{"id":"AZL-42772","summary":"CVE-2024-4032 affecting package python3 for versions less than 3.12.9-1","details":"The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the is_private and is_global properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and ipaddress.IPv6Network classes, where values wouldn’t be returned in accordance with the latest information from the IANA Special-Purpose Address Registries.\n\nCPython 3.12.4 and 3.13.0a6 contain updated information from these registries and thus have the intended behavior.","modified":"2026-04-21T04:30:44.429821Z","published":"2024-06-17T15:15:52Z","upstream":["CVE-2024-4032"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-4032"}],"affected":[{"package":{"name":"python3","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/python3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.12.9-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-42772.json"}}],"schema_version":"1.7.5"}