Vulnerabilities > Python > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-11-14 | CVE-2022-45199 | Resource Exhaustion vulnerability in Python Pillow Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL. | 7.5 |
2022-11-09 | CVE-2022-45061 | Algorithmic Complexity vulnerability in multiple products An issue was discovered in Python before 3.11.1. | 7.5 |
2022-11-07 | CVE-2022-42919 | Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. | 7.8 |
2022-09-09 | CVE-2020-10735 | Incorrect Type Conversion or Cast vulnerability in multiple products A flaw was found in python. | 7.5 |
2022-08-23 | CVE-2021-28861 | Open Redirect vulnerability in multiple products Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. | 7.4 |
2022-06-16 | CVE-2017-20052 | Unspecified vulnerability in Python 2.7.13 A vulnerability classified as problematic was found in Python 2.7.13. | 7.8 |
2022-04-13 | CVE-2015-20107 | Command Injection vulnerability in multiple products In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. | 7.6 |
2022-03-25 | CVE-2018-25032 | Out-of-bounds Write vulnerability in multiple products zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. | 7.5 |
2022-03-10 | CVE-2022-26488 | Untrusted Search Path vulnerability in multiple products In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. | 7.0 |
2022-03-04 | CVE-2021-3737 | Infinite Loop vulnerability in multiple products A flaw was found in python. | 7.5 |