CyberSec.Space Logo
Back to CVE Browser

CVE-2018-3650

HIGH
7.8
CVSS Severity Score
EPSS Score0.1800%
EPSS Percentile36.13th
PublishedAug 1, 2018
Last ModifiedNov 21, 2024

Vulnerability Description

Insufficient Input Validation in Bleach module in INTEL Distribution for Python versions prior to IDP 2018 Update 2 allows unprivileged user to bypass URI sanitization via local vector.

Affected Platforms (CPE)

📦
Intel

Distribution For Python

< 2018
📦
Intel

Distribution For Python

= 2018
📦
Intel

Distribution For Python

= 2018

References & Advisories

🔗 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00129.html
🔗 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00129.html

Related Vulnerabilities

CVE-2021-423439.8

An issue was discovered in the Dask distributed package before 2021.10.0 for Python. Single machine Dask clusters started with das...

CVE-2018-121757.8

Default install directory permissions in Intel Distribution for Python (IDP) version 2018 may allow an unprivileged user to escala...

CVE-2018-261110.0

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: Core Service...

CVE-2018-010110.0

A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could ...