| Bug | buster | bullseye | bookworm | trixie | sid | Description |
|---|
| CVE-2024-0450 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | An issue was found in the CPython `zipfile` module affecting versions ... |
| CVE-2023-40217 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, ... |
| CVE-2023-27043 | vulnerable (no DSA, postponed) | vulnerable (no DSA, postponed) | vulnerable (no DSA, postponed) | vulnerable | vulnerable | The email module of Python through 3.11.3 incorrectly parses e-mail ad ... |
| CVE-2023-24329 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | An issue in the urllib.parse component of Python before 3.11.4 allows ... |
| CVE-2023-6597 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | An issue was found in the CPython `tempfile.TemporaryDirectory` class ... |
| CVE-2022-48566 | vulnerable | fixed | fixed | fixed | fixed | An issue was discovered in compare_digest in Lib/hmac.py in Python thr ... |
| CVE-2022-48565 | vulnerable | fixed | fixed | fixed | fixed | An XML External Entity (XXE) issue was discovered in Python through 3. ... |
| CVE-2022-48564 | vulnerable | fixed | fixed | fixed | fixed | read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a po ... |
| CVE-2022-45061 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | An issue was discovered in Python before 3.11.1. An unnecessary quadra ... |
| CVE-2022-42919 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows lo ... |
| CVE-2022-0391 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | A flaw was found in Python, specifically within the urllib.parse modul ... |
| CVE-2021-29921 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | In Python before 3,9,5, the ipaddress library mishandles leading zero ... |
| CVE-2021-23336 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | The package python/cpython from 0 and before 3.6.13, from 3.7.0 and be ... |
| CVE-2021-4189 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | A flaw was found in Python, specifically in the FTP (File Transfer Pro ... |
| CVE-2021-3737 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | A flaw was found in python. An improperly handled HTTP response in the ... |
| CVE-2021-3733 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker ... |
| CVE-2021-3426 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | There's a flaw in Python 3's pydoc. A local or adjacent attacker who d ... |
| CVE-2020-27619 | vulnerable | fixed | fixed | fixed | fixed | In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK ... |
| CVE-2020-26116 | vulnerable | fixed | fixed | fixed | fixed | http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x be ... |
| CVE-2020-10735 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | A flaw was found in python. In algorithms with quadratic time complexi ... |
| CVE-2019-20907 | vulnerable | fixed | fixed | fixed | fixed | In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craf ... |