Vulnerabilities > Python > Python > 3.3.3

DATE CVE VULNERABILITY TITLE RISK
2023-08-25 CVE-2023-40217 Unspecified vulnerability in Python
An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5.
network
low complexity
python
5.3
5.3
2023-08-22 CVE-2022-48560 Use After Free vulnerability in multiple products
A use-after-free exists in Python through 3.9 via heappushpop in heapq.
network
low complexity
python debian CWE-416
7.5
7.5
2023-08-22 CVE-2022-48564 Resource Exhaustion vulnerability in multiple products
read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format.
network
low complexity
python netapp CWE-400
6.5
6.5
2023-08-22 CVE-2022-48565 XXE vulnerability in multiple products
An XML External Entity (XXE) issue was discovered in Python through 3.9.1.
network
low complexity
python debian CWE-611
critical
 9.8
9.8
2023-08-22 CVE-2022-48566 Race Condition vulnerability in multiple products
An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1.
network
high complexity
python debian netapp CWE-362
5.9
5.9
2023-06-25 CVE-2023-36632 Uncontrolled Recursion vulnerability in Python
The legacy email.utils.parseaddr function in Python through 3.11.4 allows attackers to trigger "RecursionError: maximum recursion depth exceeded while calling a Python object" via a crafted argument.
network
low complexity
python CWE-674
7.5
7.5
2023-04-19 CVE-2023-27043 Improper Input Validation vulnerability in Python
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character.
network
low complexity
python CWE-20
5.3
5.3
2023-02-17 CVE-2023-24329 Improper Input Validation vulnerability in multiple products
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.
network
low complexity
python fedoraproject netapp CWE-20
7.5
7.5
2022-11-09 CVE-2022-45061 Algorithmic Complexity vulnerability in multiple products
An issue was discovered in Python before 3.11.1.
network
low complexity
python fedoraproject netapp CWE-407
7.5
7.5
2022-08-23 CVE-2021-28861 Open Redirect vulnerability in multiple products
Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure.
network
low complexity
python fedoraproject CWE-601
7.4
7.4