Max CVSS | 5.0 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2019-9947 | 4.3 |
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (sp
|
16-08-2022 - 13:00 | 23-03-2019 - 18:29 | |
CVE-2019-9740 | 4.3 |
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (sp
|
16-08-2022 - 13:00 | 13-03-2019 - 03:29 | |
CVE-2018-1060 | 5.0 |
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.
|
28-07-2022 - 11:31 | 18-06-2018 - 14:29 | |
CVE-2018-14647 | 5.0 |
Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause pathological hash collisions
|
29-07-2020 - 12:15 | 25-09-2018 - 00:29 | |
CVE-2018-1061 | 5.0 |
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service.
|
03-10-2019 - 00:03 | 19-06-2018 - 12:29 | |
CVE-2016-10745 | 5.0 |
In Pallets Jinja before 2.8.1, str.format allows a sandbox escape.
|
06-06-2019 - 16:29 | 08-04-2019 - 13:29 |