Risk Scores
CVSS v3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | python | 3.13.0-alpha0, 3.13.0-alpha0, 3.13.0-alpha0 |
Timeline
- Mar 6, 2024 CVE Published
- Sep 5, 2025 CVE Updated
An issue in Python cpython v.3.7 allows an attacker to obtain sensitive information via the _asyncio._swap_current_task component. NOTE: this is disputed by the vendor because (1) neither 3.7 nor any other release is affected (it is a bug in some 3.12 pre-releases); (2) there are no common scenarios in which an adversary can call _asyncio._swap_current_task but does not already have the ability to call arbitrary functions; and (3) there are no common scenarios in which sensitive information, which is not already accessible to an adversary, becomes accessible through this bug.
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | python | 3.13.0-alpha0, 3.13.0-alpha0, 3.13.0-alpha0 |