CVE-2021-3426 - AskarLabs CVE Database

CVE-2021-3426

Vendor N/A

Product python

Weakness CWE-200 · Info exposure

Published May 20, 2021

Last update December 18, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to access. The highest risk of this flaw is to data confidentiality. This flaw affects Python versions before 3.8.9, Python versions before 3.9.3 and Python versions before 3.10.0a7.

Key dates

02Disclosure timeline

May 20, 2021 CVE published

December 18, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-3426 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/200.html

Related vulnerabilities

04Related CVE

CVE-2023-25683 IBM PowerVM Hypervisor information disclosure CVE-2023-43814 Exposure of poll options and votes to unauthorized users in Discourse CVE-2026-2295 WPZOOM Addons for Elementor – Starter Templates & Widgets <= 1.3.2 - Unauthenticated Protected Post Exposure via ajax_post_grid_load_more CVE-2013-10030 Exit Box Lite Plugin wordpress-exit-box-lite.php information disclosure CVE-2026-2975 FastApiAdmin Custom Documentation Endpoint init_app.py reset_api_docs information disclosure