Vulnerabilities > Python
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-23 | CVE-2022-40897 | Unspecified vulnerability in Python Setuptools Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. | 5.9 |
| 2022-11-14 | CVE-2022-45198 | Unspecified vulnerability in Python Pillow Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data (Data Amplification). | 7.5 |
| 2022-11-14 | CVE-2022-45199 | Resource Exhaustion vulnerability in Python Pillow Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL. | 7.5 |
| 2022-11-09 | CVE-2022-45061 | Resource Exhaustion vulnerability in multiple products An issue was discovered in Python before 3.11.1. | 7.5 |
| 2022-11-07 | CVE-2022-42919 | Unspecified vulnerability in Python Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. | 7.8 |
| 2022-10-21 | CVE-2022-37454 | Integer Overflow or Wraparound vulnerability in multiple products The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. network low complexity extended-keccak-code-package-project debian fedoraproject php python sha3-project pysha3-project pypy CWE-190 critical | 9.8 |
| 2022-09-09 | CVE-2020-10735 | Incorrect Type Conversion or Cast vulnerability in multiple products A flaw was found in python. | 7.5 |
| 2022-08-24 | CVE-2021-4189 | Unchecked Return Value vulnerability in multiple products A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode. | 5.3 |
| 2022-08-23 | CVE-2021-28861 | Open Redirect vulnerability in multiple products ** DISPUTED ** Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. | 7.4 |
| 2022-06-16 | CVE-2017-20052 | Uncontrolled Search Path Element vulnerability in Python 2.7.13 A vulnerability classified as problematic was found in Python 2.7.13. | 7.8 |