python

262 tracked vulnerabilities.

CVE-2021-27922 HIGH
Pillow < 8.1.2 - Denial of Service via ICNS Container Memory Allocation
Mar 03, 2021
CVSS 7.5
EPSS 0.05
CVE-2021-27921 HIGH
Pillow < 8.1.2 - Denial of Service via BLP Image Size Mismatch
Mar 03, 2021
CVSS 7.5
EPSS 0.03
CVE-2021-23336 MEDIUM
Python/cpython <3.6.13, <3.7.10, <3.8.8, <3.9.2 - Web Cache Poisoning
Feb 15, 2021
CVSS 5.9
EPSS 0.36
CVE-2021-3177 CRITICAL
Python 3.6.0-3.9.1 - Buffer Overflow via Unsafe sprintf in PyCArg_repr
Jan 19, 2021
CVSS 9.8
EPSS 0.23
CVE-2020-10735 HIGH
Python 3.7.0-3.7.13 - Denial of Service via int() with Non-Binary Bases
Sep 09, 2022
CVSS 7.5
EPSS 0.04
CVE-2020-35655 MEDIUM
Pillow 4.3.0-8.0.0 - Out-of-bounds Read in SGIRleDecode
Jan 12, 2021
CVSS 5.4
EPSS 0.02
CVE-2020-35654 HIGH
Pillow < 8.1.0 - Heap-Based Buffer Overflow in TiffDecode
Jan 12, 2021
CVSS 8.8
EPSS 0.02
CVE-2020-35653 HIGH
Pillow < 8.1.0 - Out-of-bounds Read in PCX Decoder
Jan 12, 2021
CVSS 7.1
EPSS 0.01
CVE-2020-27619 CRITICAL
Python 3.0.0-3.9.0 - Remote Code Execution via CJK Codec Test HTTP Content
Oct 22, 2020
CVSS 9.8
EPSS 0.08
CVE-2020-26137 MEDIUM
urllib3 < 1.25.9 - CRLF Injection via HTTP Request Method
Sep 30, 2020
CVSS 6.5
EPSS 0.02
CVE-2020-26116 HIGH
Python 3.x < 3.5.10, 3.6.x < 3.6.12, 3.7.x < 3.7.9, 3.8.x < 3.8.5 - HTTP Header Injection via HTTPConnection.request
Sep 27, 2020
CVSS 7.2
EPSS 0.06
CVE-2020-15801 CRITICAL
Python 3.8.4 - Untrusted Search Path via sys.path Restriction Bypass
Jul 17, 2020
CVSS 9.8
EPSS 0.03
CVE-2020-15523 HIGH
Python 3.6-3.6.10, 3.7-3.7.8, 3.8-3.8.4rc1, 3.9-3.9.0b4 Windows - Uncontrolled Search Path
Jul 04, 2020
CVSS 7.8
EPSS 0.01
CVE-2020-11538 HIGH
Pillow < 7.0.0 - Out-of-bounds Read in SGI Image File Parser
Jun 25, 2020
CVSS 8.1
EPSS 0.03
CVE-2020-10994 MEDIUM
Pillow < 7.1.0 - Out-of-bounds Read via Crafted JP2 File
Jun 25, 2020
CVSS 5.5
EPSS 0.01
CVE-2020-10379 HIGH
Pillow < 7.1.0 - Buffer Overflow in libImaging/TiffDecode.c
Jun 25, 2020
CVSS 7.8
EPSS 0.01
CVE-2020-10378 MEDIUM
Pillow < 7.1.0 - Out-of-bounds Read in PCX Image Decoder
Jun 25, 2020
CVSS 5.5
EPSS 0.01
CVE-2020-10177 MEDIUM
Pillow < 7.1.0 - Out-of-bounds Read in FliDecode
Jun 25, 2020
CVSS 5.5
EPSS 0.01
CVE-2020-14422 MEDIUM
Python < 3.5.10 - Denial of Service via IPv4Interface and IPv6Interface Hash Calculation
Jun 18, 2020
CVSS 5.9
EPSS 0.13
CVE-2020-13388 CRITICAL
jw.util < 2.3 - OS Command Injection via YAML Configuration Loading
May 22, 2020
CVSS 9.8
EPSS 0.04
CVE-2020-7212 HIGH
urllib3 1.25.2-1.25.7 - Denial of Service via Inefficient Percent-Encoding Algorithm
Mar 06, 2020
CVSS 7.5
EPSS 0.03
CVE-2020-8492 MEDIUM
Python 2.7.0-2.7.17 - Regular Expression Denial of Service via urllib.request.AbstractBasicAuthHandler
Jan 30, 2020
CVSS 6.5
EPSS 0.07
CVE-2020-8315 MEDIUM
Python <3.6.11, <3.7.7, <3.8.2 - Info Disclosure
Jan 28, 2020
CVSS 5.5
EPSS 0.01
CVE-2020-5313 HIGH
Pillow < 6.2.2 - Out-of-bounds Read in FLI Buffer Handling
Jan 03, 2020
CVSS 7.1
EPSS 0.03
CVE-2020-5312 CRITICAL
Pillow < 6.2.2 - Buffer Overflow in PCX P Mode Decoder
Jan 03, 2020
CVSS 9.8
EPSS 0.04