Vulnerabilities > Python

DATE CVE VULNERABILITY TITLE RISK
2022-06-16 CVE-2017-20052 Uncontrolled Search Path Element vulnerability in Python 2.7.13
A vulnerability classified as problematic was found in Python 2.7.13.
local
python CWE-427
4.4
2022-05-25 CVE-2022-30595 Out-of-bounds Write vulnerability in Python Pillow 9.1.0
libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer overflow in the processing of invalid TGA image files.
network
low complexity
python CWE-787
7.5
2022-05-08 CVE-2022-28470 Unspecified vulnerability in Python Pypi
marcador package in PyPI 0.1 through 0.13 included a code-execution backdoor.
network
low complexity
python
7.5
2022-05-06 CVE-2022-24902 Resource Exhaustion vulnerability in Python Tkvideoplayer
TkVideoplayer is a simple library to play video files in tkinter.
network
python CWE-400
4.3
2022-04-13 CVE-2015-20107 Command Injection vulnerability in Python
In Python (aka CPython) through 3.10.4, the mailcap module does not add escape characters into commands discovered in the system mailcap file.
network
low complexity
python CWE-77
critical
10.0
2022-03-28 CVE-2022-24303 Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled.
network
low complexity
python fedoraproject
6.4
2022-03-25 CVE-2018-25032 Out-of-bounds Write vulnerability in multiple products
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
5.0
2022-03-10 CVE-2022-26488 Untrusted Search Path vulnerability in multiple products
In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured.
4.4
2022-03-10 CVE-2021-3733 Resource Exhaustion vulnerability in multiple products
There's a flaw in urllib's AbstractBasicAuthHandler class.
network
low complexity
python redhat fedoraproject netapp CWE-400
4.0
2022-03-04 CVE-2021-3737 Infinite Loop vulnerability in multiple products
A flaw was found in python.
7.1