Information on source package python3.7

Available versions

ReleaseVersion
buster3.7.3-2+deb10u9
buster (security)3.7.3-2+deb10u7

Open issues

BugbusterDescription
CVE-2024-5642vulnerable (no DSA, ignored)CPython 3.9 and earlier doesn't disallow configuring an empty list ("[ ...
CVE-2023-24329vulnerable (no DSA, ignored)An issue in the urllib.parse component of Python before 3.11.4 allows ...
CVE-2022-0391vulnerable (no DSA, ignored)A flaw was found in Python, specifically within the urllib.parse modul ...
CVE-2021-23336vulnerable (no DSA, ignored)The package python/cpython from 0 and before 3.6.13, from 3.7.0 and be ...

Open unimportant issues

BugbusterDescription
CVE-2021-28861vulnerablePython 3.x through 3.10 has an open redirection vulnerability in lib/h ...
CVE-2020-27619vulnerableIn Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK ...
CVE-2019-18348vulnerableAn issue was discovered in urllib2 in Python 2.x through 2.7.17 and ur ...
CVE-2019-9674vulnerableLib/zipfile.py in Python through 3.7.2 allows remote attackers to caus ...
CVE-2017-17522vulnerableLib/webbrowser.py in Python through 3.6.3 does not validate strings be ...

Resolved issues

BugDescription
CVE-2024-11168The urllib.parse.urlsplit() and urlparse() functions improperly valida ...
CVE-2024-9287A vulnerability has been found in the CPython `venv` module and CLI wh ...
CVE-2024-8088There is a HIGH severity vulnerability affecting the CPython "zipfile" ...
CVE-2024-7592There is a LOW severity vulnerability affecting CPython, specifically ...
CVE-2024-6923There is a MEDIUM severity vulnerability affecting CPython. The emai ...
CVE-2024-6232There is a MEDIUM severity vulnerability affecting CPython. Regul ...
CVE-2024-4032The \u201cipaddress\u201d module contained incorrect information about ...
CVE-2024-4030On Windows a directory returned by tempfile.mkdtemp() would not always ...
CVE-2024-3219The \u201csocket\u201d module provides a pure-Python fallback to the ...
CVE-2024-0450An issue was found in the CPython `zipfile` module affecting versions ...
CVE-2024-0397A defect was discovered in the Python \u201cssl\u201d module where the ...
CVE-2023-41105An issue was discovered in Python 3.11 through 3.11.4. If a path conta ...
CVE-2023-40217An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, ...
CVE-2023-38898An issue in Python cpython v.3.7 allows an attacker to obtain sensitiv ...
CVE-2023-33595CPython v3.12.0 alpha 7 was discovered to contain a heap use-after-fre ...
CVE-2023-27043The email module of Python through 3.11.3 incorrectly parses e-mail ad ...
CVE-2023-6597An issue was found in the CPython `tempfile.TemporaryDirectory` class ...
CVE-2023-6507An issue was found in CPython 3.12.0 `subprocess` module on POSIX plat ...
CVE-2022-48566An issue was discovered in compare_digest in Lib/hmac.py in Python thr ...
CVE-2022-48565An XML External Entity (XXE) issue was discovered in Python through 3. ...
CVE-2022-48564read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a po ...
CVE-2022-48560A use-after-free exists in Python through 3.9 via heappushpop in heapq ...
CVE-2022-45061An issue was discovered in Python before 3.11.1. An unnecessary quadra ...
CVE-2022-42919Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows lo ...
CVE-2022-37454The Keccak XKCP SHA-3 reference implementation before fdc6fef has an i ...
CVE-2022-26488In Python before 3.10.3 on Windows, local users can gain privileges be ...
CVE-2021-4189A flaw was found in Python, specifically in the FTP (File Transfer Pro ...
CVE-2021-3737A flaw was found in python. An improperly handled HTTP response in the ...
CVE-2021-3733There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker ...
CVE-2021-3426There's a flaw in Python 3's pydoc. A local or adjacent attacker who d ...
CVE-2021-3177Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctyp ...
CVE-2020-26116http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x be ...
CVE-2020-15801In Python 3.8.4, sys.path restrictions specified in a python38._pth fi ...
CVE-2020-14422Lib/ipaddress.py in Python through 3.8.3 improperly computes hash valu ...
CVE-2020-10735A flaw was found in python. In algorithms with quadratic time complexi ...
CVE-2020-8492Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 ...
CVE-2020-8315In Python (CPython) 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 thr ...
CVE-2019-20907In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craf ...
CVE-2019-16935The documentation XML-RPC server in Python through 2.7.16, 3.x through ...
CVE-2019-16056An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3 ...
CVE-2019-10160A security regression of CVE-2019-9636 was discovered in python since ...
CVE-2019-9948urllib in Python 2.x through 2.7.16 supports the local_file: scheme, w ...
CVE-2019-9947An issue was discovered in urllib2 in Python 2.x through 2.7.16 and ur ...
CVE-2019-9740An issue was discovered in urllib2 in Python 2.x through 2.7.16 and ur ...
CVE-2019-9636Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Impr ...
CVE-2019-5010An exploitable denial-of-service vulnerability exists in the X509 cert ...
CVE-2018-1000802Python Software Foundation Python (CPython) version 2.7 contains a CWE ...
CVE-2018-1000117Python Software Foundation CPython version From 3.2 until 3.6.4 on Win ...
CVE-2018-1000030Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a Hea ...
CVE-2018-20852http.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookiejar.py ...
CVE-2018-20406Modules/_pickle.c in Python before 3.7.1 has an integer overflow via a ...
CVE-2018-14647Python's elementtree C accelerator failed to initialise Expat's hash s ...
CVE-2018-1061python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is ...
CVE-2018-1060python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is ...
CVE-2015-20107In Python (aka CPython) up to 3.10.8, the mailcap module does not add ...

Security announcements

DSA / DLADescription
ELA-1244-1python3.7 - security update
ELA-1135-1python3.7 - security update
DLA-3772-1python3.7 - security update
DLA-3614-1python3.7 - security update
DLA-3477-1python3.7 - security update
DLA-3175-1python3.7 - security update

Search for package or bug name: Reporting problems