Known Vulnerabilities for products from Python Software Foundation
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Python Software Foundation".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2008-5983 | Untrusted search path vulnerability in the PySys_SetArgv API function in Python 2.6 and earlier, and possibly later versions,... | 6.9 - MEDIUM | 2009-01-28 | 2023-11-07 |
| CVE-2008-4864 | Multiple integer overflows in imageop.c in the imageop module in Python 1.5.2 through 2.5.1 allow context-dependent attackers... | 7.5 - HIGH | 2008-11-01 | 2022-07-05 |
| CVE-2008-4108 | Tools/faqwiz/move-faqwiz.sh (aka the generic FAQ wizard moving tool) in Python 2.4.5 might allow local users to overwrite arb... | 7.2 - HIGH | 2008-09-18 | 2017-08-08 |
| CVE-2008-3144 | Multiple integer overflows in the PyOS_vsnprintf function in Python/mysnprintf.c in Python 2.5.2 and earlier allow context-de... | 5 - MEDIUM | 2008-08-01 | 2023-08-02 |
| CVE-2008-3143 | Multiple integer overflows in Python before 2.5.2 might allow context-dependent attackers to have an unknown impact via vecto... | 7.5 - HIGH | 2008-08-01 | 2023-08-02 |
| CVE-2008-3142 | Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial ... | 7.5 - HIGH | 2008-08-01 | 2022-07-05 |
| CVE-2008-2316 | Integer overflow in _hashopenssl.c in the hashlib module in Python 2.5.2 and earlier might allow context-dependent attackers ... | 7.5 - HIGH | 2008-08-01 | 2023-08-02 |
| CVE-2008-2315 | Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vector... | 7.5 - HIGH | 2008-08-01 | 2023-08-02 |
| CVE-2008-1887 | Python 2.5.2 and earlier allows context-dependent attackers to execute arbitrary code via multiple vectors that cause a negat... | 9.3 - HIGH | 2008-04-18 | 2022-06-27 |
| CVE-2008-1721 | Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrar... | 7.5 - HIGH | 2008-04-10 | 2022-07-05 |
| CVE-2008-1679 | Multiple integer overflows in imageop.c in Python before 2.5.3 allow context-dependent attackers to cause a denial of service... | 6.8 - MEDIUM | 2008-04-22 | 2023-08-02 |
| CVE-2008-0299 | common.py in Paramiko 1.7.1 and earlier, when using threads or forked processes, does not properly use RandomPool, which allo... | 4.3 - MEDIUM | 2008-01-16 | 2017-08-08 |
| CVE-2007-4965 | Multiple integer overflows in the imageop module in Python 2.5.1 and earlier allow context-dependent attackers to cause a den... | 5.8 - MEDIUM | 2007-09-18 | 2023-08-02 |
| CVE-2007-4559 | Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user... | 6.8 - MEDIUM | 2007-08-28 | 2024-03-16 |
| CVE-2007-2052 | Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2.5 causes an incorrect buffe... | 5 - MEDIUM | 2007-04-16 | 2023-08-02 |
| CVE-2007-1657 | Stack-based buffer overflow in the file_compress function in minigzip (Modules/zlib) in Python 2.5 allows context-dependent a... | 7.5 - HIGH | 2007-03-24 | 2018-10-16 |
| CVE-2006-4980 | Buffer overflow in the repr function in Python 2.3 through 2.6 before 20060822 allows context-dependent attackers to cause a ... | 7.5 - HIGH | 2006-10-10 | 2023-08-02 |
| CVE-2006-1542 | Stack-based buffer overflow in Python 2.4.2 and earlier, running on Linux 2.6.12.5 under gcc 4.0.3 with libc 2.3.5, allows lo... | 3.7 - LOW | 2006-03-30 | 2023-08-02 |
| CVE-2005-0089 | The SimpleXMLRPCServer library module in Python 2.2, 2.3 before 2.3.5, and 2.4, when used by XML-RPC servers that use the reg... | 7.5 - HIGH | 2005-05-02 | 2023-08-02 |
| CVE-2004-0150 | Buffer overflow in the getaddrinfo function in Python 2.2 before 2.2.2, when IPv6 support is disabled, allows remote attacker... | 7.5 - HIGH | 2004-04-15 | 2023-08-02 |