Python Security Vulnerabilities

Status of Python branches lists Python branches which get security fixes.

Total: 95 vulnerabilities.

Vulnerability Disclosure Fixed In Vulnerable CVE
Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple 2023-03-24 3.10
3.7
3.8
3.9		 CVE-2023-27043
urlparse does not correctly handle schemes 2022-11-12 3.11.1 3.10
3.7
3.8
3.9		 CVE-2023-24329
Buffer overflow in the _sha3 module in Python 3.10 and older 2022-10-21 3.7.16
3.8.16
3.9.16
3.10.9		 CVE-2022-37454
Slow IDNA decoding with large strings 2022-10-19 3.7.16
3.8.16
3.9.16
3.10.9
3.11.1		 CVE-2022-45061
Linux specific local privilege escalation via the multiprocessing forkserver start method 2022-09-23 3.9.16
3.10.9
3.11.0		 CVE-2022-42919
Prevent DoS by large str-int conversions 2022-08-08 3.7.14
3.8.14
3.9.14
3.10.7
3.11.0		 CVE-2020-10735
Windows: vulnerable zlib 1.2.11 2022-04-01 3.7.14
3.8.14
3.9.13
3.10.5		 CVE-2018-25032
Windows: vulnerable bzip2 1.0.6 2021-07-02 3.7.13
3.8.13
3.9.11
3.10.3		 CVE-2016-3189
CVE-2019-12900
CVE-2013-0340 Billion Laughs fixed in Expat 2.4.0 2021-06-11 3.6.15
3.7.12
3.8.12
3.9.7
3.10.0		 CVE-2013-0340
CVE-2021-3737: urllib HTTP client possible infinite loop on a 100 Continue response 2021-05-03 3.6.14
3.7.11
3.8.11
3.9.6
3.10.0		 CVE-2021-3737
urllib.parse should sanitize urls containing ASCII newline and tabs. 2021-04-18 3.6.14
3.7.11
3.8.11
3.9.5
3.10.0		 CVE-2022-0391
ipaddress leading zeros in IPv4 address 2021-03-30 3.8.12
3.9.5
3.10.0		 CVE-2021-29921
ftplib should not use the host from the PASV response 2021-02-21 3.6.14
3.7.11
3.8.9
3.9.3
3.10.0
http.server: Open Redirection if the URL path starts with // 2021-02-14 3.7.14
3.8.14
3.9.14
3.10.6
3.11.0		 CVE-2021-28861
CVE-2021-3733: ReDoS in urllib.request 2021-01-30 3.6.14
3.7.11
3.8.10
3.9.5
3.10.0		 CVE-2021-3733
Information disclosure via pydoc getfile 2021-01-21 3.6.14
3.7.11
3.8.9
3.9.3
3.10.0		 CVE-2021-3426
urllib parse_qsl(): Web cache poisoning - semicolon as a query args separator 2021-01-19 3.6.13
3.7.10
3.8.8
3.9.2
3.10.0		 CVE-2021-23336
ctypes: Buffer overflow in PyCArg_repr 2021-01-16 3.6.13
3.7.10
3.8.8
3.9.2
3.10.0		 CVE-2021-3177
CJK codecs tests call eval() on content retrieved via HTTP 2020-10-05 3.6.13
3.7.10
3.8.7
3.9.1
3.10.0		 CVE-2020-27619
[CVE-2020-14422] Hash collisions in IPv4Interface and IPv6Interface 2020-06-17 3.5.10
3.6.12
3.7.9
3.8.4
3.9.0		 CVE-2020-14422
http.client: HTTP Header Injection in the HTTP method 2020-02-10 3.5.10
3.6.12
3.7.9
3.8.5
3.9.0		 CVE-2020-26116
CVE-2020-8315: Unsafe DLL loading in getpathp.c on Windows 7 2020-01-21 3.6.11
3.7.7
3.8.2
3.9.0		 CVE-2020-8315
Email header injection in Address objects 2019-12-17 3.5.10
3.6.11
3.7.8
3.8.4
3.9.0
Infinite loop in tarfile module while opening a crafted file 2019-12-10 3.5.10
3.6.12
3.7.9
3.8.5
3.9.0		 CVE-2019-20907
Remove newline characters from uu encoding methods 2019-11-30 2.7.18
3.5.10
3.6.10
3.7.6
3.8.1
3.9.0
urllib basic auth regex denial of service 2019-11-17 3.5.10
3.6.11
3.7.8
3.8.3
3.9.0		 CVE-2020-8492
Regular Expression Denial of Service in http.cookiejar 2019-11-14 2.7.18
3.5.10
3.6.10
3.7.6
3.8.1
3.9.0
CVE-2019-18348: CRLF injection via the host part of the url passed to urlopen() 2019-10-24 2.7.18
3.5.10
3.6.11
3.7.8
3.8.3
3.9.0		 CVE-2019-18348
Reflected XSS in DocXMLRPCServer 2019-09-21 2.7.17
3.5.8
3.6.10
3.7.5
3.8.0		 CVE-2019-16935
ssl.match_hostname() ignores extra string after whitespace in IPv4 address 2019-07-01 3.7.4
3.8.0
urlsplit does not handle NFKC normalization (second fix) 2019-04-27 2.7.17
3.5.8
3.6.9
3.7.4
3.8.0		 CVE-2019-10160
urlsplit does not handle NFKC normalization 2019-03-06 2.7.17
3.5.7
3.6.9
3.7.3
3.8.0		 CVE-2019-9636
urllib module local_file:// scheme 2019-02-06 2.7.17
3.5.8
3.6.9
3.7.4
3.8.0		 CVE-2019-9948
TALOS-2018-0758 SSL CRL distribution points Denial of Service 2019-01-15 2.7.16
3.4.10
3.5.7
3.6.9
3.7.3
3.8.0		 CVE-2019-5010
http.cookiejar: Incorrect validation of path 2019-01-03 2.7.17
3.4.10
3.5.7
3.6.9
3.7.3
3.8.0
xml package does not obey ignore_environment 2018-09-24 2.7.16
3.4.10
3.5.7
3.6.8
3.7.2
3.8.0
pickle.load denial of service 2018-09-13 3.4.10
3.5.7
3.6.7
3.7.1
3.8.0		 CVE-2018-20406
_elementree C accelerator doesn’t call XML_SetHashSalt() 2018-09-10 2.7.16
3.4.10
3.5.7
3.6.7
3.7.1
3.8.0		 CVE-2018-14647
email.utils.parseaddr mistakenly parse an email 2018-07-19 2.7.17
3.5.8
3.6.10
3.7.5
3.8.0		 CVE-2019-16056
Email folding function Denial-of-Service 2018-05-16 3.6.9
3.7.4
3.8.0
Buffer overflow vulnerability in os.symlink on Windows 2018-03-05 3.4.9
3.5.6
3.6.5
3.7.0		 CVE-2018-1000117
difflib and poplib catastrophic backtracking 2018-03-02 2.7.15
3.4.9
3.5.6
3.6.5
3.7.0		 CVE-2018-1060
CVE-2018-1061
Python 2.7 readahead is not thread safe 2017-09-20 2.7.15 CVE-2018-1000030
Expat 2.2.3 2017-07-17 2.7.14
3.3.7
3.4.8
3.5.5
3.6.3
3.7.0
Environment variables injection in subprocess on Windows 2017-06-22 2.7.14
3.3.7
3.4.7
3.5.4
3.6.2
3.7.0
Expat 2.2.1 2017-06-17 2.7.14
3.3.7
3.4.7
3.5.4
3.6.2
3.7.0		 CVE-2012-0876
CVE-2016-0718
CVE-2016-9063
CVE-2017-9233
PyString_DecodeEscape integer overflow 2017-06-13 2.7.14
3.4.8
3.5.5		 CVE-2017-1000158
bpo-30500: urllib connects to a wrong host 2017-05-29 2.7.14
3.3.7
3.4.7
3.5.4
3.6.2
3.7.0
HTTP Header Injection (follow-up of CVE-2016-5699) 2017-05-24 2.7.17
3.5.8
3.6.9
3.7.4
3.8.0		 CVE-2019-9740
CVE-2019-9947
Py_SetPath(): _Py_CheckPython3 uses uninitialized DLL path 2017-03-10 3.5.10
3.6.12
3.7.9
3.8.4
3.9.0		 CVE-2020-15523
urllib FTP protocol stream injection 2017-02-20 2.7.14
3.3.7
3.4.7
3.5.4
3.6.3
3.7.0
Expat 2.2 (Expat bug #537) 2017-02-17 2.7.14
3.3.7
3.4.7
3.5.4
3.6.2
3.7.0		 CVE-2016-0718
CVE-2016-4472
Zlib 1.2.11 2017-01-05 2.7.14
3.4.8
3.5.4
3.6.1
3.7.0		 CVE-2016-9840
CVE-2016-9841
CVE-2016-9842
CVE-2016-9843
gettext.c2py() 2016-10-30 2.7.13
3.3.7
3.4.6
3.5.3
3.6.0
Sweet32 attack (DES, 3DES) 2016-08-24 2.7.13
3.4.7
3.5.3
3.6.0		 CVE-2016-2183
HTTPoxy attack 2016-07-18 2.7.13
3.3.7
3.4.6
3.5.3
3.6.0		 CVE-2016-1000110
smtplib TLS stripping 2016-06-11 2.7.12
3.3.7
3.4.5
3.5.2
3.6.0		 CVE-2016-0772
Issue #26657: HTTP server directory traversal 2016-03-28 2.7.12
3.3.7
3.4.7
3.5.2
3.6.0
Issue #26556: Expat 2.1.1 2016-03-14 2.7.12
3.3.7
3.4.5
3.5.2
3.6.0		 CVE-2015-1283
zipimporter overflow 2016-01-21 2.7.12
3.3.7
3.4.5
3.5.2
3.6.0		 CVE-2016-5636
mailcap shell command injection 2015-08-02 3.7.16
3.8.16
3.9.16
3.10.8
3.11.0		 CVE-2015-20107
HTTP header injection 2014-11-24 2.7.10
3.3.7
3.4.4
3.5.0		 CVE-2016-5699
Validate TLS certificate 2014-08-28 2.7.9
3.4.3
3.5.0		 CVE-2014-9365
buffer() integer overflows 2014-06-24 2.7.8 CVE-2014-7185
JSONDecoder.raw_decode 2014-04-13 2.7.7
3.2.6
3.3.6
3.4.1
3.5.0		 CVE-2014-4616
os.makedirs() not thread-safe 2014-03-28 3.2.6
3.3.6
3.4.1
3.5.0		 CVE-2014-2667
socket.recvfrom_into() overflow 2014-01-14 2.7.7
3.2.6
3.3.4
3.4.0		 CVE-2014-1912
zipfile DoS using invalid file size 2013-12-27 3.3.4
3.4.0		 CVE-2013-7338
CGI directory traversal (URL parsing) 2013-10-29 2.7.6
3.2.6
3.3.4
3.4.0
ssl: NULL in subjectAltNames 2013-06-27 2.6.9
2.7.6
3.2.6
3.3.3
3.4.0		 CVE-2013-4238
ssl.match_hostname() IDNA issue 2013-05-17 3.3.3
3.4.0		 CVE-2013-7440
ssl.match_hostname() wildcard DoS 2013-05-15 3.2.6
3.3.3
3.4.0		 CVE-2013-2099
Limit imaplib.IMAP4_SSL.readline() 2012-09-25 2.7.16 CVE-2013-1752
ftplib unlimited read 2012-09-25 2.7.6
3.2.6
3.3.3
3.4.0		 CVE-2013-1752
nntplib unlimited read 2012-09-25 2.6.9
2.7.6
3.2.6
3.3.7
3.4.3
3.5.0		 CVE-2013-1752
poplib unlimited read 2012-09-25 2.7.9
3.2.6
3.3.7
3.4.3
3.5.0		 CVE-2013-1752
smtplib unlimited read 2012-09-25 2.7.9
3.2.6
3.3.7
3.4.3
3.5.0		 CVE-2013-1752
xmlrpc gzip unlimited read 2012-09-25 2.7.9
3.3.7
3.4.3
3.5.0		 CVE-2013-1753
Hash function not randomized properly 2012-04-19 3.4.0 CVE-2013-7040
Vulnerability in the utf-16 decoder after error handling 2012-04-14 2.7.4
3.2.4
3.3.0		 CVE-2012-2135
XML-RPC DoS 2012-02-13 2.6.8
2.7.3
3.1.5
3.2.3
3.3.0		 CVE-2012-0845
ssl CBC IV attack 2012-01-27 2.6.8
2.7.3
3.1.5
3.2.3
3.3.0		 CVE-2011-3389
Hash DoS 2011-12-28 2.6.8
2.7.3
3.1.5
3.2.3
3.3.0		 CVE-2012-1150
pypirc created insecurely 2011-11-30 2.7.4
3.2.4
3.3.1
3.4.0		 CVE-2011-4944
urllib redirect 2011-03-24 2.5.6
2.6.7
2.7.2
3.1.4
3.2.1
3.3.0		 CVE-2011-1521
SimpleHTTPServer UTF-7 2011-03-08 2.5.6
2.6.7
2.7.2
3.2.4
3.3.1
3.4.0		 CVE-2011-4940
audioop integer overflows 2010-05-10 2.6.6
2.7.0
3.1.3
3.2.0		 CVE-2010-1634
audioop input validation 2010-01-11 2.6.6
2.7.2
3.1.3
3.2.0		 CVE-2010-2089
httplib unlimited read 2009-08-28 2.7.2
3.1.4
3.2.0		 CVE-2013-1752
smtpd accept bug and race condition 2009-08-14 2.7.1
3.1.3
3.2.0		 CVE-2010-3492
CVE-2010-3493
Multiple integer overflows (Apple) 2008-07-31 2.6.0
3.0.0		 CVE-2008-1679
CVE-2008-1721
CVE-2008-1887
CVE-2008-2315
CVE-2008-2316
CVE-2008-3142
CVE-2008-3144
CVE-2008-4864
Multiple integer overflows (Google) 2008-04-11 2.5.3
2.6.0
3.0.0		 CVE-2008-3143
expandtab() integer overflow 2008-03-11 2.5.3
2.6.0
3.0.0		 CVE-2008-5031
CGI directory traversal (is_cgi() function) 2008-03-07 2.7.0
3.2.4
3.3.1
3.4.0		 CVE-2011-1015
rgbimg and imageop overflows 2007-09-16 2.5.3
2.6.0		 CVE-2007-4965
CVE-2009-4134
CVE-2010-1449
CVE-2010-1450

Table of Contents: