CVE-2021-42343

NameCVE-2021-42343
DescriptionAn issue was discovered in the Dask distributed package before 2021.10 ...
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
dask.distributed (PTS)bullseye2021.01.0+ds.1-2.1+deb11u1fixed
bookworm2022.12.1+ds.1-3fixed
forky, sid, trixie2024.12.1+ds-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
dask.distributedsourcebullseye2021.01.0+ds.1-2.1+deb11u1
dask.distributedsource(unstable)2021.09.1+ds.1-2

Notes

[buster] - dask.distributed <ignored> (Minor issue; unreproducible with <2.0)
https://github.com/dask/distributed/pull/5427
https://github.com/dask/distributed/security/advisories/GHSA-hwqr-f3v9-hwxr
Likely introduced in https://github.com/quasiben/distributed/commit/fd31ecca8017bae845a73d468de0376c02363fab (2.0.0)
Search for package or bug name: Reporting problems