| Max CVSS | 6.4 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-20907 | 5.0 |
In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.
|
24-05-2023 - 21:15 | 13-07-2020 - 13:15 | |
| CVE-2020-26116 | 6.4 |
http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first ar
|
24-05-2023 - 21:15 | 27-09-2020 - 04:15 | |
| CVE-2020-14422 | 4.3 |
Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary
|
16-05-2023 - 02:15 | 18-06-2020 - 14:15 | |
| CVE-2020-26116 | 5.0 |
http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first ar
|
27-09-2020 - 22:01 | 27-09-2020 - 04:15 | |
| CVE-2020-26116 | 5.0 |
http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first ar
|
27-09-2020 - 22:01 | 27-09-2020 - 04:15 |