Latest Python Vulnerabilities

CVE-2023-50447
Pillow 10.2.0 released, fixes CVE-2023-50447
pip/Pillow<10.2.0
Python Pillow<=10.1.0
Debian Debian Linux=10.0
ubuntu/pillow<7.0.0-4ubuntu0.8
ubuntu/pillow<9.0.1-1ubuntu0.2
ubuntu/pillow<10.0.0-1ubuntu0.1
and 2 more
CVE-2023-6507
Groups not dropped before running subprocess when using empty 'extra_groups' parameter
Python Python=3.12.0
Python Python=3.13.0-alpha1
Python Python=3.13.0-alpha2
CVE-2023-44271
An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of ...
redhat/Pillow<10.0.0
pip/pillow>=0<10.0.0
Python Pillow<10.0.0
Fedoraproject Fedora=38
ubuntu/pillow<7.0.0-4ubuntu0.8
ubuntu/pillow<9.0.1-1ubuntu0.2
and 2 more
CVE-2023-45803
Request body not stripped after redirect in urllib3
Python urllib3<1.26.18
Python urllib3>=2.0.0<2.0.7
Fedoraproject Fedora=38
pip/urllib3>=0<1.26.18
pip/urllib3>=2.0.0<2.0.7
redhat/urllib3<2.0.7
CVE-2018-25091
urllib3 before 1.24.2 does not remove the authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in t...
pip/urllib3<1.24.2
Python urllib3<1.24.2
CVE-2023-43804
`Cookie` HTTP header isn't stripped on cross-origin redirects
Python urllib3<1.26.17
Python urllib3>=2.0.0<2.0.6
Debian Debian Linux=10.0
pip/urllib3<1.26.17
pip/urllib3>=2.0.0<2.0.6
Fedoraproject Fedora=37
and 5 more
CVE-2023-40217
Python could allow a remote attacker to bypass security restrictions, caused by a race condition in the SSLSocket module. When the socket is closed before the TLS handshake is complete, the data is tr...
Python Python<3.8.18
Python Python>=3.9.0<3.9.18
Python Python>=3.10.0<3.10.13
Python Python>=3.11.0<3.11.5
ubuntu/python2.7<2.7.17-1~18.04ubuntu1.13+
ubuntu/python2.7<2.7.6-8ubuntu0.6+
and 22 more
CVE-2023-41105
An issue was discovered in Python 3.11 through 3.11.4. If a path containing '\0' bytes is passed to os.path.normpath(), the path will be truncated unexpectedly at the first '\0' byte. There are plausi...
Python Python>=3.11.0<=3.11.4
redhat/Pyhton<3.11.5
debian/python2.7
debian/python3.10
debian/python3.11<=3.11.2-6
debian/python3.12
and 5 more
CVE-2022-48564
read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format.
Python Python<3.7.7
Python Python>=3.8.0<3.8.2
Python Python>=3.9.0<3.9.1
Python Python=3.10.0-alpha1
debian/python2.7
debian/python3.7<=3.7.3-2+deb10u3
and 16 more
CVE-2022-48566
An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1. Constant-time-defeating optimisations were possible in the accumulator variable in hmac.compare_digest.
ubuntu/python2.7<2.7.17-1~18.04ubuntu1.13+
ubuntu/python2.7<2.7.12-1ubuntu0~16.04.18+
ubuntu/python3.5<3.5.2-2ubuntu0~16.04.13+
ubuntu/python3.7<3.7.10
ubuntu/python3.8<3.8.10-0ubuntu1~20.04
ubuntu/python3.8<3.8.7
and 13 more
CVE-2022-48565
An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities.
Python Python<3.6.13
Python Python>=3.7.0<3.7.10
Python Python>=3.8.0<3.8.7
Python Python>=3.9.0<3.9.1
Debian Debian Linux=10.0
ubuntu/python2.7<2.7.17-1~18.04ubuntu1.13+
and 8 more
CVE-2022-48560
A use-after-free exists in Python through 3.9 via heappushpop in heapq.
Python Python<3.6.11
Python Python>=3.7.0<3.7.7
Python Python>=3.8.0<3.8.2
Python Python=3.9.0-alpha1
Python Python=3.9.0-alpha2
Debian Debian Linux=10.0
and 14 more
CVE-2023-38898
** DISPUTED ** An issue in Python cpython v.3.7 allows an attacker to obtain sensitive information via the _asyncio._swap_current_task component. NOTE: this is disputed by the vendor because (1) neith...
Python Python=3.13.0-alpha0
CVE-2023-36632
** DISPUTED ** The legacy email.utils.parseaddr function in Python through 3.11.4 allows attackers to trigger "RecursionError: maximum recursion depth exceeded while calling a Python object" via a cra...
Python Python<=3.11.4
<=3.11.4
CVE-2023-33595
CPython v3.12.0 alpha 7 was discovered to contain a heap use-after-free via the function ascii_decode at /Objects/unicodeobject.c.
Python Cpython=3.12.0-alpha_7
Python Python=3.12.0-alpha7
CVE-2023-32681
### Impact Since Requests v2.3.0, Requests has been vulnerable to potentially leaking `Proxy-Authorization` headers to destination servers, specifically during redirects to an HTTPS origin. This is a...
Python Requests>=2.3.0<2.31.0
Fedoraproject Fedora=37
IBM Watson Knowledge Catalog on-prem<=4.x
CVE-2023-27043
Python could allow a remote attacker to bypass security restrictions, caused by a parsing flaw in the email.utils.parsaddr() and email.utils.getaddresses() functions. By sending a specially-crafted e-...
Python Python<=2.7.18
Python Python>=3.0<=3.11
IBM Cognos Dashboards on Cloud Pak for Data<=4.7.0
<=2.7.18
>=3.0<=3.11
CVE-2023-24329
Python could allow a remote attacker to bypass security restrictions, caused by a flaw in the urllib.parse component. By sending a specially-crafted request using URL starts with blank characters, an ...
IBM QRadar SIEM<=7.5 - 7.5.0 UP7
redhat/python<3.11
ubuntu/python2.7<2.7.6-8ubuntu0.6+
ubuntu/python2.7<2.7.12-1ubuntu0~16.04.18+
ubuntu/python3.10<3.10.6-1~22.04.2ubuntu1.1
ubuntu/python3.10<3.10.7-1ubuntu0.4
and 23 more
CVE-2022-40897
Pypa Setuptools is vulnerable to a denial of service, caused by improper input validation. By sending request with a specially crafted regular expression, an remote attacker could exploit this vulnera...
Python Setuptools<65.5.1
IBM Cognos Analytics<=12.0.0-12.0.1
IBM Cognos Analytics<=11.2.0-11.2.4 FP2
IBM Cognos Analytics<=11.1.1-11.1.7 FP7
CVE-2022-45199
Pillow starting with 9.2.0 and prior to 9.3.0 allows denial of service via SAMPLESPERPIXEL. A large value in the SAMPLESPERPIXEL tag could lead to a memory and runtime DOS in TiffImagePlugin.py when s...
pip/pillow>=9.2.0<9.3.0
Python Pillow<9.3.0
CVE-2022-45198
Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data (Data Amplification).
pip/pillow<9.2.0
Python Pillow<9.2.0
CVE-2022-45061
A vulnerability was discovered in Python. A quadratic algorithm exists when processing inputs to the IDNA (RFC 3490) decoder, such that a crafted unreasonably long name being presented to the decoder ...
redhat/python3<0:3.6.8-48.el8_7.1
redhat/python3.9<0:3.9.14-1.el9_1.2
IBM Cloud Pak for Security<=1.10.0.0 - 1.10.11.0
IBM QRadar Suite Software<=1.10.12.0 - 1.10.16.0
redhat/python<3.11.1
redhat/python<3.10.9
and 51 more
CVE-2022-42919
Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start m...
Python Python>=3.7.3<=3.7.15
Python Python>=3.8.3<=3.8.15
Python Python>=3.9.0<3.9.16
Python Python>=3.10.0<3.10.9
Fedoraproject Fedora=35
Fedoraproject Fedora=36
and 9 more
CVE-2022-37454
Fixed bug : buffer overflow in hash_update() on long parameter. (CVE-2022-37454)
debian/pysha3<=1.0.2-2<=1.0.2-4.1<=1.0.2-4.2
Extended Keccak Code Package Project Extended Keccak Code Package
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Fedoraproject Fedora=35
Fedoraproject Fedora=36
and 37 more
CVE-2021-28861
** DISPUTED ** Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information...
redhat/python3<0:3.6.8-48.el8_7.1
redhat/python3.9<0:3.9.14-1.el9
redhat/rh-python38-python<0:3.8.14-1.el7
Python Python>=3.0.0<3.7.14
Python Python>=3.8.0<3.8.14
Python Python>=3.9.0<3.9.14
and 26 more
CVE-2017-20052
A vulnerability classified as problematic was found in Python 2.7.13. This vulnerability affects unknown code of the component pgAdmin4. The manipulation leads to uncontrolled search path. The attack ...
Python Python=2.7.13
CVE-2022-30595
libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer overflow in the processing of invalid TGA image files.
Python Pillow=9.1.0
pip/Pillow=9.1.0
CVE-2022-28470
marcador package in PyPI 0.1 through 0.13 included a code-execution backdoor.
Python PyPI>=0.1<=0.13
CVE-2022-24902
TkVideoplayer is a simple library to play video files in tkinter. Uncontrolled memory consumption in versions of TKVideoplayer prior to 2.0.0 can theoretically lead to performance degradation. There a...
Python Tkvideoplayer<2.0.0
CVE-2022-24303
Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled.
pip/Pillow<9.0.1
Python Pillow<9.0.1
Fedoraproject Fedora=34
Fedoraproject Fedora=35
<9.0.1
=34
and 1 more
CVE-2022-26488
In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local attacker to add user-writable directories to the sy...
Python Python<=3.7.12
Python Python>=3.8.0<=3.8.12
Python Python>=3.9.0<=3.9.10
Python Python>=3.10.0<=3.10.2
Python Python=3.11.0-alpha1
Python Python=3.11.0-alpha2
and 7 more
CVE-2022-22816
path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path.
pip/Pillow<9.0.0
Python Pillow<9.0.0
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Debian Debian Linux=11.0
debian/pillow
CVE-2022-22815
path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path.
Python Pillow<9.0.0
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Debian Debian Linux=11.0
debian/pillow
CVE-2022-22817
`PIL.ImageMath.eval` in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method `ImageMath.eval("exec(exit())")`. While Pillow 9.0.0 restricted to...
Python Pillow<9.0.1
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Debian Debian Linux=11.0
debian/pillow
CVE-2021-4189
Python could allow a remote attacker to obtain sensitive information, caused by a flaw when using the FTP client library in PASV (passive) mode. By using a specially-crafted FTP server, an attacker co...
redhat/python3<0:3.6.8-45.el8
redhat/rh-python38-babel<0:2.7.0-12.el7
redhat/rh-python38-python<0:3.8.11-2.el7
redhat/rh-python38-python-cryptography<0:2.8-5.el7
redhat/rh-python38-python-jinja2<0:2.10.3-6.el7
redhat/rh-python38-python-lxml<0:4.4.1-7.el7
and 19 more
CVE-2021-42576
The bluemonday sanitizer before 1.0.16 for Go, and before 0.0.8 for Python (in pybluemonday), does not properly enforce policies associated with the SELECT, STYLE, and OPTION elements.
Microco Bluemonday<1.0.16
Python Pybluemonday<0.0.8
CVE-2021-23437
Regular Expression Denial of Service (ReDoS)
pip/pillow>=5.2.0<8.3.2
Python Pillow>=5.2.0<8.3.2
Fedoraproject Fedora=33
Fedoraproject Fedora=34
CVE-2021-3733
Python is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the AbstractBasicAuthHandler class in urllib. By persuading a victim to visit a specially-...
redhat/python3<0:3.6.8-39.el8_4
redhat/rh-python38-babel<0:2.7.0-12.el7
redhat/rh-python38-python<0:3.8.11-2.el7
redhat/rh-python38-python-cryptography<0:2.8-5.el7
redhat/rh-python38-python-jinja2<0:2.10.3-6.el7
redhat/rh-python38-python-lxml<0:4.4.1-7.el7
and 49 more
CVE-2021-3737
A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite...
redhat/python3<0:3.6.8-45.el8
redhat/python27-python<0:2.7.18-4.el7
IBM Cloud Pak for Security<=1.10.0.0 - 1.10.11.0
IBM QRadar Suite Software<=1.10.12.0 - 1.10.16.0
redhat/python<3.6.14
redhat/python<3.7.11
and 41 more
CVE-2021-34552
Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c.
Python Pillow>=1.0<=1.1.7
Python Pillow>=1.2<=8.2.0
Debian Debian Linux=9.0
Fedoraproject Fedora=33
Fedoraproject Fedora=34
redhat/python-pillow<0:5.1.1-16.el8
CVE-2021-33503
### Impact When provided with a URL containing many `@` characters in the authority component the authority regular expression exhibits catastrophic backtracking causing a denial of service if a URL ...
redhat/automation-hub<0:4.2.6-1.el7
redhat/python3-chardet<0:3.0.4-3.el7
redhat/python3-click<0:7.1.2-3.el7
redhat/python3-gnupg<0:0.4.6-3.el7
redhat/python3-jinja2<0:2.11.2-3.el7
redhat/python3-markupsafe<0:1.1.1-4.el7
and 38 more
CVE-2021-32052
In Django 2.2 before 2.2.22, 3.1 before 3.1.10, and 3.2 before 3.2.2 (with Python 3.9.5+), URLValidator does not prohibit newlines and tabs (unless the URLField form field is used). If an application ...
Djangoproject Django>=2.2<2.2.22
Djangoproject Django>=3.1<3.1.10
Djangoproject Django>=3.2<3.2.2
Python Python>=3.9.5
Fedoraproject Fedora=34
CVE-2021-29921
A flaw was found in python-ipaddress. Improper input validation of octal strings in stdlib ipaddress allows unauthenticated remote attackers to perform indeterminate SSRF, RFI, and LFI attacks on many...
redhat/rh-python38-babel<0:2.7.0-12.el7
redhat/rh-python38-python<0:3.8.11-2.el7
redhat/rh-python38-python-cryptography<0:2.8-5.el7
redhat/rh-python38-python-jinja2<0:2.10.3-6.el7
redhat/rh-python38-python-lxml<0:4.4.1-7.el7
redhat/rh-python38-python-pip<0:19.3.1-2.el7
and 10 more
CVE-2022-0391
Python could provide weaker than expected security, cause by a improper input validation by the urllib.parse module. By sending a specially-crafted request using \r and \n characters in the URL path. ...
redhat/python3<0:3.6.8-47.el8_6
redhat/rh-python38-babel<0:2.7.0-12.el7
redhat/rh-python38-python<0:3.8.11-2.el7
redhat/rh-python38-python-cryptography<0:2.8-5.el7
redhat/rh-python38-python-jinja2<0:2.10.3-6.el7
redhat/rh-python38-python-lxml<0:4.4.1-7.el7
and 31 more
CVE-2021-25287
An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2ku_graya_la.
Python Pillow<8.2.0
Fedoraproject Fedora=33
redhat/python-pillow<0:5.1.1-16.el8
CVE-2021-25288
An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2ku_gray_i.
redhat/python-pillow<0:5.1.1-16.el8
Python Pillow<8.2.0
Fedoraproject Fedora=33
CVE-2021-28678
An issue was discovered in Pillow before 8.2.0. For BLP data, BlpImagePlugin did not properly check that reads (after jumping to file offsets) returned data. This could lead to a DoS where the decoder...
redhat/python-pillow<0:5.1.1-16.el8
Python Pillow<8.2.0
Fedoraproject Fedora=33
pip/Pillow>=5.1.0<8.2.0
CVE-2021-28676
An issue was discovered in Pillow before 8.2.0. For FLI data, FliDecode did not properly check that the block advance was non-zero, potentially leading to an infinite loop on load.
pip/Pillow<8.2.0
Python Pillow<8.2.0
Fedoraproject Fedora=33
redhat/python-pillow<8.2.0
redhat/python-pillow<0:5.1.1-16.el8
CVE-2021-28675
An issue was discovered in Pillow before 8.2.0. `PSDImagePlugin.PsdImageFile` lacked a sanity check on the number of input layers relative to the size of the data block. This could lead to a DoS on `I...
pip/Pillow<8.2.0
redhat/python-pillow<0:5.1.1-16.el8
Python Pillow<8.2.0
Fedoraproject Fedora=33
CVE-2021-28677
A flaw was found in python-pillow. The readline used in EPS has to deal with any combination of \r and \n as line endings. It accidentally used a quadratic method of accumulating lines while looking f...
redhat/python-pillow<0:5.1.1-16.el8
Python Pillow<8.2.0
Fedoraproject Fedora=33
redhat/python-pillow<8.2.0
pip/Pillow<8.2.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203