Vulnerabilities > Python
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-05-25 | CVE-2022-30595 | Out-of-bounds Write vulnerability in Python Pillow 9.1.0 libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer overflow in the processing of invalid TGA image files. | 9.8 |
2022-05-08 | CVE-2022-28470 | Unspecified vulnerability in Python Pypi marcador package in PyPI 0.1 through 0.13 included a code-execution backdoor. | 9.8 |
2022-05-06 | CVE-2022-24902 | Resource Exhaustion vulnerability in Python Tkvideoplayer TkVideoplayer is a simple library to play video files in tkinter. | 4.3 |
2022-04-13 | CVE-2015-20107 | Command Injection vulnerability in multiple products In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. | 7.6 |
2022-03-28 | CVE-2022-24303 | Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled. | 9.1 |
2022-03-25 | CVE-2018-25032 | Out-of-bounds Write vulnerability in multiple products zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. | 7.5 |
2022-03-10 | CVE-2022-26488 | Untrusted Search Path vulnerability in multiple products In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. | 7.0 |
2022-03-10 | CVE-2021-3733 | Resource Exhaustion vulnerability in multiple products There's a flaw in urllib's AbstractBasicAuthHandler class. | 6.5 |
2022-03-04 | CVE-2021-3737 | Infinite Loop vulnerability in multiple products A flaw was found in python. | 7.5 |
2022-02-09 | CVE-2022-0391 | Injection vulnerability in multiple products A flaw was found in Python, specifically within the urllib.parse module. | 7.5 |