python
262 tracked vulnerabilities.
CVE-2020-5311
CRITICAL
Pillow < 6.2.2 - Buffer Overflow in SGI Image Decoder
Jan 03, 2020
CVSS 9.8
EPSS 0.04
CVE-2020-5310
HIGH
Pillow < 6.2.2 - Integer Overflow in TIFF Decoding
Jan 03, 2020
CVSS 8.8
EPSS 0.02
CVE-2019-20907
HIGH
Python < 3.5.10 - Denial of Service via Crafted TAR Archive
Jul 13, 2020
CVSS 7.5
EPSS 0.06
CVE-2019-9674
HIGH
Python < 3.8 - Denial of Service via ZIP Bomb
Feb 04, 2020
CVSS 7.5
EPSS 0.06
CVE-2019-19911
HIGH
Pillow < 6.2.2 - Denial of Service via FpxImagePlugin Integer Overflow
Jan 05, 2020
CVSS 7.5
EPSS 0.02
CVE-2019-19275
HIGH
typed_ast 1.3.0-1.3.1 - Out-of-bounds Read in ast_for_arguments
Nov 26, 2019
CVSS 7.5
EPSS 0.03
CVE-2019-19274
HIGH
typed_ast <1.3.2 - Memory Corruption
Nov 26, 2019
CVSS 7.5
EPSS 0.03
CVE-2019-5010
HIGH
Python 2.7.0-2.7.15 - Denial of Service via X509 Certificate NULL Pointer Dereference
Oct 31, 2019
CVSS 7.5
EPSS 0.21
CVE-2019-18348
MEDIUM
Python 2.x < 2.7.17 - CRLF Injection via urllib/urllib2 URL Host Component
Oct 23, 2019
CVSS 6.1
EPSS 0.04
CVE-2019-17514
HIGH
Python - Incorrect Calculation in glob.glob Documentation
Oct 12, 2019
CVSS 7.5
EPSS 0.05
CVE-2019-16865
HIGH
Pillow < 6.2.0 - Denial of Service via Crafted Invalid Image Files
Oct 04, 2019
CVSS 7.5
EPSS 0.03
CVE-2019-16935
MEDIUM
Python < 2.7.17 - Cross-Site Scripting via DocXMLRPCServer server_title Field
Sep 28, 2019
CVSS 6.1
EPSS 0.05
CVE-2019-16056
HIGH
Python < 2.7.16, 3.x < 3.5.8, 3.6.x < 3.6.10, 3.7.x < 3.7.5 - Email Address Parsing Bypass via Multiple @ Characters
Sep 06, 2019
CVSS 7.5
EPSS 0.05
CVE-2019-15903
HIGH
libexpat < 2.2.8 - XML External Entity Injection via DTD Parsing
Sep 04, 2019
CVSS 7.5
EPSS 0.07
CVE-2019-10138
HIGH
python-novajoin <1.1.1 - Privilege Escalation
Jul 30, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-13404
HIGH
Python < 2.7.16 - Unprotected User Data Exposure via Default Installation Directory
Jul 08, 2019
CVSS 7.8
EPSS 0.01
CVE-2019-12900
CRITICAL
bzip2 < 1.0.6 - Out-of-bounds Write in BZ2_decompress
Jun 19, 2019
CVSS 9.8
EPSS 0.08
CVE-2019-10160
CRITICAL
Python 2.7.0-2.7.16, 3.5, 3.6, 3.7, 3.8.0a4-3.8.0b1 - URL Parsing Security Regression
Jun 07, 2019
CVSS 9.8
EPSS 0.05
CVE-2019-12761
HIGH
PyXDG < 0.26 - Code Injection via Menu XML Category Element
Jun 06, 2019
CVSS 7.5
EPSS 0.02
CVE-2019-11324
HIGH
urllib3 < 1.24.2 - Improper Certificate Validation via SSL Context Handling
Apr 18, 2019
CVSS 7.5
EPSS 0.03
CVE-2019-11236
MEDIUM
urllib3 < 1.24.2 - CRLF Injection via Request Parameter
Apr 15, 2019
CVSS 6.1
EPSS 0.02
CVE-2019-9948
CRITICAL
Python 2.x < 2.7.17 - Path Traversal via local_file URI Scheme
Mar 23, 2019
CVSS 9.1
EPSS 0.12
CVE-2019-9947
MEDIUM
Python 2.x-2.7.16 & Python 3.x-3.7.3 - CRLF Injection
Mar 23, 2019
CVSS 6.1
EPSS 0.06
CVE-2019-6690
HIGH
python-gnupg 0.4.3 - Improper Input Validation
Mar 21, 2019
CVSS 7.5
EPSS 0.09
CVE-2019-9740
MEDIUM
Python < 2.7.17 - CRLF Injection via URL Parameter
Mar 13, 2019
CVSS 6.1
EPSS 0.05
Products
python 139
pillow 65
urllib3 19
requests 6
setuptools 4
keyring 3
black 2
pyxdg 2
typed_ast 2
Protobuf 1
beaker 1
cpython 1
hpack 1
hyper 1
jw.util 1
novajoin 1
openpyxl 1
py-bcrypt 1
pybluemonday 1
pymanager 1
pypi 1
pypiserver 1
python-gnupg 1
python_priority_library 1
pyxml 1
rply 1
rsa 1
tablib 1
tgcaptcha2 1
tkvideoplayer 1
Quick Filters