In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This (in some situations) allows attackers to bypass access control that is based on IP addresses.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HOracle Communications Cloud Native Core Automated Test Suite
APPOracle1.8.0Oracle Communications Cloud Native Core Binding Support Function
APPOracle1.11.0Oracle Communications Cloud Native Core Network Slice Selection Function
APPOracle1.8.0Oracle Graalvm
APPOracle20.3.221.1.0Oracle Zfs Storage Appliance Kit
APPOracle8.8Python
APPPython3.9.0 – 3.9.5 (bez)3.8.0 – 3.8.12 (bez)
Related vulnerabilities
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) ...
In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionalit...
In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection ...
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remot...
Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an unauthenticated remot...