ALPINE-CVE-2021-3426
Advisory lineage Upstream: 1 Downstream: 0
Upstream
Published: 20 May 2021, 13:15
Last modified:03 Dec 2025, 22:46
Vulnerability Summary
Overall Risk (default)
low
23/100 CVSS Score
5.7 MEDIUM
3.1 (osv_alpine)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
20 May 2021, 13:15
Published
Vulnerability first disclosed
03 Dec 2025, 22:46
Last Modified
Vulnerability information updated
Description
There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to access. The highest risk of this flaw is to data confidentiality. This flaw affects Python versions before 3.8.9, Python versions before 3.9.3 and Python versions before 3.10.0a7.
CVSS Metrics
- v3.1•MEDIUM•Score: 5.7CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected Systems
- alpine•python3
< 3.9.4-r0 | < 3.9.4-r0 | < 3.9.4-r0 | < 3.9.4-r0 | < 3.9.4-r0 | < 3.9.4-r0 | < 3.9.4-r0 | < 3.9.4-r0 | < 3.9.4-r0