{"api_version":"1","generated_at":"2026-04-23T00:42:07+00:00","cve":"CVE-2022-42919","urls":{"html":"https://cve.report/CVE-2022-42919","api":"https://cve.report/api/cve/CVE-2022-42919.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-42919","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-42919"},"summary":{"title":"CVE-2022-42919","description":"Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network namespace, which in many system configurations means any user on the same machine. Pickles can execute arbitrary code. Thus, this allows for local user privilege escalation to the user that any forkserver process is running as. Setting multiprocessing.util.abstract_sockets_supported to False is a workaround. The forkserver start method for multiprocessing is not the default start method. This issue is Linux specific because only Linux supports abstract namespace sockets. CPython before 3.9 does not make use of Linux abstract namespace sockets by default. Support for users manually specifying an abstract namespace socket was added as a bugfix in 3.7.8 and 3.8.3, but users would need to make specific uncommon API calls in order to do that in CPython before 3.9.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2022-11-07 00:15:00","updated_at":"2023-11-07 03:53:00"},"problem_types":["NVD-CWE-noinfo"],"metrics":[],"references":[{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P2LHWWEI5OBQ6RELULMVU6KMDYG4WZXH/","name":"FEDORA-2022-462f39dd2f","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 36 Update: python3.10-3.10.8-3.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY/","name":"FEDORA-2023-097dd40685","refsource":"","tags":[],"title":"[SECURITY] Fedora 36 Update: pypy3.9-7.3.11-1.3.9.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/python/cpython/compare/v3.10.8...v3.10.9","name":"https://github.com/python/cpython/compare/v3.10.8...v3.10.9","refsource":"CONFIRM","tags":[],"title":"Comparing v3.10.8...v3.10.9 · python/cpython · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCRKBB5Y5EWTJUNC7LK665WO64DDXSTN/","name":"FEDORA-2022-028c09eaa7","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 37 Update: python3.9-3.9.15-2.fc37 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R6KGIRHSENZ4QAB234Z36HVIDTRJ3MFI/","name":"FEDORA-2022-f44dd1bec2","refsource":"","tags":[],"title":"[SECURITY] Fedora 35 Update: python3.10-3.10.8-3.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XX6LLAXGZVZ327REY6MDZRMMP47LJ53P/","name":"FEDORA-2022-a7cad6bd22","refsource":"","tags":[],"title":"[SECURITY] Fedora 37 Update: python3.10-3.10.8-3.fc37 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.netapp.com/advisory/ntap-20221209-0006/","name":"https://security.netapp.com/advisory/ntap-20221209-0006/","refsource":"CONFIRM","tags":[],"title":"CVE-2022-42919 Python Vulnerability in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6KGIRHSENZ4QAB234Z36HVIDTRJ3MFI/","name":"FEDORA-2022-f44dd1bec2","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 35 Update: python3.10-3.10.8-3.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PI5DYIED6U26BGX5IRZWNCP6TY4M2ZGZ/","name":"FEDORA-2022-1166a1df1e","refsource":"","tags":[],"title":"[SECURITY] Fedora 35 Update: python3.9-3.9.15-2.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKGCQPIVHEAIJ77R3RSNSQWYBUDVWDKU/","name":"FEDORA-2022-b17bf30e88","refsource":"","tags":[],"title":"[SECURITY] Fedora 36 Update: python3.9-3.9.15-3.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCRKBB5Y5EWTJUNC7LK665WO64DDXSTN/","name":"FEDORA-2022-028c09eaa7","refsource":"","tags":[],"title":"[SECURITY] Fedora 37 Update: python3.9-3.9.15-2.fc37 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.gentoo.org/glsa/202305-02","name":"GLSA-202305-02","refsource":"GENTOO","tags":[],"title":"Python, PyPy3: Multiple Vulnerabilities (GLSA 202305-02) — Gentoo security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/python/cpython/issues/97514#issuecomment-1310277840","name":"https://github.com/python/cpython/issues/97514#issuecomment-1310277840","refsource":"MISC","tags":[],"title":"Linux specific local privilege escalation via the multiprocessing forkserver start method - CVE-2022-42919 · Issue #97514 · python/cpython · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY/","name":"FEDORA-2023-097dd40685","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 36 Update: pypy3.9-7.3.11-1.3.9.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB/","name":"FEDORA-2023-af5206f71d","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 37 Update: pypy3.9-7.3.11-1.3.9.fc37 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKGCQPIVHEAIJ77R3RSNSQWYBUDVWDKU/","name":"FEDORA-2022-b17bf30e88","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 36 Update: python3.9-3.9.15-3.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX6LLAXGZVZ327REY6MDZRMMP47LJ53P/","name":"FEDORA-2022-a7cad6bd22","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 37 Update: python3.10-3.10.8-3.fc37 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB/","name":"FEDORA-2023-af5206f71d","refsource":"","tags":[],"title":"[SECURITY] Fedora 37 Update: pypy3.9-7.3.11-1.3.9.fc37 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PI5DYIED6U26BGX5IRZWNCP6TY4M2ZGZ/","name":"FEDORA-2022-1166a1df1e","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 35 Update: python3.9-3.9.15-2.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2LHWWEI5OBQ6RELULMVU6KMDYG4WZXH/","name":"FEDORA-2022-462f39dd2f","refsource":"","tags":[],"title":"[SECURITY] Fedora 36 Update: python3.10-3.10.8-3.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/python/cpython/compare/v3.9.15...v3.9.16","name":"https://github.com/python/cpython/compare/v3.9.15...v3.9.16","refsource":"CONFIRM","tags":[],"title":"Comparing v3.9.15...v3.9.16 · python/cpython · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/python/cpython/issues/97514","name":"https://github.com/python/cpython/issues/97514","refsource":"MISC","tags":[],"title":"Linux specific local privilege escalation via the multiprocessing forkserver start method - CVE-2022-42919 · Issue #97514 · python/cpython · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-42919","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-42919","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"42919","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"35","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"42919","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"36","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"42919","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"37","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"42919","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"python","cpe5":"python","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"42919","vulnerable":"1","versionEndIncluding":"3.7.15","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"python","cpe5":"python","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"42919","vulnerable":"1","versionEndIncluding":"3.8.15","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"python","cpe5":"python","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2022-42919","qid":"160320","title":"Oracle Enterprise Linux Security Update for python39:3.9 (ELSA-2022-8492)"},{"cve":"CVE-2022-42919","qid":"160324","title":"Oracle Enterprise Linux Security Update for python3.9 (ELSA-2022-8493)"},{"cve":"CVE-2022-42919","qid":"183884","title":"Debian Security Update for python3.11 (CVE-2022-42919)"},{"cve":"CVE-2022-42919","qid":"199016","title":"Ubuntu Security Notification for Python Vulnerability (USN-5713-1)"},{"cve":"CVE-2022-42919","qid":"199497","title":"Ubuntu Security Notification for Python Vulnerabilities (USN-5888-1)"},{"cve":"CVE-2022-42919","qid":"20342","title":"Oracle Database 21c Critical Patch Update - April 2023"},{"cve":"CVE-2022-42919","qid":"240923","title":"Red Hat Update for python39:3.9 (RHSA-2022:8492)"},{"cve":"CVE-2022-42919","qid":"240924","title":"Red Hat Update for python3.9 (RHSA-2022:8493)"},{"cve":"CVE-2022-42919","qid":"283273","title":"Fedora Security Update for python3.11 (FEDORA-2022-a04a020e48)"},{"cve":"CVE-2022-42919","qid":"283278","title":"Fedora Security Update for python3.11 (FEDORA-2022-92ca0d5447)"},{"cve":"CVE-2022-42919","qid":"283321","title":"Fedora Security Update for python3.9 (FEDORA-2022-1166a1df1e)"},{"cve":"CVE-2022-42919","qid":"283324","title":"Fedora Security Update for python3.9 (FEDORA-2022-b17bf30e88)"},{"cve":"CVE-2022-42919","qid":"283335","title":"Fedora Security Update for python3.10 (FEDORA-2022-462f39dd2f)"},{"cve":"CVE-2022-42919","qid":"283367","title":"Fedora Security Update for python3.10 (FEDORA-2022-f44dd1bec2)"},{"cve":"CVE-2022-42919","qid":"283427","title":"Fedora Security Update for python3.9 (FEDORA-2022-028c09eaa7)"},{"cve":"CVE-2022-42919","qid":"283428","title":"Fedora Security Update for python3.10 (FEDORA-2022-a7cad6bd22)"},{"cve":"CVE-2022-42919","qid":"283456","title":"Fedora Security Update for python3 (FEDORA-2022-a9a4c48d06)"},{"cve":"CVE-2022-42919","qid":"283600","title":"Fedora Security Update for pypy3.9 (FEDORA-2023-af5206f71d)"},{"cve":"CVE-2022-42919","qid":"283604","title":"Fedora Security Update for pypy3.9 (FEDORA-2023-097dd40685)"},{"cve":"CVE-2022-42919","qid":"284297","title":"Fedora Security Update for python3.10 (FEDORA-2022-bd02afca8c)"},{"cve":"CVE-2022-42919","qid":"284298","title":"Fedora Security Update for python3.9 (FEDORA-2022-6728f16289)"},{"cve":"CVE-2022-42919","qid":"354694","title":"Amazon Linux Security Advisory for python3.9 : ALAS2022-2023-273"},{"cve":"CVE-2022-42919","qid":"354708","title":"Amazon Linux Security Advisory for python3.10 : ALAS2022-2023-274"},{"cve":"CVE-2022-42919","qid":"355180","title":"Amazon Linux Security Advisory for python3.9 : ALAS2023-2023-104"},{"cve":"CVE-2022-42919","qid":"502608","title":"Alpine Linux Security Update for python3"},{"cve":"CVE-2022-42919","qid":"504338","title":"Alpine Linux Security Update for python3"},{"cve":"CVE-2022-42919","qid":"672677","title":"EulerOS Security Update for python3 (EulerOS-SA-2023-1414)"},{"cve":"CVE-2022-42919","qid":"672694","title":"EulerOS Security Update for python3 (EulerOS-SA-2023-1429)"},{"cve":"CVE-2022-42919","qid":"710714","title":"Gentoo Linux Python, PyPy3 Multiple Vulnerabilities (GLSA 202305-02)"},{"cve":"CVE-2022-42919","qid":"752899","title":"SUSE Enterprise Linux Security Update for python39 (SUSE-SU-2022:4071-1)"},{"cve":"CVE-2022-42919","qid":"753766","title":"SUSE Enterprise Linux Security Update for python39 (SUSE-SU-2023:0707-1)"},{"cve":"CVE-2022-42919","qid":"904479","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for python3 (11394)"},{"cve":"CVE-2022-42919","qid":"904709","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for python3 (11394-1)"},{"cve":"CVE-2022-42919","qid":"905381","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for python3 (13209)"},{"cve":"CVE-2022-42919","qid":"906959","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for python3 (13209-1)"},{"cve":"CVE-2022-42919","qid":"940781","title":"AlmaLinux Security Update for python39:3.9 (ALSA-2022:8492)"},{"cve":"CVE-2022-42919","qid":"940782","title":"AlmaLinux Security Update for python3.9 (ALSA-2022:8493)"},{"cve":"CVE-2022-42919","qid":"960186","title":"Rocky Linux Security Update for python39:3.9 (RLSA-2022:8492)"},{"cve":"CVE-2022-42919","qid":"960578","title":"Rocky Linux Security Update for python3.9 (RLSA-2022:8493)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2022-42919","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network namespace, which in many system configurations means any user on the same machine. Pickles can execute arbitrary code. Thus, this allows for local user privilege escalation to the user that any forkserver process is running as. Setting multiprocessing.util.abstract_sockets_supported to False is a workaround. The forkserver start method for multiprocessing is not the default start method. This issue is Linux specific because only Linux supports abstract namespace sockets. CPython before 3.9 does not make use of Linux abstract namespace sockets by default. Support for users manually specifying an abstract namespace socket was added as a bugfix in 3.7.8 and 3.8.3, but users would need to make specific uncommon API calls in order to do that in CPython before 3.9."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"url":"https://github.com/python/cpython/issues/97514","refsource":"MISC","name":"https://github.com/python/cpython/issues/97514"},{"refsource":"FEDORA","name":"FEDORA-2022-1166a1df1e","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PI5DYIED6U26BGX5IRZWNCP6TY4M2ZGZ/"},{"refsource":"FEDORA","name":"FEDORA-2022-028c09eaa7","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCRKBB5Y5EWTJUNC7LK665WO64DDXSTN/"},{"refsource":"FEDORA","name":"FEDORA-2022-b17bf30e88","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKGCQPIVHEAIJ77R3RSNSQWYBUDVWDKU/"},{"refsource":"FEDORA","name":"FEDORA-2022-462f39dd2f","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P2LHWWEI5OBQ6RELULMVU6KMDYG4WZXH/"},{"refsource":"FEDORA","name":"FEDORA-2022-a7cad6bd22","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX6LLAXGZVZ327REY6MDZRMMP47LJ53P/"},{"refsource":"FEDORA","name":"FEDORA-2022-f44dd1bec2","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6KGIRHSENZ4QAB234Z36HVIDTRJ3MFI/"},{"refsource":"CONFIRM","name":"https://security.netapp.com/advisory/ntap-20221209-0006/","url":"https://security.netapp.com/advisory/ntap-20221209-0006/"},{"refsource":"MISC","name":"https://github.com/python/cpython/issues/97514#issuecomment-1310277840","url":"https://github.com/python/cpython/issues/97514#issuecomment-1310277840"},{"refsource":"FEDORA","name":"FEDORA-2023-af5206f71d","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB/"},{"refsource":"FEDORA","name":"FEDORA-2023-097dd40685","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY/"},{"refsource":"CONFIRM","name":"https://github.com/python/cpython/compare/v3.10.8...v3.10.9","url":"https://github.com/python/cpython/compare/v3.10.8...v3.10.9"},{"refsource":"CONFIRM","name":"https://github.com/python/cpython/compare/v3.9.15...v3.9.16","url":"https://github.com/python/cpython/compare/v3.9.15...v3.9.16"},{"refsource":"GENTOO","name":"GLSA-202305-02","url":"https://security.gentoo.org/glsa/202305-02"}]}},"nvd":{"publishedDate":"2022-11-07 00:15:00","lastModifiedDate":"2023-11-07 03:53:00","problem_types":["NVD-CWE-noinfo"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","versionStartIncluding":"3.9.0","versionEndExcluding":"3.9.16","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","versionStartIncluding":"3.10.0","versionEndExcluding":"3.10.9","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","versionStartIncluding":"3.8.3","versionEndIncluding":"3.8.15","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","versionStartIncluding":"3.7.3","versionEndIncluding":"3.7.15","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}