Home > Vulnerability Database > CVE-2024-3220

Mend.io Vulnerability Database

CVE-2024-3220

Date: February 14, 2025

There is a defect in the CPython standard library module “mimetypes” where on Windows the default list of known file locations are writable meaning other users can create invalid files to cause MemoryError to be raised on Python runtime startup or have file extensions be interpreted as the incorrect file type.

Severity Score

5.4

Related Resources (5)

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-3220

Url: http://www.openwall.com/lists/oss-security/2025/02/14/8

Url: https://security.netapp.com/advisory/ntap-20250314-0001/

Url: https://mail.python.org/archives/list/security-announce@python.org/thread/CDXW34ND2LSAOYAR5N6UNONP4ZBX4D6R/

Url: https://www.mend.io/vulnerability-database/CVE-2024-3220

Severity Score

5.4

Weakness Type (CWE)

Untrusted Search Path

CWE-426

CVSS v3.1

Base Score:	5.4
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	LOW
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

CVE-2024-3220

Date: February 14, 2025

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?