CVE-2021-3177

Description from NVD

Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.

Information Acquisition Date:2021-04-27T11:05Z
CVSS 2.0: 7.5 HIGH CVSS 3.x: 9.8 CRITICAL

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

▼ CVSS2 Vec AV:N/AC:L/Au:N/C:P/I:P/A:P

NVD References

 https://bugs.python.org/issue42938
     source:MISC
     tags:Exploit    Issue Tracking    Patch    Vendor Advisory    
 https://github.com/python/cpython/pull/24239
     source:MISC
     tags:Patch    Third Party Advisory    
 https://python-security.readthedocs.io/vuln/ctypes-buffer-overflow-pycarg_repr.html
     source:MISC
     tags:Patch    Third Party Advisory    
 FEDORA-2021-cc3ff94cfc
     source:FEDORA
     tags:Third Party Advisory    
 FEDORA-2021-faf88b9499
     source:FEDORA
     tags:Third Party Advisory    
 GLSA-202101-18
     source:GENTOO
     tags:Third Party Advisory    
 FEDORA-2021-e3a5a74610
     source:FEDORA
     tags:Third Party Advisory    
 FEDORA-2021-ced31f3f0c
     source:FEDORA
     tags:Third Party Advisory    
 FEDORA-2021-42ba9feb47
     source:FEDORA
     tags:Third Party Advisory    
 FEDORA-2021-851c6e4e2d
     source:FEDORA
     tags:Third Party Advisory    
 FEDORA-2021-076a2dccba
     source:FEDORA
     tags:Third Party Advisory    
 FEDORA-2021-66547ff92d
     source:FEDORA
     tags:Third Party Advisory    
 FEDORA-2021-17668e344a
     source:FEDORA
     tags:Third Party Advisory    
 FEDORA-2021-d5cde50865
     source:FEDORA
     tags:Third Party Advisory    
 https://news.ycombinator.com/item?id=26185005
     source:MISC
     tags:Third Party Advisory    
 FEDORA-2021-7547ad987f
     source:FEDORA
     tags:Third Party Advisory    
 FEDORA-2021-f4fd9372c7
     source:FEDORA
     tags:Third Party Advisory    
 FEDORA-2021-3352c1c802
     source:FEDORA
     tags:Third Party Advisory    
 [mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 FEDORA-2021-907f3bacae
     source:FEDORA
     tags:Third Party Advisory    
 https://security.netapp.com/advisory/ntap-20210226-0003/
     source:CONFIRM
     tags:Third Party Advisory    
 [debian-lts-announce] 20210405 [SECURITY] [DLA 2619-1] python3.5 security update
     source:MLIST
     tags:

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag: Linux(1 tweets) PHP(1 tweets)

List of frequently cited URLs

URLNum of Times Referred to
https://alerts.vulmon.com/?utm_source=twitter&utm_medium=so...289
http://patrowl.io249
https://twitter.com/jedisct1/status/13616352793591357466
http://vulmon.com/vulnerabilitydetails?qid=CVE-2021-31775
https://www.zdnet.com/article/python-programming-language-h...4
https://bugs.python.org/issue429383

Information from Twitter

User URL Info Source Date
threatintelctr https://nvd.nist.gov/vuln/detail/CVE-2021-3177 Source threatintelctr   1600247923962437640 2022/12/07
solardiz https://nvd.nist.gov/vuln/detail/CVE-2017-11362 Source solardiz         1612821060159692802 2023/01/10
solardiz https://nvd.nist.gov/vuln/detail/CVE-2021-3177 Source solardiz         1612821060159692802 2023/01/10

List of frequently cited URLs

URLNum of Times Referred to
alerts.vulmon.com289
patrowl.io249
twitter.com6
vulmon.com5
www.zdnet.com4
bugs.python.org3

Information from Twitter

User URL Info Source
threatintelctr nvd.nist.gov Show Tweet
solardiz nvd.nist.gov Show Tweet
solardiz nvd.nist.gov Show Tweet
GitHub Search Results: Up to 10
NameURL
No Data
GitHub Search Results: Up to 10
NameURL
No Data
2023/01/10 Score : 0
Added Har-sia Database : 2021/01/19
Last Modified : 2023/01/10
Highest Scored Date : 2021/02/19
Highest Score : 39