| Bug | bullseye | bookworm | trixie | sid | Description |
|---|
| CVE-2025-0938 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | fixed | fixed | The Python standard library functions `urllib.parse.urlsplit` and `url ... |
| CVE-2024-5642 | vulnerable (no DSA, postponed) | fixed | fixed | fixed | CPython 3.9 and earlier doesn't disallow configuring an empty list ("[ ... |
| CVE-2024-0397 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | fixed | fixed | A defect was discovered in the Python \u201cssl\u201d module where the ... |
| CVE-2022-42919 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows lo ... |
| Bug | Description |
|---|
| CVE-2024-9287 | A vulnerability has been found in the CPython `venv` module and CLI wh ... |
| CVE-2024-0450 | An issue was found in the CPython `zipfile` module affecting versions ... |
| CVE-2023-40217 | An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, ... |
| CVE-2023-27043 | The email module of Python through 3.11.3 incorrectly parses e-mail ad ... |
| CVE-2023-24329 | An issue in the urllib.parse component of Python before 3.11.4 allows ... |
| CVE-2023-6597 | An issue was found in the CPython `tempfile.TemporaryDirectory` class ... |
| CVE-2022-48566 | An issue was discovered in compare_digest in Lib/hmac.py in Python thr ... |
| CVE-2022-48565 | An XML External Entity (XXE) issue was discovered in Python through 3. ... |
| CVE-2022-48564 | read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a po ... |
| CVE-2022-45061 | An issue was discovered in Python before 3.11.1. An unnecessary quadra ... |
| CVE-2022-37454 | The Keccak XKCP SHA-3 reference implementation before fdc6fef has an i ... |
| CVE-2022-0391 | A flaw was found in Python, specifically within the urllib.parse modul ... |
| CVE-2021-29921 | In Python before 3,9,5, the ipaddress library mishandles leading zero ... |
| CVE-2021-28861 | Python 3.x through 3.10 has an open redirection vulnerability in lib/h ... |
| CVE-2021-23336 | The package python/cpython from 0 and before 3.6.13, from 3.7.0 and be ... |
| CVE-2021-4189 | A flaw was found in Python, specifically in the FTP (File Transfer Pro ... |
| CVE-2021-3737 | A flaw was found in python. An improperly handled HTTP response in the ... |
| CVE-2021-3733 | There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker ... |
| CVE-2021-3426 | There's a flaw in Python 3's pydoc. A local or adjacent attacker who d ... |
| CVE-2020-29651 | A denial of service via regular expression in the py.path.svnwc compon ... |
| CVE-2020-27619 | In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK ... |
| CVE-2020-26116 | http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x be ... |
| CVE-2020-10735 | A flaw was found in python. In algorithms with quadratic time complexi ... |
| CVE-2019-20907 | In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craf ... |