Vulnerabilities > Python > Python > 2.3.7
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-08-25 | CVE-2023-40217 | Unspecified vulnerability in Python An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. | 5.3 |
2023-08-22 | CVE-2022-48560 | Use After Free vulnerability in multiple products A use-after-free exists in Python through 3.9 via heappushpop in heapq. | 7.5 |
2023-08-22 | CVE-2022-48564 | Resource Exhaustion vulnerability in multiple products read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format. | 6.5 |
2023-08-22 | CVE-2022-48565 | XXE vulnerability in multiple products An XML External Entity (XXE) issue was discovered in Python through 3.9.1. | 9.8 |
2023-08-22 | CVE-2022-48566 | Race Condition vulnerability in multiple products An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1. | 5.9 |
2023-06-25 | CVE-2023-36632 | Uncontrolled Recursion vulnerability in Python The legacy email.utils.parseaddr function in Python through 3.11.4 allows attackers to trigger "RecursionError: maximum recursion depth exceeded while calling a Python object" via a crafted argument. | 7.5 |
2023-04-19 | CVE-2023-27043 | Improper Input Validation vulnerability in Python The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. | 5.3 |
2023-02-17 | CVE-2023-24329 | Improper Input Validation vulnerability in multiple products An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. | 7.5 |
2022-11-09 | CVE-2022-45061 | Algorithmic Complexity vulnerability in multiple products An issue was discovered in Python before 3.11.1. | 7.5 |
2022-03-10 | CVE-2022-26488 | Untrusted Search Path vulnerability in multiple products In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. | 7.0 |