CVE-2024-4032

2024-06-1700:00:00

ubuntu.com

cve-2024-4032

ipaddress module

ipv4

ipv6

iana special-purpose address registries

cpython 3.12.4

cpython 3.13.0a6

unix

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

14.4%

JSON

The “ipaddress” module contained incorrect information about whether
certain IPv4 and IPv6 addresses were designated as “globally reachable” or
“private”. This affected the is_private and is_global properties of the
ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and
ipaddress.IPv6Network classes, where values wouldn’t be returned in
accordance with the latest information from the IANA Special-Purpose
Address Registries.
CPython 3.12.4 and 3.13.0a6 contain updated information from these
registries and thus have the intended behavior.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchpython2.7< anyUNKNOWN
ubuntu20.04noarchpython2.7< anyUNKNOWN
ubuntu22.04noarchpython2.7< anyUNKNOWN
ubuntu14.04noarchpython2.7< anyUNKNOWN
ubuntu16.04noarchpython2.7< anyUNKNOWN
ubuntu22.04noarchpython3.10< anyUNKNOWN
ubuntu22.04noarchpython3.11< anyUNKNOWN
ubuntu23.10noarchpython3.11< anyUNKNOWN
ubuntu23.10noarchpython3.12< anyUNKNOWN
ubuntu24.04noarchpython3.12< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	python2.7	< any	UNKNOWN
ubuntu	20.04	noarch	python2.7	< any	UNKNOWN
ubuntu	22.04	noarch	python2.7	< any	UNKNOWN
ubuntu	14.04	noarch	python2.7	< any	UNKNOWN
ubuntu	16.04	noarch	python2.7	< any	UNKNOWN
ubuntu	22.04	noarch	python3.10	< any	UNKNOWN
ubuntu	22.04	noarch	python3.11	< any	UNKNOWN
ubuntu	23.10	noarch	python3.11	< any	UNKNOWN
ubuntu	23.10	noarch	python3.12	< any	UNKNOWN
ubuntu	24.04	noarch	python3.12	< any	UNKNOWN