Vulnerabilities > Python
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-14 | CVE-2022-45199 | Resource Exhaustion vulnerability in Python Pillow Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL. | 7.5 |
| 2022-11-09 | CVE-2022-45061 | Algorithmic Complexity vulnerability in multiple products An issue was discovered in Python before 3.11.1. | 7.5 |
| 2022-11-07 | CVE-2022-42919 | Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. | 7.8 |
| 2022-10-21 | CVE-2022-37454 | Integer Overflow or Wraparound vulnerability in multiple products The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. network low complexity extended-keccak-code-package-project debian fedoraproject php python sha3-project pysha3-project pypy CWE-190 critical | 9.8 |
| 2022-09-09 | CVE-2020-10735 | Incorrect Type Conversion or Cast vulnerability in multiple products A flaw was found in python. | 7.5 |
| 2022-08-24 | CVE-2021-4189 | Unchecked Return Value vulnerability in multiple products A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode. | 5.3 |
| 2022-08-23 | CVE-2021-28861 | Open Redirect vulnerability in multiple products Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. | 7.4 |
| 2022-06-16 | CVE-2017-20052 | Uncontrolled Search Path Element vulnerability in Python 2.7.13 A vulnerability classified as problematic was found in Python 2.7.13. | 7.8 |
| 2022-05-25 | CVE-2022-30595 | Out-of-bounds Write vulnerability in Python Pillow 9.1.0 libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer overflow in the processing of invalid TGA image files. | 7.5 |
| 2022-05-08 | CVE-2022-28470 | Unspecified vulnerability in Python Pypi marcador package in PyPI 0.1 through 0.13 included a code-execution backdoor. | 7.5 |