python

250 tracked vulnerabilities.

CVE-2020-15523 HIGH
Python 3.6-3.6.10, 3.7-3.7.8, 3.8-3.8.4rc1, 3.9-3.9.0b4 Windows - Uncontrolled Search Path
Jul 04, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-11538 HIGH
Pillow < 7.0.0 - Out-of-bounds Read in SGI Image File Parser
Jun 25, 2020
CVSS 8.1
EPSS 0.00
CVE-2020-10994 MEDIUM
Pillow < 7.1.0 - Out-of-bounds Read via Crafted JP2 File
Jun 25, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-10379 HIGH
Pillow < 7.1.0 - Buffer Overflow in libImaging/TiffDecode.c
Jun 25, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-10378 MEDIUM
Pillow < 7.1.0 - Out-of-bounds Read in PCX Image Decoder
Jun 25, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-10177 MEDIUM
Pillow < 7.1.0 - Out-of-bounds Read in FliDecode
Jun 25, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-14422 MEDIUM
Python < 3.5.10 - Denial of Service via IPv4Interface and IPv6Interface Hash Calculation
Jun 18, 2020
CVSS 5.9
EPSS 0.01
CVE-2020-13388 CRITICAL
jw.util < 2.3 - OS Command Injection via YAML Configuration Loading
May 22, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-7212 HIGH
urllib3 1.25.2-1.25.7 - Denial of Service via Inefficient Percent-Encoding Algorithm
Mar 06, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-8492 MEDIUM
Python 2.7.0-2.7.17 - Regular Expression Denial of Service via urllib.request.AbstractBasicAuthHandler
Jan 30, 2020
CVSS 6.5
EPSS 0.03
CVE-2020-8315 MEDIUM
Python <3.6.11, <3.7.7, <3.8.2 - Info Disclosure
Jan 28, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-5313 HIGH
Pillow < 6.2.2 - Out-of-bounds Read in FLI Buffer Handling
Jan 03, 2020
CVSS 7.1
EPSS 0.01
CVE-2020-5312 CRITICAL
Pillow < 6.2.2 - Buffer Overflow in PCX P Mode Decoder
Jan 03, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-5311 CRITICAL
Pillow < 6.2.2 - Buffer Overflow in SGI Image Decoder
Jan 03, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-5310 HIGH
Pillow < 6.2.2 - Integer Overflow in TIFF Decoding
Jan 03, 2020
CVSS 8.8
EPSS 0.01
CVE-2019-20907 HIGH
Python < 3.5.10 - Denial of Service via Crafted TAR Archive
Jul 13, 2020
CVSS 7.5
EPSS 0.00
CVE-2019-9674 HIGH
Python < 3.8 - Denial of Service via ZIP Bomb
Feb 04, 2020
CVSS 7.5
EPSS 0.01
CVE-2019-19911 HIGH
Pillow < 6.2.2 - Denial of Service via FpxImagePlugin Integer Overflow
Jan 05, 2020
CVSS 7.5
EPSS 0.01
CVE-2019-19275 HIGH
typed_ast 1.3.0-1.3.1 - Out-of-bounds Read in ast_for_arguments
Nov 26, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-19274 HIGH
typed_ast <1.3.2 - Memory Corruption
Nov 26, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-5010 HIGH
Python 2.7.0-2.7.15 - Denial of Service via X509 Certificate NULL Pointer Dereference
Oct 31, 2019
CVSS 7.5
EPSS 0.05
CVE-2019-18348 MEDIUM
Python 2.x < 2.7.17 - CRLF Injection via urllib/urllib2 URL Host Component
Oct 23, 2019
CVSS 6.1
EPSS 0.03
CVE-2019-17514 HIGH
Python - Incorrect Calculation in glob.glob Documentation
Oct 12, 2019
CVSS 7.5
EPSS 0.02
CVE-2019-16865 HIGH
Pillow < 6.2.0 - Denial of Service via Crafted Invalid Image Files
Oct 04, 2019
CVSS 7.5
EPSS 0.04
CVE-2019-16935 MEDIUM
Python < 2.7.17 - Cross-Site Scripting via DocXMLRPCServer server_title Field
Sep 28, 2019
CVSS 6.1
EPSS 0.02
Products
python 132 pillow 60 urllib3 19 requests 6 keyring 3 setuptools 3 black 2 pyxdg 2 typed_ast 2 Protobuf 1 beaker 1 cpython 1 hpack 1 hyper 1 jw.util 1 novajoin 1 openpyxl 1 py-bcrypt 1 pybluemonday 1 pymanager 1 pypi 1 pypiserver 1 python-gnupg 1 python_priority_library 1 pyxml 1 rply 1 rsa 1 tablib 1 tgcaptcha2 1 tkvideoplayer 1
Quick Filters
Critical CVEs With Exploits In CISA KEV