Vulnerabilities > Python
|2022-05-08||CVE-2022-28470|| Unspecified vulnerability in Python Pypi |
marcador package in PyPI 0.1 through 0.13 included a code-execution backdoor.
| 7.5 |
|2022-05-06||CVE-2022-24902|| Resource Exhaustion vulnerability in Python Tkvideoplayer |
TkVideoplayer is a simple library to play video files in tkinter.
| 4.3 |
|2022-04-13||CVE-2015-20107|| Command Injection vulnerability in Python |
In Python (aka CPython) through 3.10.4, the mailcap module does not add escape characters into commands discovered in the system mailcap file.
| 10.0 |
|2022-03-28||CVE-2022-24303||Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled.|| 6.4 |
|2022-03-10||CVE-2022-26488|| Untrusted Search Path vulnerability in Python |
In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured.
| 4.4 |
|2022-03-10||CVE-2021-3733|| Resource Exhaustion vulnerability in multiple products |
There's a flaw in urllib's AbstractBasicAuthHandler class.
| 4.0 |
|2022-03-04||CVE-2021-3737|| Infinite Loop vulnerability in multiple products |
A flaw was found in python.
| 7.1 |
|2022-02-09||CVE-2022-0391|| Injection vulnerability in multiple products |
A flaw was found in Python, specifically within the urllib.parse module.
| 5.0 |
|2022-01-10||CVE-2022-22815|| Improper Initialization vulnerability in multiple products |
path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path.
| 6.4 |
|2022-01-10||CVE-2022-22816|| Out-of-bounds Read vulnerability in multiple products |
path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path.
| 6.4 |