|CERT-In Vulnerability Note
Vulnerability in Python
Original Issue Date:July 29, 2020
Severity Rating: HIGH
- Python Versions 3.6 and later on Windows
A vulnerability has been reported in python which could allow an attacker to execute the malicious file from arbitrary location on targeted system.
This vulnerability exits in the python when CPython has been embedded in another application. It occurs during Py_Initialize() when the runtime attempts to pre-load python3.dll. This issue is not triggered when running python.exe. It only applies when CPython has been embedded in another application.
Successful exploitation of the vulnerability allows an attacker to execute the malicious file from arbitrary location on targeted system.
Upgrade to latest version
The information provided herein is on "as is" basis, without warranty of any kind.
Email: email@example.com Phone: +91-11-24368572
Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
6, CGO Complex, Lodhi Road,
New Delhi - 110 003