python
250 tracked vulnerabilities.
CVE-2021-28676
HIGH
Pillow < 8.2.0 - Denial of Service via FLI Block Advance Infinite Loop
Jun 02, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-25288
CRITICAL
Pillow < 8.2.0 - Out-of-bounds Read in J2kDecode
Jun 02, 2021
CVSS 9.1
EPSS 0.00
CVE-2021-25287
CRITICAL
Pillow < 8.2.0 - Out-of-bounds Read in J2kDecode
Jun 02, 2021
CVSS 9.1
EPSS 0.00
CVE-2021-28675
MEDIUM
Pillow < 8.2.0 - Denial of Service in PSDImagePlugin
Jun 02, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-3426
MEDIUM
Python < 3.8.9, < 3.9.3, < 3.10.0a7 - Information Disclosure via pydoc Server
May 20, 2021
CVSS 5.7
EPSS 0.00
CVE-2021-29921
CRITICAL
Python < 3.9.5 - IP Address Validation Bypass via Leading Zero Octets
May 06, 2021
CVSS 9.8
EPSS 0.02
CVE-2021-25293
HIGH
Pillow < 8.1.1 - Out-of-bounds Read in SGIRleDecode.c
Mar 19, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-25292
MEDIUM
Pillow < 8.1.1 - Denial of Service via PDF Parser Regex Backtracking
Mar 19, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-25291
HIGH
Pillow < 8.1.1 - Out-of-bounds Read in TiffreadRGBATile
Mar 19, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-25290
HIGH
Pillow < 8.1.1 - Out-of-bounds Write in TiffDecode.c
Mar 19, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-25289
CRITICAL
Pillow < 8.1.1 - Heap-Based Buffer Overflow in TiffDecode
Mar 19, 2021
CVSS 9.8
EPSS 0.01
CVE-2021-28363
MEDIUM
urllib3 1.26.0-1.26.3 - Improper Certificate Validation in HTTPS Proxy Connections
Mar 15, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-27923
HIGH
Pillow < 8.1.2 - Denial of Service via ICO Image Size Mismatch
Mar 03, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-27922
HIGH
Pillow < 8.1.2 - Denial of Service via ICNS Container Memory Allocation
Mar 03, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-27921
HIGH
Pillow < 8.1.2 - Denial of Service via BLP Image Size Mismatch
Mar 03, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-23336
MEDIUM
Python/cpython <3.6.13, <3.7.10, <3.8.8, <3.9.2 - Web Cache Poisoning
Feb 15, 2021
CVSS 5.9
EPSS 0.00
CVE-2021-3177
CRITICAL
Python 3.6.0-3.9.1 - Buffer Overflow via Unsafe sprintf in PyCArg_repr
Jan 19, 2021
CVSS 9.8
EPSS 0.00
CVE-2020-10735
HIGH
Python 3.7.0-3.7.13 - Denial of Service via int() with Non-Binary Bases
Sep 09, 2022
CVSS 7.5
EPSS 0.00
CVE-2020-35655
MEDIUM
Pillow 4.3.0-8.0.0 - Out-of-bounds Read in SGIRleDecode
Jan 12, 2021
CVSS 5.4
EPSS 0.00
CVE-2020-35654
HIGH
Pillow < 8.1.0 - Heap-Based Buffer Overflow in TiffDecode
Jan 12, 2021
CVSS 8.8
EPSS 0.00
CVE-2020-35653
HIGH
Pillow < 8.1.0 - Out-of-bounds Read in PCX Decoder
Jan 12, 2021
CVSS 7.1
EPSS 0.00
CVE-2020-27619
CRITICAL
Python 3.0.0-3.9.0 - Remote Code Execution via CJK Codec Test HTTP Content
Oct 22, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-26137
MEDIUM
urllib3 < 1.25.9 - CRLF Injection via HTTP Request Method
Sep 30, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-26116
HIGH
Python 3.x < 3.5.10, 3.6.x < 3.6.12, 3.7.x < 3.7.9, 3.8.x < 3.8.5 - HTTP Header Injection via HTTPConnection.request
Sep 27, 2020
CVSS 7.2
EPSS 0.01
CVE-2020-15801
CRITICAL
Python 3.8.4 - Untrusted Search Path via sys.path Restriction Bypass
Jul 17, 2020
CVSS 9.8
EPSS 0.01
Products
python 132
pillow 60
urllib3 19
requests 6
keyring 3
setuptools 3
black 2
pyxdg 2
typed_ast 2
Protobuf 1
beaker 1
cpython 1
hpack 1
hyper 1
jw.util 1
novajoin 1
openpyxl 1
py-bcrypt 1
pybluemonday 1
pymanager 1
pypi 1
pypiserver 1
python-gnupg 1
python_priority_library 1
pyxml 1
rply 1
rsa 1
tablib 1
tgcaptcha2 1
tkvideoplayer 1
Quick Filters