The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the is_private and is_global properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and ipaddress.IPv6Network classes, where values wouldn’t be returned in accordance with the latest information from the IANA Special-Purpose Address Registries.

CPython 3.12.4 and 3.13.0a6 contain updated information from these registries and thus have the intended behavior.

CVE Database V5

Detailed information about CVE-2024-4032: Vulnerability in Python Software Foundation CPython affecting Python Software Foundation CPython. Get real-time update

CVE-2024-4032: Vulnerability in Python Software Foundation CPython - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2024-4032: Vulnerability in Python Software Foundation CPython

A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1. A remote attacker may be able to break out of Web Content sandbox.

Detailed information about CVE-2024-40867: A remote attacker may be able to break out of Web Content sandbox in Apple iOS and iPadOS affecting Apple iOS and iPa

CVE-2024-40867: A remote attacker may be able to break out of Web Content sandbox in Apple iOS and iPadOS - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2024-40867: A remote attacker may be able to break out of Web Content sandbox in Apple iOS and iPadOS

The issue was addressed with improved UI. This issue is fixed in Safari 18, macOS Sequoia 15. Visiting a malicious website may lead to address bar spoofing.

Detailed information about CVE-2024-40866: Visiting a malicious website may lead to address bar spoofing in Apple macOS affecting Apple macOS. Get real-time upd

CVE-2024-40866: Visiting a malicious website may lead to address bar spoofing in Apple macOS - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2024-40866: Visiting a malicious website may lead to address bar spoofing in Apple macOS

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sequoia 15, macOS Sonoma 14.7.1. A sandboxed app may be able to access sensitive user data.

Detailed information about CVE-2024-40855: A sandboxed app may be able to access sensitive user data in Apple macOS affecting Apple macOS. Get real-time updates

CVE-2024-40855: A sandboxed app may be able to access sensitive user data in Apple macOS - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2024-40855: A sandboxed app may be able to access sensitive user data in Apple macOS

This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18.1 and iPadOS 18.1. An attacker with physical access may be able to access contact photos from the lock screen.

Detailed information about CVE-2024-40851: An attacker with physical access may be able to access contact photos from the lock screen in Apple iOS and iPadOS af

CVE-2024-40851: An attacker with physical access may be able to access contact photos from the lock screen in Apple iOS and iPadOS - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2024-40851: An attacker with physical access may be able to access contact photos from the lock screen in Apple iOS and iPadOS

In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because there is a missing check for whether the leading bit of r and s is zero.

Detailed information about CVE-2024-42460: n/a. Get real-time updates, technical details, and mitigation strategies.

CVE-2024-42460: n/a

CVE-2024-42460: n/a

Description

Technical Details

Community Reviews

Related Threats

CVE-2024-4032: Vulnerability in Python Software Foundation CPython

CVE-2024-40867: A remote attacker may be able to break out of Web Content sandbox in Apple iOS and iPadOS

CVE-2024-40866: Visiting a malicious website may lead to address bar spoofing in Apple macOS

CVE-2024-40855: A sandboxed app may be able to access sensitive user data in Apple macOS

CVE-2024-40851: An attacker with physical access may be able to access contact photos from the lock screen in Apple iOS and iPadOS

Actions

External Links

Need enhanced features?

Latest Threats

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility