: python27:2.7 security update
2022-05-10 08:02:50
mageia
mageia
Updated python packages fix security vulnerability
2022-10-13 23:05:19
photon
photon
Important Photon OS Security Update - PHSA-2022-3.0-0463
2022-10-05 00:00:00
Important Photon OS Security Update - PHSA-2022-0516
2022-09-15 00:00:00
cloudfoundry
cloudfoundry
USN-5342-1: Python vulnerabilities | Cloud Foundry
2022-05-23 00:00:00
rocky
rocky
python27:2.7 security update
2022-05-10 08:02:50
amazon
amazon
Medium: python27
2022-05-31 23:47:00
Medium: python
2022-05-31 23:50:00
hp
hp
HP ThinPro 8.0 SP 8 Security Updates
2024-03-01 00:00:00
ics
ics
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00
avleonov
avleonov