python
262 tracked vulnerabilities.
CVE-2021-27922
HIGH
Pillow < 8.1.2 - Denial of Service via ICNS Container Memory Allocation
Mar 03, 2021
CVSS 7.5
EPSS 0.05
CVE-2021-27921
HIGH
Pillow < 8.1.2 - Denial of Service via BLP Image Size Mismatch
Mar 03, 2021
CVSS 7.5
EPSS 0.03
CVE-2021-23336
MEDIUM
Python/cpython <3.6.13, <3.7.10, <3.8.8, <3.9.2 - Web Cache Poisoning
Feb 15, 2021
CVSS 5.9
EPSS 0.36
CVE-2021-3177
CRITICAL
Python 3.6.0-3.9.1 - Buffer Overflow via Unsafe sprintf in PyCArg_repr
Jan 19, 2021
CVSS 9.8
EPSS 0.23
CVE-2020-10735
HIGH
Python 3.7.0-3.7.13 - Denial of Service via int() with Non-Binary Bases
Sep 09, 2022
CVSS 7.5
EPSS 0.04
CVE-2020-35655
MEDIUM
Pillow 4.3.0-8.0.0 - Out-of-bounds Read in SGIRleDecode
Jan 12, 2021
CVSS 5.4
EPSS 0.02
CVE-2020-35654
HIGH
Pillow < 8.1.0 - Heap-Based Buffer Overflow in TiffDecode
Jan 12, 2021
CVSS 8.8
EPSS 0.02
CVE-2020-35653
HIGH
Pillow < 8.1.0 - Out-of-bounds Read in PCX Decoder
Jan 12, 2021
CVSS 7.1
EPSS 0.01
CVE-2020-27619
CRITICAL
Python 3.0.0-3.9.0 - Remote Code Execution via CJK Codec Test HTTP Content
Oct 22, 2020
CVSS 9.8
EPSS 0.08
CVE-2020-26137
MEDIUM
urllib3 < 1.25.9 - CRLF Injection via HTTP Request Method
Sep 30, 2020
CVSS 6.5
EPSS 0.02
CVE-2020-26116
HIGH
Python 3.x < 3.5.10, 3.6.x < 3.6.12, 3.7.x < 3.7.9, 3.8.x < 3.8.5 - HTTP Header Injection via HTTPConnection.request
Sep 27, 2020
CVSS 7.2
EPSS 0.06
CVE-2020-15801
CRITICAL
Python 3.8.4 - Untrusted Search Path via sys.path Restriction Bypass
Jul 17, 2020
CVSS 9.8
EPSS 0.03
CVE-2020-15523
HIGH
Python 3.6-3.6.10, 3.7-3.7.8, 3.8-3.8.4rc1, 3.9-3.9.0b4 Windows - Uncontrolled Search Path
Jul 04, 2020
CVSS 7.8
EPSS 0.01
CVE-2020-11538
HIGH
Pillow < 7.0.0 - Out-of-bounds Read in SGI Image File Parser
Jun 25, 2020
CVSS 8.1
EPSS 0.03
CVE-2020-10994
MEDIUM
Pillow < 7.1.0 - Out-of-bounds Read via Crafted JP2 File
Jun 25, 2020
CVSS 5.5
EPSS 0.01
CVE-2020-10379
HIGH
Pillow < 7.1.0 - Buffer Overflow in libImaging/TiffDecode.c
Jun 25, 2020
CVSS 7.8
EPSS 0.01
CVE-2020-10378
MEDIUM
Pillow < 7.1.0 - Out-of-bounds Read in PCX Image Decoder
Jun 25, 2020
CVSS 5.5
EPSS 0.01
CVE-2020-10177
MEDIUM
Pillow < 7.1.0 - Out-of-bounds Read in FliDecode
Jun 25, 2020
CVSS 5.5
EPSS 0.01
CVE-2020-14422
MEDIUM
Python < 3.5.10 - Denial of Service via IPv4Interface and IPv6Interface Hash Calculation
Jun 18, 2020
CVSS 5.9
EPSS 0.13
CVE-2020-13388
CRITICAL
jw.util < 2.3 - OS Command Injection via YAML Configuration Loading
May 22, 2020
CVSS 9.8
EPSS 0.04
CVE-2020-7212
HIGH
urllib3 1.25.2-1.25.7 - Denial of Service via Inefficient Percent-Encoding Algorithm
Mar 06, 2020
CVSS 7.5
EPSS 0.03
CVE-2020-8492
MEDIUM
Python 2.7.0-2.7.17 - Regular Expression Denial of Service via urllib.request.AbstractBasicAuthHandler
Jan 30, 2020
CVSS 6.5
EPSS 0.07
CVE-2020-8315
MEDIUM
Python <3.6.11, <3.7.7, <3.8.2 - Info Disclosure
Jan 28, 2020
CVSS 5.5
EPSS 0.01
CVE-2020-5313
HIGH
Pillow < 6.2.2 - Out-of-bounds Read in FLI Buffer Handling
Jan 03, 2020
CVSS 7.1
EPSS 0.03
CVE-2020-5312
CRITICAL
Pillow < 6.2.2 - Buffer Overflow in PCX P Mode Decoder
Jan 03, 2020
CVSS 9.8
EPSS 0.04
Products
python 139
pillow 65
urllib3 19
requests 6
setuptools 4
keyring 3
black 2
pyxdg 2
typed_ast 2
Protobuf 1
beaker 1
cpython 1
hpack 1
hyper 1
jw.util 1
novajoin 1
openpyxl 1
py-bcrypt 1
pybluemonday 1
pymanager 1
pypi 1
pypiserver 1
python-gnupg 1
python_priority_library 1
pyxml 1
rply 1
rsa 1
tablib 1
tgcaptcha2 1
tkvideoplayer 1
Quick Filters