Vulnerabilities > Python > Python > 3.9.4

DATE CVE VULNERABILITY TITLE RISK
2022-03-25 CVE-2018-25032 Out-of-bounds Write vulnerability in multiple products
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. 		7.5
7.5
2022-03-10 CVE-2022-26488 Untrusted Search Path vulnerability in multiple products
In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured.
local
high complexity
python netapp CWE-426
7.0
7.0
2022-03-10 CVE-2021-3733 Resource Exhaustion vulnerability in multiple products
There's a flaw in urllib's AbstractBasicAuthHandler class.
network
low complexity
python redhat fedoraproject netapp CWE-400
6.5
6.5
2022-03-04 CVE-2021-3737 Infinite Loop vulnerability in multiple products
A flaw was found in python. 		7.5
7.5
2022-02-09 CVE-2022-0391 Injection vulnerability in multiple products
A flaw was found in Python, specifically within the urllib.parse module.
network
low complexity
python netapp fedoraproject oracle CWE-74
7.5
7.5
2021-05-06 CVE-2021-29921 In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string.
network
low complexity
python oracle
critical
 9.8
9.8
2019-06-19 CVE-2019-12900 Out-of-bounds Write vulnerability in multiple products
BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.
network
low complexity
bzip debian opensuse canonical freebsd python CWE-787
critical
 9.8
9.8
2016-06-30 CVE-2016-3189 Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block.
network
low complexity
bzip python
6.5
6.5