Vulnerabilities > Python

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-10	CVE-2022-22817	PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. network low complexity python debian critical	9.8
2021-10-18	CVE-2021-42576	The bluemonday sanitizer before 1.0.16 for Go, and before 0.0.8 for Python (in pybluemonday), does not properly enforce policies associated with the SELECT, STYLE, and OPTION elements. network low complexity microco python critical	9.8
2021-09-03	CVE-2021-23437	Out-of-bounds Read vulnerability in multiple products The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function. network low complexity python fedoraproject CWE-125	7.5
2021-07-13	CVE-2021-34552	Classic Buffer Overflow vulnerability in multiple products Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c. network low complexity python debian fedoraproject CWE-120 critical	9.8
2021-06-29	CVE-2021-33503	Resource Exhaustion vulnerability in multiple products An issue was discovered in urllib3 before 1.26.5. network low complexity python fedoraproject oracle CWE-400	7.5
2021-06-02	CVE-2021-25287	Out-of-bounds Read vulnerability in multiple products An issue was discovered in Pillow before 8.2.0. network low complexity python fedoraproject CWE-125 critical	9.1
2021-06-02	CVE-2021-25288	Out-of-bounds Read vulnerability in multiple products An issue was discovered in Pillow before 8.2.0. network low complexity python fedoraproject CWE-125 critical	9.1
2021-06-02	CVE-2021-28676	Infinite Loop vulnerability in multiple products An issue was discovered in Pillow before 8.2.0. network low complexity python fedoraproject CWE-835	7.5
2021-06-02	CVE-2021-28677	An issue was discovered in Pillow before 8.2.0. network low complexity python fedoraproject	7.5
2021-06-02	CVE-2021-28678	Insufficient Verification of Data Authenticity vulnerability in multiple products An issue was discovered in Pillow before 8.2.0. local low complexity python fedoraproject CWE-345	5.5

Vulnerabilities > Python {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Python"}]}

Vulnerabilities > Python