3.8.8

DATE	CVE	VULNERABILITY TITLE	RISK
2023-08-25	CVE-2023-40217	Unspecified vulnerability in Python An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. network low complexity python	5.3
2023-06-25	CVE-2023-36632	Uncontrolled Recursion vulnerability in Python The legacy email.utils.parseaddr function in Python through 3.11.4 allows attackers to trigger "RecursionError: maximum recursion depth exceeded while calling a Python object" via a crafted argument. network low complexity python CWE-674	7.5
2023-04-19	CVE-2023-27043	Improper Input Validation vulnerability in Python The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. network low complexity python CWE-20	5.3
2023-02-17	CVE-2023-24329	Improper Input Validation vulnerability in multiple products An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. network low complexity python fedoraproject netapp CWE-20	7.5
2022-11-09	CVE-2022-45061	Algorithmic Complexity vulnerability in multiple products An issue was discovered in Python before 3.11.1. network low complexity python fedoraproject netapp CWE-407	7.5
2022-11-07	CVE-2022-42919	Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. local low complexity python fedoraproject	7.8
2022-09-09	CVE-2020-10735	Incorrect Type Conversion or Cast vulnerability in multiple products A flaw was found in python. network low complexity python redhat fedoraproject CWE-704	7.5
2022-08-24	CVE-2021-4189	Unchecked Return Value vulnerability in multiple products A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode. network low complexity python debian redhat netapp CWE-252	5.3
2022-08-23	CVE-2021-28861	Open Redirect vulnerability in multiple products Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. network low complexity python fedoraproject CWE-601	7.4
2022-04-13	CVE-2015-20107	Command Injection vulnerability in multiple products In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. network low complexity python netapp fedoraproject CWE-77	7.6