Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python python 3.3.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-7338
Python prior to 3.3.4 RC1 allows remote malicious users to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, o...
Python Python 3.3.0
Python Python 3.3.1
Python Python 3.3.2
Python Python 3.3.3
Apple Mac Os X
NA
CVE-2014-2667
Race condition in the _get_masked_mode function in Lib/os.py in Python 3.2 up to and including 3.5, when exist_ok is set to true and multiple threads are used, might allow local users to bypass intended file permissions by leveraging a separate application vulnerability before th...
Python Python 3.2.6
Python Python 3.3.0
Python Python 3.4.0
Python Python 3.4.1
Python Python 3.2.0
Python Python 3.2.1
Python Python 3.3.1
Python Python 3.3.2
Python Python 3.4.2
Python Python 3.2.4
Python Python 3.2.5
Python Python 3.3.5
Python Python 3.3.6
Python Python 3.2.2
Python Python 3.2.3
Python Python 3.3.3
Python Python 3.3.4
6.1
CVSSv3
CVE-2016-5699
CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) prior to 2.7.10 and 3.x prior to 3.4.4 allows remote malicious users to inject arbitrary HTTP headers via CRLF sequences in a URL.
Python Python
Python Python 3.1.1
Python Python 3.3.2
Python Python 3.0
Python Python 3.0.1
Python Python 3.2.2
Python Python 3.1.0
Python Python 3.2.5
Python Python 3.1.5
Python Python 3.3.6
Python Python 3.4.0
Python Python 3.2.1
Python Python 3.2.0
Python Python 3.3.1
Python Python 3.4.3
Python Python 3.1.2
Python Python 3.3.4
Python Python 3.3.5
Python Python 3.2.3
Python Python 3.2.6
Python Python 3.3.0
Python Python 3.4.2
3 Github repositories
NA
CVE-2013-7040
Python 2.7 prior to 3.4 only uses the last eight bits of the prefix to randomize hash values, which causes it to compute hash values without restricting the ability to trigger hash collisions predictably and makes it easier for context-dependent malicious users to cause a denial ...
Apple Mac Os X
Python Python 3.3.2
Python Python 3.3.3
Python Python 3.2
Python Python 3.2.5
Python Python 3.1
Python Python 3.0.1
Python Python 2.7.1
Python Python 2.7.5
Python Python 2.7.6
Python Python 3.3
Python Python 3.3.4
Python Python 3.2.0
Python Python 3.2.1
Python Python 3.1.1
Python Python 3.1.2
Python Python 2.7.1150
Python Python 2.7.7
Python Python 3.3.0
Python Python 3.3.5
Python Python 3.2.2
Python Python 3.2.2150
1 Github repository
9.8
CVSSv3
CVE-2019-17626
ReportLab up to and including 3.5.26 allows remote code execution because of toColor(eval(arg)) in colors.py, as demonstrated by a crafted XML document with '<span color="' followed by arbitrary Python code.
Reportlab Reportlab
NA
CVE-2024-33663
python-jose up to and including 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key formats. This is similar to CVE-2022-29217.
NA
CVE-2024-33664
python-jose up to and including 3.3.0 allows malicious users to cause a denial of service (resource consumption) during a decode via a crafted JSON Web Encryption (JWE) token with a high compression ratio, aka a "JWT bomb." This is similar to CVE-2024-21319.
NA
CVE-2014-3146
Incomplete blacklist vulnerability in the lxml.html.clean module in lxml prior to 3.3.5 allows remote malicious users to conduct cross-site scripting (XSS) attacks via control characters in the link scheme to the clean_html function.
Lxml Lxml
Lxml Lxml 3.3.0
Lxml Lxml 3.2.0
Lxml Lxml 3.1.2
Lxml Lxml 3.0
Lxml Lxml 2.3
Lxml Lxml 2.2.4
Lxml Lxml 2.2.3
Lxml Lxml 2.2.2
Lxml Lxml 2.1.4
Lxml Lxml 2.0.11
Lxml Lxml 2.0.8
Lxml Lxml 2.1
Lxml Lxml 2.0.2
Lxml Lxml 2.0.1
Lxml Lxml 1.3.2
Lxml Lxml 1.3.1
Lxml Lxml 1.0.4
Lxml Lxml 1.0.3
Lxml Lxml 0.7
Lxml Lxml 0.6
Lxml Lxml 3.3.1
1 EDB exploit
8.8
CVSSv3
CVE-2022-32552
Pure Storage FlashArray products running Purity//FA 6.2.0 - 6.2.3, 6.1.0 - 6.1.12, 6.0.0 - 6.0.8, 5.3.0 - 5.3.17, 5.2.x and prior Purity//FA releases, and Pure Storage FlashBlade products running Purity//FB 3.3.0, 3.2.0 - 3.2.4, 3.1.0 - 3.1.12, 3.0.x and prior Purity//FB releases...
Purestorage Purity\\/\\/fa
Purestorage Purity\\/\\/fb
7.4
CVSSv3
CVE-2021-21241
The Python "Flask-Security-Too" package is used for adding security features to your Flask application. It is an is a independently maintained version of Flask-Security based on the 3.0.0 version of Flask-Security. In Flask-Security-Too from version 3.3.0 and before ver...
Flask-security-too Project Flask-security-too
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started