25
Affected versions of the package are vulnerable to a Race Condition. The “socket” module provides a pure-Python fallback to the socket.socketpair() function for platforms that don’t support AF_UNIX, such as Windows. This pure-Python implementation uses AF_INET or AF_INET6 to create a local connected pair of sockets. The connection between the two sockets was not verified before passing the two sockets back to the user, which leaves the server socket vulnerable to a connection race from a malicious local peer.
You're affected if you are using a version which is within vulnerability ranges and if you are using Windows OS.
Upgrade gevent library to patch version.