{"uuid": "fcbd3512-0892-444c-a3c1-6419d117cc2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3219", "type": "seen", "source": "https://t.me/cvedetector/1947", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-3219 - Windows CPython Socket Connection Race Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-3219 \nPublished : July 29, 2024, 10:15 p.m. | 22\u00a0minutes ago \nDescription : There is a MEDIUM severity vulnerability affecting CPython.  \n  \nThe  \n \u201csocket\u201d module provides a pure-Python fallback to the   \nsocket.socketpair() function for platforms that don\u2019t support AF_UNIX,   \nsuch as Windows. This pure-Python implementation uses AF_INET or   \nAF_INET6 to create a local connected pair of sockets. The connection   \nbetween the two sockets was not verified before passing the two sockets   \nback to the user, which leaves the server socket vulnerable to a   \nconnection race from a malicious local peer.  \n  \nPlatforms that support AF_UNIX such as Linux and macOS are not affected by this vulnerability. Versions prior to CPython 3.5 are not affected due to the vulnerable API not being included. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-30T00:40:39.000000Z"}