Search CVE reports

21 – 30 of 39 results

Detailed view

Sort by:

CVE-2023-33595

Medium priority

Not affected

CPython v3.12.0 alpha 7 was discovered to contain a heap use-after-free via the function ascii_decode at /Objects/unicodeobject.c.

11 affected packages

python, python2.7, python3.10, python3.11, python3.12...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
python	—	Not in release	Not in release	Ignored	Ignored
python2.7	—	Not affected	Not affected	Not affected	Not affected
python3.10	—	Not affected	Not in release	Not in release	Not in release
python3.11	—	Not affected	Not in release	Not in release	Not in release
python3.12	—	Not in release	Not in release	Not in release	Not in release
python3.4	—	Not in release	Not in release	Not in release	Not in release
python3.5	—	Not in release	Not in release	Not in release	Not affected
python3.6	—	Not in release	Not in release	Not affected	Not in release
python3.7	—	Not in release	Not in release	Not affected	Not in release
python3.8	—	Not in release	Not affected	Not affected	Not in release
python3.9	—	Not in release	Not affected	Not in release	Not in release

CVE-2023-27043

Medium priority

Some fixes available 3 of 21

The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker...

11 affected packages

python2.7, python3.10, python3.11, python3.12, python3.13...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
python2.7	Not in release	Vulnerable	Vulnerable	Vulnerable	Vulnerable
python3.10	Not in release	Fixed	Not in release	Not in release	Not in release
python3.11	Not in release	Vulnerable	Not in release	Not in release	Not in release
python3.12	Fixed	Not in release	Not in release	Not in release	Not in release
python3.13	Not in release	Not in release	Not in release	Not in release	Not in release
python3.4	Not in release	Not in release	Not in release	Not in release	Not in release
python3.5	Not in release	Not in release	Not in release	Not in release	Vulnerable
python3.6	Not in release	Not in release	Not in release	Vulnerable	Not in release
python3.7	Not in release	Not in release	Not in release	Vulnerable	Not in release
python3.8	Not in release	Not in release	Fixed	Vulnerable	Not in release
python3.9	Not in release	Not in release	Vulnerable	Not in release	Not in release

CVE-2023-24329

Medium priority

Some fixes available 11 of 18

An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.

9 affected packages

python2.7, python3.10, python3.11, python3.4, python3.5...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
python2.7	Not in release	Vulnerable	Vulnerable	Vulnerable	Fixed
python3.10	Not in release	Fixed	Not in release	Not in release	Not in release
python3.11	Not in release	Vulnerable	Not in release	Not in release	Not in release
python3.4	—	Not in release	Not in release	Not in release	Not in release
python3.5	—	Not in release	Not in release	Not in release	Fixed
python3.6	—	Not in release	Not in release	Fixed	Not in release
python3.7	—	Not in release	Not in release	Fixed	Not in release
python3.8	—	Not in release	Fixed	Fixed	Not in release
python3.9	—	Not in release	Fixed	Not in release	Not in release

CVE-2022-45061

Medium priority

Some fixes available 12 of 18

An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the...

10 affected packages

python, python2.7, python3.10, python3.11, python3.4...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
python	—	Not in release	Not in release	Not in release	Ignored
python2.7	Not in release	Needs evaluation	Needs evaluation	Fixed	Fixed
python3.10	Not in release	Fixed	Not in release	Not in release	Not in release
python3.11	Not in release	Vulnerable	Not in release	Not in release	Not in release
python3.4	—	Not in release	Not in release	Not in release	Not in release
python3.5	—	Not in release	Not in release	Not in release	Fixed
python3.6	—	Not in release	Not in release	Fixed	Not in release
python3.7	—	Not in release	Not in release	Fixed	Not in release
python3.8	—	Not in release	Fixed	Fixed	Not in release
python3.9	—	Not in release	Fixed	Not in release	Not in release

CVE-2022-42919

High priority

Some fixes available 3 of 5

Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles...

9 affected packages

python2.7, python3.10, python3.11, python3.4, python3.5...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
python2.7	Not in release	Not affected	Not affected	Not affected	Not affected
python3.10	Not in release	Fixed	Not in release	Not in release	Not in release
python3.11	Not in release	Vulnerable	Not in release	Not in release	Not in release
python3.4	—	Not in release	Not in release	Not in release	Not in release
python3.5	—	Not in release	Not in release	Not in release	Not affected
python3.6	—	Not in release	Not in release	Not affected	Not in release
python3.7	—	Not in release	Not in release	Not affected	Not in release
python3.8	—	Not in release	Not affected	Not affected	Not in release
python3.9	—	Not in release	Fixed	Not in release	Not in release

CVE-2022-37454

Medium priority

Some fixes available 16 of 20

The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the...

13 affected packages

php5, php7.0, php7.2, php7.4, php8.1...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
php5	—	Not in release	Not in release	Not in release	Not in release
php7.0	—	Not in release	Not in release	Not in release	Not affected
php7.2	—	Not in release	Not in release	Fixed	Not in release
php7.4	—	Not in release	Fixed	Not in release	Not in release
php8.1	Not in release	Fixed	Not in release	Not in release	Not in release
pypy3	Not affected	Fixed	Fixed	Not in release	Ignored
pysha3	Not in release	Fixed	Fixed	Needs evaluation	Needs evaluation
python3.10	Not in release	Fixed	Not in release	Not in release	Not in release
python3.11	Not in release	Not affected	Not in release	Not in release	Not in release
python3.6	—	Not in release	Not in release	Fixed	Not in release
python3.7	—	Not in release	Not in release	Fixed	Not in release
python3.8	—	Not in release	Fixed	Fixed	Not in release
python3.9	—	Not in release	Fixed	Not in release	Not in release

CVE-2020-10735

Negligible priority

Ignored

A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int("text"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits...

9 affected packages

python, python2.7, python3.10, python3.4, python3.5...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
python	—	Not in release	Not in release	Not in release	Ignored
python2.7	—	Ignored	Ignored	Ignored	Ignored
python3.10	—	Ignored	Not in release	Not in release	Ignored
python3.4	—	Not in release	Not in release	Not in release	Ignored
python3.5	—	Not in release	Not in release	Not in release	Ignored
python3.6	—	Not in release	Not in release	Ignored	Ignored
python3.7	—	Not in release	Not in release	Ignored	Ignored
python3.8	—	Not in release	Ignored	Ignored	Ignored
python3.9	—	Not in release	Ignored	Not in release	Ignored

CVE-2021-28861

Low priority

Fixed

** DISPUTED ** Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is...

9 affected packages

python2.7, python3.10, python3.11, python3.4, python3.5...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
python2.7	—	Not affected	Not affected	Not affected	Not affected
python3.10	—	Fixed	Not in release	Not in release	Not in release
python3.11	—	Not affected	Not in release	Not in release	Not in release
python3.4	—	Not in release	Not in release	Not in release	Not in release
python3.5	—	Not in release	Not in release	Not in release	Fixed
python3.6	—	Not in release	Not in release	Not affected	Not in release
python3.7	—	Not in release	Not in release	Not affected	Not in release
python3.8	—	Not in release	Not affected	Not affected	Not in release
python3.9	—	Not in release	Fixed	Not in release	Not in release

CVE-2017-20052

Medium priority

Not affected

A vulnerability classified as problematic was found in Python 2.7.13. This vulnerability affects unknown code of the component pgAdmin4. The manipulation leads to uncontrolled search path. The attack can be initiated remotely. The...

9 affected packages

python, python2.7, python3.10, python3.4, python3.5...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
python	—	—	—	—	—
python2.7	—	Not affected	Not affected	Not affected	Not affected
python3.10	—	Not affected	Not in release	Not in release	Not in release
python3.4	—	Not in release	Not in release	Not in release	Not in release
python3.5	—	Not in release	Not in release	Not in release	Not affected
python3.6	—	Not in release	Not in release	Not affected	Not in release
python3.7	—	Not in release	Not in release	Not affected	Not in release
python3.8	—	Not in release	Not affected	Not affected	Not in release
python3.9	—	Not in release	Not affected	Not in release	Not in release

CVE-2015-20107

Low priority

Some fixes available 17 of 18

In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that...

8 affected packages

python2.7, python3.10, python3.4, python3.5, python3.6...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
python2.7	Not in release	Fixed	Fixed	Fixed	Fixed
python3.10	Not in release	Fixed	Not in release	Not in release	Not in release
python3.4	Not in release	Not in release	Not in release	Not in release	Not in release
python3.5	Not in release	Not in release	Not in release	Not in release	Fixed
python3.6	Not in release	Not in release	Not in release	Fixed	Not in release
python3.7	Not in release	Not in release	Not in release	Fixed	Not in release
python3.8	Not in release	Not in release	Fixed	Fixed	Not in release
python3.9	Not in release	Not in release	Fixed	Not in release	Not in release

Export to JSON

Results by page: