描述
IPython (Interactive Python) is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language. Affected versions are subject to an arbitrary code execution vulnerability achieved by not properly managing cross user temporary files. This vulnerability allows one user to run code as another on the same machine. All users are advised to upgrade.
AI分析AI驱动
受影响产品
ipythonipython
ipythonipython
ipythonipython
ipythonipython
debiandebian_linux
9.0
debiandebian_linux
10.0
debiandebian_linux
11.0
fedoraprojectfedora
34
fedoraprojectfedora
35
参考资料
- https://github.com/ipython/ipython/commit/46a51ed69cdf41b4333943d9ceeb945c4ede5668PatchThird Party Advisory
- https://github.com/ipython/ipython/security/advisories/GHSA-pq7m-3gw7-gq5xExploitThird Party Advisory
- https://ipython.readthedocs.io/en/stable/whatsnew/version8.html#ipython-8-0-1-cve-2022-21699Release NotesThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2022/01/msg00021.htmlMailing ListThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRQRTWHYXMLDJ572VGVUZMUPEOTPM3KB/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZ7LVZBB4D7KVSFNEQUBEHFO3JW6D2ZK/
- https://github.com/ipython/ipython/commit/46a51ed69cdf41b4333943d9ceeb945c4ede5668PatchThird Party Advisory
- https://github.com/ipython/ipython/security/advisories/GHSA-pq7m-3gw7-gq5xExploitThird Party Advisory
- https://ipython.readthedocs.io/en/stable/whatsnew/version8.html#ipython-8-0-1-cve-2022-21699Release NotesThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2022/01/msg00021.htmlMailing ListThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRQRTWHYXMLDJ572VGVUZMUPEOTPM3KB/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZ7LVZBB4D7KVSFNEQUBEHFO3JW6D2ZK/