How severe is CVE-2024-4032?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2024-4032?

This is classified as CWE-697, which is a common weakness in software security.

CVE-2024-4032 - HIGH Severity | CVSS 7.5

Vulnerability Description

The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the is_private and is_global properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and ipaddress.IPv6Network classes, where values wouldn’t be returned in accordance with the latest information from the IANA Special-Purpose Address Registries. CPython 3.12.4 and 3.13.0a6 contain updated information from these registries and thus have the intended behavior.

Related Vulnerabilities

CVE-2005-2801

HIGH

CVSS:7.5(High)

xattr.c in the ext2 and ext3 file system code for Linux kernel 2.6 does not properly compare the name_index fields when sharing xattr blocks, which could prevent default ACLs from being applied.

CWE-6972005

CVE-2016-10003

HIGH

CVSS:7.5(High)

Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as b...

CWE-6972016

CVE-2020-15130

HIGH

CVSS:7.5(High)

In SLPJS (npm package slpjs) before version 0.27.4, there is a vulnerability to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or oppor...

CWE-6972020

CVE-2020-15131

HIGH

CVSS:7.5(High)

In SLP Validate (npm package slp-validate) before version 1.2.2, there is a vulnerability to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wa...

CWE-6972020

CVE-2020-22784

HIGH

CVSS:7.5(High)

In Etherpad UeberDB < 0.4.4, due to MySQL omitting trailing spaces on char / varchar columns during comparisons, retrieving database records using UeberDB's MySQL connector could allow bypassing acces...

CWE-6972020

CVE-2020-23478

HIGH

CVSS:7.5(High)

Leo Editor v6.2.1 was discovered to contain a regular expression denial of service (ReDoS) vulnerability in the component plugins/importers/dart.py.

CWE-6972020