Vulnerability-Lookup

CVE-2024-47532 (GCVE-0-2024-47532)

Vulnerability from cvelistv5 – Published: 2024-09-30 15:29 – Updated: 2024-09-30 17:29

Title

RestrictedPython information leakage via `AttributeError.obj` and the `string` module

Summary

RestrictedPython is a restricted execution environment for Python to run untrusted code. A user can gain access to protected (and potentially sensible) information indirectly via AttributeError.obj and the string module. The problem will be fixed in version 7.3. As a workaround, If the application does not require access to the module string, it can remove it from RestrictedPython.Utilities.utility_builtins or otherwise do not make it available in the restricted execution environment.

Severity ?

8.7 (High)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

CWE

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Assigner

GitHub_M

References

URL

Tags

	https://github.com/zopefoundation/RestrictedPytho…	x_refsource_CONFIRM
	https://github.com/zopefoundation/RestrictedPytho…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	zopefoundation	RestrictedPython	Affected: < 7.3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:zope:restrictedpython:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "restrictedpython",
            "vendor": "zope",
            "versions": [
              {
                "lessThan": "7.3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-47532",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-30T17:26:28.910403Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-30T17:29:29.522Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "RestrictedPython",
          "vendor": "zopefoundation",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 7.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "RestrictedPython is a restricted execution environment for Python to run untrusted code. A user can gain access to protected (and potentially sensible) information indirectly via AttributeError.obj and the string module. The problem will be fixed in version 7.3. As a workaround, If the application does not require access to the module string, it can remove it from RestrictedPython.Utilities.utility_builtins or otherwise do not make it available in the restricted execution environment."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-30T15:29:57.907Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/zopefoundation/RestrictedPython/security/advisories/GHSA-5rfv-66g4-jr8h",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/zopefoundation/RestrictedPython/security/advisories/GHSA-5rfv-66g4-jr8h"
        },
        {
          "name": "https://github.com/zopefoundation/RestrictedPython/commit/d701cc36cccac36b21fa200f1f2d1945a9a215e6",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/zopefoundation/RestrictedPython/commit/d701cc36cccac36b21fa200f1f2d1945a9a215e6"
        }
      ],
      "source": {
        "advisory": "GHSA-5rfv-66g4-jr8h",
        "discovery": "UNKNOWN"
      },
      "title": "RestrictedPython information leakage via `AttributeError.obj` and the `string` module"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-47532",
    "datePublished": "2024-09-30T15:29:57.907Z",
    "dateReserved": "2024-09-25T21:46:10.929Z",
    "dateUpdated": "2024-09-30T17:29:29.522Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-47532\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-30T17:26:28.910403Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:zope:restrictedpython:*:*:*:*:*:*:*:*\"], \"vendor\": \"zope\", \"product\": \"restrictedpython\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"7.3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-30T17:29:21.755Z\"}}], \"cna\": {\"title\": \"RestrictedPython information leakage via `AttributeError.obj` and the `string` module\", \"source\": {\"advisory\": \"GHSA-5rfv-66g4-jr8h\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 8.7, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"zopefoundation\", \"product\": \"RestrictedPython\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 7.3\"}]}], \"references\": [{\"url\": \"https://github.com/zopefoundation/RestrictedPython/security/advisories/GHSA-5rfv-66g4-jr8h\", \"name\": \"https://github.com/zopefoundation/RestrictedPython/security/advisories/GHSA-5rfv-66g4-jr8h\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/zopefoundation/RestrictedPython/commit/d701cc36cccac36b21fa200f1f2d1945a9a215e6\", \"name\": \"https://github.com/zopefoundation/RestrictedPython/commit/d701cc36cccac36b21fa200f1f2d1945a9a215e6\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"RestrictedPython is a restricted execution environment for Python to run untrusted code. A user can gain access to protected (and potentially sensible) information indirectly via AttributeError.obj and the string module. The problem will be fixed in version 7.3. As a workaround, If the application does not require access to the module string, it can remove it from RestrictedPython.Utilities.utility_builtins or otherwise do not make it available in the restricted execution environment.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-200\", \"description\": \"CWE-200: Exposure of Sensitive Information to an Unauthorized Actor\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-09-30T15:29:57.907Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-47532\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-09-30T17:29:29.522Z\", \"dateReserved\": \"2024-09-25T21:46:10.929Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-09-30T15:29:57.907Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GHSA-5RFV-66G4-JR8H

Vulnerability from github – Published: 2024-09-30 17:14 – Updated: 2025-01-21 17:59

Summary

RestrictedPython information leakage via `AttributeError.obj` and the `string` module

Details

Impact

A user can gain access to protected (and potentially sensible) information indirectly via AttributeError.obj and the string module.

Patches

The problem will be fixed in version 7.3.

Workarounds

If the application does not require access to the module string, it can remove it from RestrictedPython.Utilities.utility_builtins or otherwise do not make it available in the restricted execution environment.

Severity ?

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

8.7 (High)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "RestrictedPython"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "7.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-47532"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-09-30T17:14:00Z",
    "nvd_published_at": "2024-09-30T16:15:09Z",
    "severity": "HIGH"
  },
  "details": "### Impact\nA user can gain access to protected (and potentially sensible) information indirectly via `AttributeError.obj` and the `string` module.\n\n### Patches\nThe problem will be fixed in version 7.3.\n\n\n### Workarounds\nIf the application does not require access to the module `string`, it can remove it from `RestrictedPython.Utilities.utility_builtins`  or otherwise do not make it available in the restricted execution environment.\n",
  "id": "GHSA-5rfv-66g4-jr8h",
  "modified": "2025-01-21T17:59:45Z",
  "published": "2024-09-30T17:14:00Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/zopefoundation/RestrictedPython/security/advisories/GHSA-5rfv-66g4-jr8h"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47532"
    },
    {
      "type": "WEB",
      "url": "https://github.com/zopefoundation/RestrictedPython/commit/d701cc36cccac36b21fa200f1f2d1945a9a215e6"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/restrictedpython/PYSEC-2024-186.yaml"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/zopefoundation/RestrictedPython"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "RestrictedPython information leakage via `AttributeError.obj` and the `string` module"
}

PYSEC-2024-186

Vulnerability from pysec - Published: 2024-09-30 16:15 - Updated: 2025-01-19 04:23

Details

Severity ?

6.5 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Impacted products

Name	purl
restrictedpython	pkg:pypi/restrictedpython

Aliases

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "restrictedpython",
        "purl": "pkg:pypi/restrictedpython"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "d701cc36cccac36b21fa200f1f2d1945a9a215e6"
            }
          ],
          "repo": "https://github.com/zopefoundation/restrictedpython",
          "type": "GIT"
        },
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "7.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "3.4.2",
        "3.4.3",
        "3.5.0",
        "3.5.1",
        "3.5.2",
        "3.6.0",
        "3.6.0a1",
        "4.0",
        "4.0a1",
        "4.0a2",
        "4.0a3",
        "4.0b1",
        "4.0b2",
        "4.0b3",
        "4.0b4",
        "4.0b5",
        "4.0b6",
        "4.0b7",
        "4.0b8",
        "5.0",
        "5.1",
        "5.2",
        "5.2a1.dev0",
        "5.3",
        "5.3a1.dev0",
        "5.4",
        "6.0",
        "6.0a1.dev0",
        "6.1",
        "6.2",
        "7.0",
        "7.0a1.dev0",
        "7.0a1.dev1",
        "7.0a2.dev0",
        "7.1",
        "7.2",
        "7.2a1.dev0"
      ]
    }
  ],
  "aliases": [
    "CVE-2024-47532",
    "GHSA-5rfv-66g4-jr8h"
  ],
  "details": "RestrictedPython is a restricted execution environment for Python to run untrusted code. A user can gain access to protected (and potentially sensible) information indirectly via AttributeError.obj and the string module. The problem will be fixed in version 7.3. As a workaround, If the application does not require access to the module string, it can remove it from RestrictedPython.Utilities.utility_builtins or otherwise do not make it available in the restricted execution environment.",
  "id": "PYSEC-2024-186",
  "modified": "2025-01-19T04:23:01.259448+00:00",
  "published": "2024-09-30T16:15:09+00:00",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/zopefoundation/RestrictedPython/security/advisories/GHSA-5rfv-66g4-jr8h"
    },
    {
      "type": "EVIDENCE",
      "url": "https://github.com/zopefoundation/RestrictedPython/security/advisories/GHSA-5rfv-66g4-jr8h"
    },
    {
      "type": "FIX",
      "url": "https://github.com/zopefoundation/RestrictedPython/commit/d701cc36cccac36b21fa200f1f2d1945a9a215e6"
    }
  ],
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2024-47532

Vulnerability from fkie_nvd - Published: 2024-09-30 16:15 - Updated: 2024-11-15 17:59

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Summary

References

	URL	Tags
	security-advisories@github.com	https://github.com/zopefoundation/RestrictedPython/commit/d701cc36cccac36b21fa200f1f2d1945a9a215e6	Patch
	security-advisories@github.com	https://github.com/zopefoundation/RestrictedPython/security/advisories/GHSA-5rfv-66g4-jr8h	Exploit, Mitigation, Vendor Advisory

Impacted products

	Vendor	Product	Version
	zope	restrictedpython	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:zope:restrictedpython:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6D940AC-E4E1-48EC-BD41-24754C974F29",
              "versionEndExcluding": "7.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "RestrictedPython is a restricted execution environment for Python to run untrusted code. A user can gain access to protected (and potentially sensible) information indirectly via AttributeError.obj and the string module. The problem will be fixed in version 7.3. As a workaround, If the application does not require access to the module string, it can remove it from RestrictedPython.Utilities.utility_builtins or otherwise do not make it available in the restricted execution environment."
    },
    {
      "lang": "es",
      "value": "RestrictedPython es un entorno de ejecuci\u00f3n restringido para que Python ejecute c\u00f3digo no confiable. Un usuario puede obtener acceso a informaci\u00f3n protegida (y potencialmente sensible) indirectamente a trav\u00e9s de AttributeError.obj y el m\u00f3dulo de cadena. El problema se solucionar\u00e1 en la versi\u00f3n 7.3. Como workaround, si la aplicaci\u00f3n no requiere acceso a la cadena del m\u00f3dulo, puede eliminarla de RestrictedPython.Utilities.utility_builtins o, de lo contrario, no ponerla a disposici\u00f3n en el entorno de ejecuci\u00f3n restringido."
    }
  ],
  "id": "CVE-2024-47532",
  "lastModified": "2024-11-15T17:59:51.307",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 8.7,
          "baseSeverity": "HIGH",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "NONE",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "NONE",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-09-30T16:15:09.960",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/zopefoundation/RestrictedPython/commit/d701cc36cccac36b21fa200f1f2d1945a9a215e6"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Exploit",
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://github.com/zopefoundation/RestrictedPython/security/advisories/GHSA-5rfv-66g4-jr8h"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-47532 (GCVE-0-2024-47532)

GHSA-5RFV-66G4-JR8H

Impact

Patches

Workarounds

PYSEC-2024-186

FKIE_CVE-2024-47532

Tags

Sightings

Nomenclature