Search CVE reports

Toggle filters

201 – 210 of 828 results

CVE-2024-3220

Negligible priority
Not affected

There is a defect in the CPython standard library module “mimetypes” where on Windows the default list of known file locations are writable meaning other users can create invalid files to cause MemoryError to be raised on Python...

11 affected packages

python2.7, python3.10, python3.11, python3.12, python3.13...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
python2.7 Not in release Not affected Not affected Not affected
python3.10 Not in release Not affected Not in release
python3.11 Not in release Not affected Not in release
python3.12 Not affected Not in release Not in release
python3.13 Not in release Not in release Not in release
python3.4 Not in release Not in release Not in release
python3.5 Not in release Not in release Not in release
python3.6 Not in release Not in release Not in release Not affected
python3.7 Not in release Not in release Not in release Not affected
python3.8 Not in release Not in release Not affected Not affected
python3.9 Not in release Not in release Not affected
Show all 11 packages Show less packages

CVE-2025-0938

Medium priority

Some fixes available 18 of 25

The Python standard library functions `urllib.parse.urlsplit` and `urlparse` accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for...

12 affected packages

pypy3, python2.7, python3.4, python3.5, python3.6...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
pypy3 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
python2.7 Not in release Not in release Fixed Fixed Fixed
python3.4 Not in release Not in release Not in release Not in release
python3.5 Not in release Not in release Not in release Not in release
python3.6 Not in release Not in release Not in release Not in release Fixed
python3.7 Not in release Not in release Not in release Not in release Fixed
python3.8 Not in release Not in release Not in release Fixed Fixed
python3.9 Not in release Not in release Not in release Fixed
python3.10 Not in release Not in release Fixed Not in release
python3.11 Not in release Not in release Fixed Not in release
python3.12 Not in release Fixed Not in release Not in release
python3.13 Not in release Not in release Not in release Not in release
Show all 12 packages Show less packages

CVE-2025-24359

Medium priority
Needs evaluation

ASTEVAL is an evaluator of Python expressions and statements. Prior to version 1.0.6, if an attacker can control the input to the `asteval` library, they can bypass asteval's restrictions and execute arbitrary Python code in the...

1 affected package

python-asteval

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
python-asteval Not affected Needs evaluation Needs evaluation Ignored
Show less packages

CVE-2025-22153

Medium priority
Fixed

RestrictedPython is a tool that helps to define a subset of the Python language which allows to provide a program input into a trusted environment. Via a type confusion bug in versions of the CPython interpreter starting in 3.11...

1 affected package

restrictedpython

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
restrictedpython Not affected Fixed Not affected Not affected Not affected
Show less packages

CVE-2025-21548

Medium priority
Needs evaluation

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network...

1 affected package

mysql-connector-python

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mysql-connector-python Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2024-56374

Medium priority

Some fixes available 8 of 10

An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential...

1 affected package

python-django

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
python-django Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2024-9774

Medium priority
Needs evaluation

A vulnerability was found in python-sql where unary operators do not escape non-Expression.

1 affected package

python-sql

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
python-sql Not affected Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2024-12254

Medium priority

Some fixes available 2 of 3

Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the "high-water mark". Because...

11 affected packages

python3.11, python3.12, python3.13, python3.9, python2.7...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
python3.11 Not in release Not affected Not in release Not in release
python3.12 Fixed Not in release Not in release Not in release
python3.13 Not in release Not in release Not in release Not in release
python3.9 Not in release Not in release Not affected Not in release
python2.7 Not in release Not affected Not affected Not affected
python3.4 Not in release Not in release Not in release Not in release
python3.5 Not in release Not in release Not in release Not in release
python3.6 Not in release Not in release Not in release Not affected
python3.7 Not in release Not in release Not in release Not affected
python3.8 Not in release Not in release Not affected Not affected
python3.10 Not in release Not affected Not in release Not in release
Show all 11 packages Show less packages

CVE-2024-53908

Medium priority
Fixed

An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection...

1 affected package

python-django

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
python-django Fixed Not affected Not affected Not affected
Show less packages

CVE-2024-53907

Medium priority

Some fixes available 9 of 10

An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The strip_tags() method and striptags template filter are subject to a potential denial-of-service attack via certain inputs containing...

1 affected package

python-django

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
python-django Fixed Fixed Fixed Fixed Fixed
Show less packages
  1. Previous page
  2. 19
  3. 20
  4. 21
  5. 22
  6. 23
  7. Next page
Export to JSON