Information on source package python3.5

Available versions

ReleaseVersion
stretch3.5.3-1+deb9u9
stretch (security)3.5.3-1+deb9u5

Open issues

BugstretchDescription
CVE-2023-27043vulnerable (no DSA, postponed)The email module of Python through 3.11.3 incorrectly parses e-mail ad ...
CVE-2023-24329vulnerable (no DSA, ignored)An issue in the urllib.parse component of Python before 3.11.4 allows ...
CVE-2022-0391vulnerable (no DSA, ignored)A flaw was found in Python, specifically within the urllib.parse modul ...
CVE-2020-10735vulnerable (no DSA, ignored)A flaw was found in python. In algorithms with quadratic time complexi ...

Open unimportant issues

BugstretchDescription
CVE-2023-24535vulnerableParsing invalid messages can panic. Parsing a text-format message whic ...
CVE-2021-28861vulnerablePython 3.x through 3.10 has an open redirection vulnerability in lib/h ...
CVE-2020-27619vulnerableIn Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK ...
CVE-2019-9674vulnerableLib/zipfile.py in Python through 3.7.2 allows remote attackers to caus ...
CVE-2017-17522vulnerableLib/webbrowser.py in Python through 3.6.3 does not validate strings be ...

Resolved issues

BugDescription
CVE-2024-0450An issue was found in the CPython `zipfile` module affecting versions ...
CVE-2023-41105An issue was discovered in Python 3.11 through 3.11.4. If a path conta ...
CVE-2023-40217An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, ...
CVE-2023-38898An issue in Python cpython v.3.7 allows an attacker to obtain sensitiv ...
CVE-2023-33595CPython v3.12.0 alpha 7 was discovered to contain a heap use-after-fre ...
CVE-2023-6507An issue was found in CPython 3.12.0 `subprocess` module on POSIX plat ...
CVE-2022-48566An issue was discovered in compare_digest in Lib/hmac.py in Python thr ...
CVE-2022-48565An XML External Entity (XXE) issue was discovered in Python through 3. ...
CVE-2022-48564read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a po ...
CVE-2022-48560A use-after-free exists in Python through 3.9 via heappushpop in heapq ...
CVE-2022-45061An issue was discovered in Python before 3.11.1. An unnecessary quadra ...
CVE-2022-42919Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows lo ...
CVE-2022-37454The Keccak XKCP SHA-3 reference implementation before fdc6fef has an i ...
CVE-2022-26488In Python before 3.10.3 on Windows, local users can gain privileges be ...
CVE-2021-23336The package python/cpython from 0 and before 3.6.13, from 3.7.0 and be ...
CVE-2021-4189A flaw was found in Python, specifically in the FTP (File Transfer Pro ...
CVE-2021-3737A flaw was found in python. An improperly handled HTTP response in the ...
CVE-2021-3733There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker ...
CVE-2021-3426There's a flaw in Python 3's pydoc. A local or adjacent attacker who d ...
CVE-2021-3177Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctyp ...
CVE-2020-26116http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x be ...
CVE-2020-15801In Python 3.8.4, sys.path restrictions specified in a python38._pth fi ...
CVE-2020-14422Lib/ipaddress.py in Python through 3.8.3 improperly computes hash valu ...
CVE-2020-8492Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 ...
CVE-2020-8315In Python (CPython) 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 thr ...
CVE-2019-20907In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craf ...
CVE-2019-18348An issue was discovered in urllib2 in Python 2.x through 2.7.17 and ur ...
CVE-2019-16935The documentation XML-RPC server in Python through 2.7.16, 3.x through ...
CVE-2019-16056An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3 ...
CVE-2019-10160A security regression of CVE-2019-9636 was discovered in python since ...
CVE-2019-9948urllib in Python 2.x through 2.7.16 supports the local_file: scheme, w ...
CVE-2019-9947An issue was discovered in urllib2 in Python 2.x through 2.7.16 and ur ...
CVE-2019-9740An issue was discovered in urllib2 in Python 2.x through 2.7.16 and ur ...
CVE-2019-9636Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Impr ...
CVE-2019-5010An exploitable denial-of-service vulnerability exists in the X509 cert ...
CVE-2018-1000802Python Software Foundation Python (CPython) version 2.7 contains a CWE ...
CVE-2018-1000117Python Software Foundation CPython version From 3.2 until 3.6.4 on Win ...
CVE-2018-1000030Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a Hea ...
CVE-2018-20852http.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookiejar.py ...
CVE-2018-20406Modules/_pickle.c in Python before 3.7.1 has an integer overflow via a ...
CVE-2018-14647Python's elementtree C accelerator failed to initialise Expat's hash s ...
CVE-2018-1061python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is ...
CVE-2018-1060python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is ...
CVE-2017-1000158CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow ...
CVE-2016-1000110The CGIHandler class in Python before 2.7.12 does not protect against ...
CVE-2016-5699CRLF injection vulnerability in the HTTPConnection.putheader function ...
CVE-2016-5636Integer overflow in the get_data function in zipimport.c in CPython (a ...
CVE-2016-0772The smtplib library in CPython (aka Python) before 2.7.12, 3.x before ...
CVE-2015-20107In Python (aka CPython) up to 3.10.8, the mailcap module does not add ...

Security announcements

DSA / DLADescription
ELA-1066-1python3.5 - security update
ELA-997-1python3.5 - security update
ELA-884-1python3.5 - security update
DLA-2808-1python3.5 - security update
DLA-2619-1python3.5 - security update
DLA-2456-1python3.5 - security update
DLA-2280-1python3.5 - security update
DSA-4307-1python3.5 - security update

Search for package or bug name: Reporting problems