python
262 tracked vulnerabilities.
CVE-2019-9636
CRITICAL
Python 2.7.x-3.7.2 - Info Disclosure
Mar 08, 2019
CVSS 9.8
EPSS 0.09
CVE-2019-6802
MEDIUM
NUCLEI
pypiserver < 1.2.5 - CRLF Injection via URI
Jan 25, 2019
CVSS 6.1
EPSS 0.04
CVE-2018-25091
MEDIUM
urllib3 < 1.24.2 - Unauthenticated Credential Exposure via Cross-Origin Redirect
Oct 15, 2023
CVSS 6.1
EPSS 0.01
CVE-2018-25032
HIGH
zlib <1.2.12 - Memory Corruption
Mar 25, 2022
CVSS 7.5
EPSS 0.52
CVE-2018-20852
MEDIUM
Python 2.0-2.7.16 - Cookie Domain Validation Bypass in http.cookiejar.DefaultPolicy
Jul 13, 2019
CVSS 5.3
EPSS 0.04
CVE-2018-20406
HIGH
Python < 3.7.1 - Integer Overflow via Large LONG_BINPUT in _pickle Module
Dec 23, 2018
CVSS 7.5
EPSS 0.06
CVE-2018-20060
CRITICAL
urllib3 < 1.23 - Authorization Header Exposure via Cross-Origin Redirect
Dec 11, 2018
CVSS 9.8
EPSS 0.04
CVE-2018-18074
HIGH
python/requests < 2.20.0 - Credential Exposure via HTTPS-to-HTTP Redirect
Oct 09, 2018
CVSS 7.5
EPSS 0.07
CVE-2018-14647
HIGH
Python 2.7.0-2.7.15, 3.4.0-3.4.9, 3.5.0-3.5.6, 3.6.0-3.6.6, 3.7.0 - Denial of Service via Expat Hash Collisions
Sep 25, 2018
CVSS 7.5
EPSS 0.11
CVE-2018-1000802
CRITICAL
Python Software Foundation Python <2.7 - Command Injection
Sep 18, 2018
CVSS 9.8
EPSS 0.21
CVE-2018-1061
MEDIUM
Python < 2.7.15 - Denial of Service via Catastrophic Backtracking in difflib.IS_LINE_JUNK
Jun 19, 2018
CVSS 6.5
EPSS 0.05
CVE-2018-1060
HIGH
Python < 2.7.15 - Denial of Service via Catastrophic Backtracking in pop3lib apop()
Jun 18, 2018
CVSS 7.5
EPSS 0.05
CVE-2018-1000117
MEDIUM
CPython 3.2-3.6.4 - Buffer Overflow in os.symlink() on Windows
Mar 07, 2018
CVSS 6.7
EPSS 0.01
CVE-2018-1000030
LOW
Python < 2.7.14 - Heap-Buffer-Overflow and Use-After-Free via Race Condition
Feb 08, 2018
CVSS 3.6
EPSS 0.01
CVE-2017-20052
MEDIUM
Python 2.7.13 - Uncontrolled Search Path
Jun 16, 2022
CVSS 5.0
EPSS 0.01
CVE-2017-18207
MEDIUM
Python < 3.6.4 - Denial of Service via Crafted WAV File Channel Value
Mar 01, 2018
CVSS 6.5
EPSS 0.01
CVE-2017-17522
HIGH
Python < 3.6.3 - Argument Injection via BROWSER Environment Variable
Dec 14, 2017
CVSS 8.8
EPSS 0.04
CVE-2017-1000158
CRITICAL
CPython < 2.7.15 - Integer Overflow to Heap-Based Buffer Overflow in PyString_DecodeEscape
Nov 17, 2017
CVSS 9.8
EPSS 0.08
CVE-2017-9233
HIGH
libexpat < 2.2.0 - XML External Entity Injection via Malformed External Entity Definition
Jul 25, 2017
CVSS 7.5
EPSS 0.09
CVE-2017-2810
HIGH
Tablib 0.11.4 - Remote Code Execution via YAML Databook Loading
Jun 14, 2017
CVSS 7.5
EPSS 0.05
CVE-2017-5992
HIGH
openpyxl < 2.4.2 - XML External Entity Injection via Crafted .xlsx Document
Feb 15, 2017
CVSS 8.2
EPSS 0.01
CVE-2016-1000110
MEDIUM
Python < 2.7.13 - Open Redirect via HTTP_PROXY Variable
Nov 27, 2019
CVSS 6.1
EPSS 0.05
CVE-2016-9063
CRITICAL
Firefox < 50 - Integer Overflow in Expat XML Parser
Jun 11, 2018
CVSS 9.8
EPSS 0.06
CVE-2016-3076
MEDIUM
Pillow 2.5.0-3.1.1 - Heap-Based Buffer Overflow in j2k_encode_entry
Apr 24, 2017
CVSS 5.5
EPSS 0.03
CVE-2016-9015
LOW
Python urllib3 <1.19 - Info Disclosure
Jan 11, 2017
CVSS 3.7
EPSS 0.01
Products
python 139
pillow 65
urllib3 19
requests 6
setuptools 4
keyring 3
black 2
pyxdg 2
typed_ast 2
Protobuf 1
beaker 1
cpython 1
hpack 1
hyper 1
jw.util 1
novajoin 1
openpyxl 1
py-bcrypt 1
pybluemonday 1
pymanager 1
pypi 1
pypiserver 1
python-gnupg 1
python_priority_library 1
pyxml 1
rply 1
rsa 1
tablib 1
tgcaptcha2 1
tkvideoplayer 1
Quick Filters