python

250 tracked vulnerabilities.

CVE-2016-4009 CRITICAL
Pillow < 3.1.1 - Heap-Based Buffer Overflow via Negative Resample Size
Apr 13, 2016
CVSS 9.8
EPSS 0.05
CVE-2016-2533 MEDIUM
Pillow < 3.1.1 - Buffer Overflow in ImagingPcdDecode
Apr 13, 2016
CVSS 6.5
EPSS 0.02
CVE-2016-0775 MEDIUM
Pillow < 3.1.1 - Buffer Overflow in FLI File Decoder
Apr 13, 2016
CVSS 6.5
EPSS 0.01
CVE-2016-0740 MEDIUM
Pillow < 3.1.1 - Buffer Overflow in TIFF Image Decoding
Apr 13, 2016
CVSS 6.5
EPSS 0.00
CVE-2016-1494 MEDIUM
Python-RSA < 3.3 - Signature Spoofing via BERserk Padding Attack
Jan 13, 2016
CVSS 5.3
EPSS 0.03
CVE-2015-20107 HIGH
Python < 3.7.15 - Command Injection via mailcap Module
Apr 13, 2022
CVSS 7.6
EPSS 0.01
CVE-2015-5652
Python <3.5.0 - Privilege Escalation
Oct 06, 2015
EPSS 0.00
CVE-2015-1283
Google Chrome < 43.0.2357.134 - Integer Overflow via Crafted XML Data
Jul 23, 2015
EPSS 0.01
CVE-2015-2296
requests <2.5.3 - Server-Side Request Forgery
Mar 18, 2015
EPSS 0.01
CVE-2014-4650 CRITICAL
Python 2.7.5 and 3.3.4 - Path Traversal via URL-Encoded Path Separators
Feb 20, 2020
CVSS 9.8
EPSS 0.07
CVE-2014-4616 MEDIUM
Python 2.7.0-2.7.6 and simplejson < 2.6.1 - Memory Read via Negative Array Index in _json raw_decode
Aug 24, 2017
CVSS 5.9
EPSS 0.00
CVE-2014-3598
Opensuse < 2.5.2 - Resource Management Error
May 01, 2015
EPSS 0.00
CVE-2014-9601
Pillow < 2.7.0 - Denial of Service via Decompressed PNG Text Chunk
Jan 16, 2015
EPSS 0.01
CVE-2014-9365
CPython 2.x <2.7.9 & 3.x <3.4.3 - Man-in-the-Middle
Dec 12, 2014
EPSS 0.03
CVE-2014-2667
Python 3.2-3.5 - Race Condition in _get_masked_mode Function
Nov 16, 2014
EPSS 0.00
CVE-2014-1830
Requests <2.3.0 - Info Disclosure
Oct 15, 2014
EPSS 0.00
CVE-2014-1829
Requests <2.3.0 - Info Disclosure
Oct 15, 2014
EPSS 0.00
CVE-2014-7185
Python < 2.7.8 - Information Disclosure via Buffer Object Integer Overflow
Oct 08, 2014
EPSS 0.01
CVE-2014-3589
Debian Python-imaging < 2.3.1 - Improper Input Validation
Aug 25, 2014
EPSS 0.01
CVE-2014-0224 HIGH
SSL Labs API Client
Jun 05, 2014
CVSS 7.4
EPSS 0.90
CVE-2014-3007
Pillow < 2.5.0 - OS Command Injection in JpegImagePlugin
Apr 27, 2014
EPSS 0.04
CVE-2014-1933
PIL/Pillow <2.3.1 - Info Disclosure
Apr 17, 2014
EPSS 0.00
CVE-2014-1932
Pillow < 2.3.1 - Arbitrary File Write via Symlink Attack on Temporary Files
Apr 17, 2014
EPSS 0.00
CVE-2014-1912
Python <2.7.7, <3.3.4, <3.4rc1 - Buffer Overflow
Mar 01, 2014
EPSS 0.34
CVE-2014-1624
python-xdg 0.25 - Local Privilege Escalation
Jan 28, 2014
EPSS 0.00
Products
python 132 pillow 60 urllib3 19 requests 6 keyring 3 setuptools 3 black 2 pyxdg 2 typed_ast 2 Protobuf 1 beaker 1 cpython 1 hpack 1 hyper 1 jw.util 1 novajoin 1 openpyxl 1 py-bcrypt 1 pybluemonday 1 pymanager 1 pypi 1 pypiserver 1 python-gnupg 1 python_priority_library 1 pyxml 1 rply 1 rsa 1 tablib 1 tgcaptcha2 1 tkvideoplayer 1
Quick Filters
Critical CVEs With Exploits In CISA KEV