Max CVSS | 6.4 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2019-9947 | 4.3 |
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (sp
|
16-08-2022 - 13:00 | 23-03-2019 - 18:29 | |
CVE-2019-9740 | 4.3 |
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (sp
|
16-08-2022 - 13:00 | 13-03-2019 - 03:29 | |
CVE-2019-5010 | 5.0 |
An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can ini
|
28-07-2022 - 11:23 | 31-10-2019 - 21:15 | |
CVE-2019-9948 | 6.4 |
urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call
|
30-06-2022 - 17:14 | 23-03-2019 - 18:29 | |
CVE-2018-14647 | 5.0 |
Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause pathological hash collisions
|
29-07-2020 - 12:15 | 25-09-2018 - 00:29 |