CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2022-48560 – python: use after free in heappushpop() of heapq module
https://notcve.org/view.php?id=CVE-2022-48560
22 Aug 2023 — A use-after-free exists in Python through 3.9 via heappushpop in heapq. A use-after-free vulnerability was found in Python via the heappushpop function in the heapq module. This flaw allows an attacker to submit a specially crafted request, causing a service disruption that leads to a denial of service attack. It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. • https://bugs.python.org/issue39421 • CWE-416: Use After Free •
CVSS: 5.9EPSS: 0%CPEs: 8EXPL: 1CVE-2022-48566 – Ubuntu Security Notice USN-6891-1
https://notcve.org/view.php?id=CVE-2022-48566
22 Aug 2023 — An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1. Constant-time-defeating optimisations were possible in the accumulator variable in hmac.compare_digest. It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. • https://bugs.python.org/issue40791 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 10.0EPSS: 4%CPEs: 5EXPL: 2CVE-2022-48565 – python: XML External Entity in XML processing plistlib module
https://notcve.org/view.php?id=CVE-2022-48565
22 Aug 2023 — An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities. A flaw was found in Python caused by improper handling of XML external entity (XXE) declarations by the plistlib module. By using a specially crafted XML content, an attacker could obtain sensitive information by disclosing files specified by parsing URI, and may cause denial of service by resource exhaustion. It was discovered ... • https://github.com/Einstein2150/CVE-2022-48565-POC • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-38898
https://notcve.org/view.php?id=CVE-2023-38898
15 Aug 2023 — An issue in Python cpython v.3.7 allows an attacker to obtain sensitive information via the _asyncio._swap_current_task component. NOTE: this is disputed by the vendor because (1) neither 3.7 nor any other release is affected (it is a bug in some 3.12 pre-releases); (2) there are no common scenarios in which an adversary can call _asyncio._swap_current_task but does not already have the ability to call arbitrary functions; and (3) there are no common scenarios in which sensitive information, which is not al... • https://github.com/python/cpython/issues/105987 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-36632
https://notcve.org/view.php?id=CVE-2023-36632
25 Jun 2023 — The legacy email.utils.parseaddr function in Python through 3.11.4 allows attackers to trigger "RecursionError: maximum recursion depth exceeded while calling a Python object" via a crafted argument. This argument is plausibly an untrusted value from an application's input data that was supposed to contain a name and an e-mail address. NOTE: email.utils.parseaddr is categorized as a Legacy API in the documentation of the Python email package. Applications should instead use the email.parser.BytesParser or e... • https://docs.python.org/3/library/email.html • CWE-674: Uncontrolled Recursion •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-33595
https://notcve.org/view.php?id=CVE-2023-33595
07 Jun 2023 — CPython v3.12.0 alpha 7 was discovered to contain a heap use-after-free via the function ascii_decode at /Objects/unicodeobject.c. • https://github.com/python/cpython/issues/103824 • CWE-416: Use After Free •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 1CVE-2023-27043 – python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple
https://notcve.org/view.php?id=CVE-2023-27043
18 Apr 2023 — The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python. USN-7015-1 fixed... • http://python.org • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-25082 – zwczou WeChat SDK Python to_xml xml external entity reference
https://notcve.org/view.php?id=CVE-2018-25082
21 Mar 2023 — A vulnerability was found in zwczou WeChat SDK Python 0.3.0 and classified as critical. This issue affects the function validate/to_xml. The manipulation leads to xml external entity reference. The attack may be initiated remotely. Upgrading to version 0.5.5 is able to address this issue. • https://github.com/zwczou/weixin-python/commit/e54abadc777715b6dcb545c13214d1dea63df6c9 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-24107
https://notcve.org/view.php?id=CVE-2023-24107
22 Feb 2023 — hour_of_code_python_2015 commit 520929797b9ca43bb818b2e8f963fb2025459fa3 was discovered to contain a code execution backdoor via the request package (requirements.txt). This vulnerability allows attackers to access sensitive user information and execute arbitrary code. • https://github.com/jminh/hour_of_code_python_2015 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 1%CPEs: 13EXPL: 5CVE-2023-24329 – python: urllib.parse url blocklisting bypass
https://notcve.org/view.php?id=CVE-2023-24329
17 Feb 2023 — An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. A flaw was found in the Python package. An issue in the urllib.parse component could allow attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.This may lead to compromised Integrity. Red Hat Single Sign-On is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containeri... • https://github.com/JawadPy/CVE-2023-24329-Exploit • CWE-20: Improper Input Validation •