Vulnerabilities > Python

DATE CVE VULNERABILITY TITLE RISK
2021-09-03 CVE-2021-23437 Out-of-bounds Read vulnerability in Python Pillow
The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function.
network
low complexity
python CWE-125
5.0
2021-07-13 CVE-2021-34552 Classic Buffer Overflow vulnerability in multiple products
Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c.
network
low complexity
python debian fedoraproject CWE-120
7.5
2021-06-29 CVE-2021-33503 Resource Exhaustion vulnerability in multiple products
An issue was discovered in urllib3 before 1.26.5.
network
low complexity
python fedoraproject CWE-400
5.0
2021-06-02 CVE-2021-25287 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in Pillow before 8.2.0.
network
low complexity
python fedoraproject CWE-125
6.4
2021-06-02 CVE-2021-25288 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in Pillow before 8.2.0.
network
low complexity
python fedoraproject CWE-125
6.4
2021-06-02 CVE-2021-28676 Infinite Loop vulnerability in multiple products
An issue was discovered in Pillow before 8.2.0.
network
low complexity
python fedoraproject CWE-835
5.0
2021-06-02 CVE-2021-28677 An issue was discovered in Pillow before 8.2.0.
network
low complexity
python fedoraproject
5.0
2021-06-02 CVE-2021-28678 Insufficient Verification of Data Authenticity vulnerability in multiple products
An issue was discovered in Pillow before 8.2.0.
4.3
2021-06-02 CVE-2021-28675 Unchecked Return Value vulnerability in multiple products
An issue was discovered in Pillow before 8.2.0.
4.3
2021-05-20 CVE-2021-3426 Information Exposure vulnerability in multiple products
There's a flaw in Python 3's pydoc.
2.7