python
262 tracked vulnerabilities.
CVE-2023-40217
MEDIUM
Python <3.8.18-3.11.5 - Info Disclosure
Aug 25, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-41105
HIGH
Python 3.11.0-3.11.4 - Untrusted Search Path via os.path.normpath()
Aug 23, 2023
CVSS 7.5
EPSS 0.02
CVE-2023-38898
MEDIUM
Python cpython <3.7 - Info Disclosure
Aug 15, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-36632
HIGH
Python < 3.11.4 - Denial of Service via email.utils.parseaddr Recursion
Jun 25, 2023
CVSS 7.5
EPSS 0.02
CVE-2023-33595
MEDIUM
CPython 3.12.0 alpha 7 - Use-After-Free in ascii_decode Function
Jun 07, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-32681
MEDIUM
Requests 2.3.0-2.31.0 - Proxy-Authorization Header Leak via HTTPS Redirect
May 26, 2023
CVSS 6.1
EPSS 0.03
CVE-2023-27043
MEDIUM
Python <3.11.3 - Info Disclosure
Apr 19, 2023
CVSS 5.3
EPSS 0.03
CVE-2023-24329
HIGH
Python < 3.11.4 - URL Blocklist Bypass via Leading Blank Characters in urllib.parse
Feb 17, 2023
CVSS 7.5
EPSS 0.20
CVE-2022-48566
MEDIUM
Python < 3.6.13 - Timing Attack via hmac.compare_digest
Aug 22, 2023
CVSS 5.9
EPSS 0.01
CVE-2022-48565
CRITICAL
Python < 3.6.13 - XML External Entity Injection in plistlib Module
Aug 22, 2023
CVSS 9.8
EPSS 0.04
CVE-2022-48564
MEDIUM
Python < 3.6.13 - Denial of Service via Malformed Binary Property List Processing
Aug 22, 2023
CVSS 6.5
EPSS 0.01
CVE-2022-48560
HIGH
Python <= 3.9 - Use-After-Free via heappushpop in heapq
Aug 22, 2023
CVSS 7.5
EPSS 0.02
CVE-2022-40897
MEDIUM
Python Packaging Authority (PyPA) setuptools <65.5.1 - DoS
Dec 23, 2022
CVSS 5.9
EPSS 0.03
CVE-2022-45199
HIGH
Pillow < 9.3.0 - Denial of Service via SAMPLESPERPIXEL
Nov 14, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-45198
HIGH
Pillow < 9.2.0 - Denial of Service via Highly Compressed GIF Data
Nov 14, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-45061
HIGH
Python < 3.11.1 - Denial of Service via IDNA Decoder Quadratic Algorithm
Nov 09, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-42919
HIGH
Python 3.9.x < 3.9.16 and 3.10.x < 3.10.9 - Privilege Escalation via Pickle Deserialization
Nov 07, 2022
CVSS 7.8
EPSS 0.01
CVE-2022-37454
CRITICAL
Keccak XKCP SHA-3 Reference Implementation - Integer Overflow and Buffer Overflow in Sponge Function Interface
Oct 21, 2022
CVSS 9.8
EPSS 0.05
CVE-2022-30595
CRITICAL
Pillow 9.1.0 - Heap Buffer Overflow in TGA Image Processing
May 25, 2022
CVSS 9.8
EPSS 0.02
CVE-2022-28470
CRITICAL
marcador 0.1-0.13 - Backdoor Code Execution
May 08, 2022
CVSS 9.8
EPSS 0.02
CVE-2022-24902
LOW
tkvideoplayer < 2.0.0 - Uncontrolled Resource Consumption
May 06, 2022
CVSS 2.9
EPSS 0.01
CVE-2022-24303
CRITICAL
Pillow < 9.0.1 - Arbitrary File Deletion via Temporary Pathname Mishandling
Mar 28, 2022
CVSS 9.1
EPSS 0.03
CVE-2022-26488
HIGH
Python <3.10.3 (Windows) - Privilege Escalation
Mar 10, 2022
CVSS 7.0
EPSS 0.01
CVE-2022-0391
HIGH
Python <3.10.0b1-3.6.14 - Code Injection
Feb 09, 2022
CVSS 7.5
EPSS 0.08
CVE-2022-22817
CRITICAL
Pillow < 9.0.1 - Remote Code Execution via ImageMath.eval Expression Injection
Jan 10, 2022
CVSS 9.8
EPSS 0.03
Products
python 139
pillow 65
urllib3 19
requests 6
setuptools 4
keyring 3
black 2
pyxdg 2
typed_ast 2
Protobuf 1
beaker 1
cpython 1
hpack 1
hyper 1
jw.util 1
novajoin 1
openpyxl 1
py-bcrypt 1
pybluemonday 1
pymanager 1
pypi 1
pypiserver 1
python-gnupg 1
python_priority_library 1
pyxml 1
rply 1
rsa 1
tablib 1
tgcaptcha2 1
tkvideoplayer 1
Quick Filters