Vulnerabilities > Python

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-30	CVE-2020-26137	Injection vulnerability in multiple products urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). network low complexity python canonical debian oracle CWE-74	6.5
2020-09-27	CVE-2020-26116	Injection vulnerability in multiple products http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request. network low complexity python fedoraproject canonical netapp debian oracle opensuse CWE-74	7.2
2020-07-17	CVE-2020-15801	Untrusted Search Path vulnerability in multiple products In Python 3.8.4, sys.path restrictions specified in a python38._pth file are ignored, allowing code to be loaded from arbitrary locations. network low complexity python netapp CWE-426 critical	9.8
2020-07-13	CVE-2019-20907	Infinite Loop vulnerability in multiple products In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation. network low complexity python opensuse debian fedoraproject canonical netapp oracle CWE-835	7.5
2020-07-04	CVE-2020-15523	Use of Uninitialized Resource vulnerability in multiple products In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, and 3.9 through 3.9.0b4 on Windows, a Trojan horse python3.dll might be used in cases where CPython is embedded in a native application. local low complexity python netapp CWE-908	7.8
2020-06-25	CVE-2020-11538	Out-of-bounds Read vulnerability in multiple products In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311. network high complexity python fedoraproject canonical CWE-125	8.1
2020-06-25	CVE-2020-10994	Out-of-bounds Read vulnerability in multiple products In libImaging/Jpeg2KDecode.c in Pillow before 7.1.0, there are multiple out-of-bounds reads via a crafted JP2 file. local low complexity python fedoraproject canonical CWE-125	5.5
2020-06-25	CVE-2020-10379	Classic Buffer Overflow vulnerability in multiple products In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c. local low complexity python fedoraproject canonical CWE-120	7.8
2020-06-25	CVE-2020-10378	Out-of-bounds Read vulnerability in multiple products In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds read can occur when reading PCX files where state->shuffle is instructed to read beyond state->buffer. local low complexity python fedoraproject canonical CWE-125	5.5
2020-06-25	CVE-2020-10177	Out-of-bounds Read vulnerability in multiple products Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c. local low complexity python debian fedoraproject canonical CWE-125	5.5

Vulnerabilities > Python {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Python"}]}

Vulnerabilities > Python