Vulnerabilities > Python > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-09 | CVE-2022-0391 | Injection vulnerability in multiple products A flaw was found in Python, specifically within the urllib.parse module. | 7.5 |
| 2021-09-03 | CVE-2021-23437 | Out-of-bounds Read vulnerability in multiple products The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function. | 7.5 |
| 2021-06-29 | CVE-2021-33503 | Resource Exhaustion vulnerability in multiple products An issue was discovered in urllib3 before 1.26.5. | 7.5 |
| 2021-06-02 | CVE-2021-28676 | Infinite Loop vulnerability in multiple products An issue was discovered in Pillow before 8.2.0. | 7.5 |
| 2021-06-02 | CVE-2021-28677 | An issue was discovered in Pillow before 8.2.0. | 7.5 |
| 2021-03-19 | CVE-2021-25293 | Out-of-bounds Read vulnerability in Python Pillow An issue was discovered in Pillow before 8.1.1. | 7.5 |
| 2021-03-19 | CVE-2021-25291 | Out-of-bounds Read vulnerability in Python Pillow An issue was discovered in Pillow before 8.1.1. | 7.5 |
| 2021-03-19 | CVE-2021-25290 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in Pillow before 8.1.1. | 7.5 |
| 2021-03-03 | CVE-2021-27923 | Improper Input Validation vulnerability in multiple products Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICO container, and thus an attempted memory allocation can be very large. | 7.5 |
| 2021-03-03 | CVE-2021-27922 | Improper Input Validation vulnerability in multiple products Pillow before 8.1.1 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICNS container, and thus an attempted memory allocation can be very large. | 7.5 |