Filtered by vendor Python
Subscriptions
Total
226 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-45198 | 1 Python | 1 Pillow | 2024-08-03 | 7.5 High |
| Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data (Data Amplification). | ||||
| CVE-2022-45061 | 4 Fedoraproject, Netapp, Python and 1 more | 13 Fedora, Active Iq Unified Manager, Bootstrap Os and 10 more | 2024-08-03 | 7.5 High |
| An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor; in such a scenario, they could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied supposed hostname. For example, the attack payload could be placed in the Location header of an HTTP response with status code 302. A fix is planned in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16. | ||||
| CVE-2022-42919 | 3 Fedoraproject, Python, Redhat | 4 Fedora, Python, Enterprise Linux and 1 more | 2024-08-03 | 7.8 High |
| Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network namespace, which in many system configurations means any user on the same machine. Pickles can execute arbitrary code. Thus, this allows for local user privilege escalation to the user that any forkserver process is running as. Setting multiprocessing.util.abstract_sockets_supported to False is a workaround. The forkserver start method for multiprocessing is not the default start method. This issue is Linux specific because only Linux supports abstract namespace sockets. CPython before 3.9 does not make use of Linux abstract namespace sockets by default. Support for users manually specifying an abstract namespace socket was added as a bugfix in 3.7.8 and 3.8.3, but users would need to make specific uncommon API calls in order to do that in CPython before 3.9. | ||||
| CVE-2022-40897 | 2 Python, Redhat | 4 Setuptools, Enterprise Linux, Rhel Eus and 1 more | 2024-08-03 | 5.9 Medium |
| Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py. | ||||
| CVE-2022-37454 | 9 Debian, Extended Keccak Code Package Project, Fedoraproject and 6 more | 9 Debian Linux, Extended Keccak Code Package, Fedora and 6 more | 2024-08-03 | 9.8 Critical |
| The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface. | ||||
| CVE-2022-30595 | 1 Python | 1 Pillow | 2024-08-03 | 9.8 Critical |
| libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer overflow in the processing of invalid TGA image files. | ||||
| CVE-2022-28470 | 1 Python | 1 Pypi | 2024-08-03 | 9.8 Critical |
| marcador package in PyPI 0.1 through 0.13 included a code-execution backdoor. | ||||
| CVE-2022-26488 | 3 Microsoft, Netapp, Python | 4 Windows, Active Iq Unified Manager, Ontap Select Deploy Administration Utility and 1 more | 2024-08-03 | 7.0 High |
| In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local attacker to add user-writable directories to the system search path. To exploit, an administrator must have installed Python for all users and enabled PATH entries. A non-administrative user can trigger a repair that incorrectly adds user-writable paths into PATH, enabling search-path hijacking of other users and system services. This affects Python (CPython) through 3.7.12, 3.8.x through 3.8.12, 3.9.x through 3.9.10, and 3.10.x through 3.10.2. | ||||
| CVE-2022-24902 | 1 Python | 1 Tkvideoplayer | 2024-08-03 | 2.9 Low |
| TkVideoplayer is a simple library to play video files in tkinter. Uncontrolled memory consumption in versions of TKVideoplayer prior to 2.0.0 can theoretically lead to performance degradation. There are no known workarounds. This issue has been patched and users are advised to upgrade to version 2.0.0 or later. | ||||
| CVE-2022-24303 | 2 Fedoraproject, Python | 2 Fedora, Pillow | 2024-08-03 | 9.1 Critical |
| Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled. | ||||
| CVE-2022-22817 | 3 Debian, Python, Redhat | 5 Debian Linux, Pillow, Enterprise Linux and 2 more | 2024-08-03 | 9.8 Critical |
| PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda expression could also be used. | ||||
| CVE-2022-22816 | 3 Debian, Python, Redhat | 5 Debian Linux, Pillow, Enterprise Linux and 2 more | 2024-08-03 | 6.5 Medium |
| path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path. | ||||
| CVE-2022-22815 | 3 Debian, Python, Redhat | 3 Debian Linux, Pillow, Enterprise Linux | 2024-08-03 | 6.5 Medium |
| path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path. | ||||
| CVE-2022-0391 | 5 Fedoraproject, Netapp, Oracle and 2 more | 12 Fedora, Active Iq Unified Manager, Hci and 9 more | 2024-08-02 | 7.5 High |
| A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14. | ||||
| CVE-2023-50447 | 3 Debian, Python, Redhat | 8 Debian Linux, Pillow, Ansible Automation Platform and 5 more | 2024-08-02 | 8.1 High |
| Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter). | ||||
| CVE-2023-44271 | 3 Fedoraproject, Python, Redhat | 4 Fedora, Pillow, Ansible Automation Platform and 1 more | 2024-08-02 | 7.5 High |
| An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance operates on a long text argument. | ||||
| CVE-2023-41105 | 3 Netapp, Python, Redhat | 3 Active Iq Unified Manager, Python, Enterprise Linux | 2024-08-02 | 7.5 High |
| An issue was discovered in Python 3.11 through 3.11.4. If a path containing '\0' bytes is passed to os.path.normpath(), the path will be truncated unexpectedly at the first '\0' byte. There are plausible cases in which an application would have rejected a filename for security reasons in Python 3.10.x or earlier, but that filename is no longer rejected in Python 3.11.x. | ||||
| CVE-2023-40217 | 2 Python, Redhat | 8 Python, Enterprise Linux, Rhel Aus and 5 more | 2024-08-02 | 5.3 Medium |
| An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly, there is a brief window where the SSLSocket instance will detect the socket as "not connected" and won't initiate a handshake, but buffered data will still be readable from the socket buffer. This data will not be authenticated if the server-side TLS peer is expecting client certificate authentication, and is indistinguishable from valid TLS stream data. Data is limited in size to the amount that will fit in the buffer. (The TLS connection cannot directly be used for data exfiltration because the vulnerable code path requires that the connection be closed on initialization of the SSLSocket.) | ||||
| CVE-2023-38898 | 1 Python | 1 Python | 2024-08-02 | 5.3 Medium |
| An issue in Python cpython v.3.7 allows an attacker to obtain sensitive information via the _asyncio._swap_current_task component. NOTE: this is disputed by the vendor because (1) neither 3.7 nor any other release is affected (it is a bug in some 3.12 pre-releases); (2) there are no common scenarios in which an adversary can call _asyncio._swap_current_task but does not already have the ability to call arbitrary functions; and (3) there are no common scenarios in which sensitive information, which is not already accessible to an adversary, becomes accessible through this bug. | ||||
| CVE-2023-36632 | 1 Python | 1 Python | 2024-08-02 | 7.5 High |
| The legacy email.utils.parseaddr function in Python through 3.11.4 allows attackers to trigger "RecursionError: maximum recursion depth exceeded while calling a Python object" via a crafted argument. This argument is plausibly an untrusted value from an application's input data that was supposed to contain a name and an e-mail address. NOTE: email.utils.parseaddr is categorized as a Legacy API in the documentation of the Python email package. Applications should instead use the email.parser.BytesParser or email.parser.Parser class. NOTE: the vendor's perspective is that this is neither a vulnerability nor a bug. The email package is intended to have size limits and to throw an exception when limits are exceeded; they were exceeded by the example demonstration code. | ||||