🔍 Search

Found 500 results for "python"

Showing 401 - 420 of 500 results (limited to 500 results)

🔒 CVE HIGH CVSS: 7.5 May 02, 2024

CVE-2024-30251

aiohttp is an asynchronous HTTP client/server framework for asyncio and python. In affected versions an attacker can send a specially crafted POST (multipart/form-data) request. When the aiohttp server processes it, the server will enter an infinite loop and be unable to process any further requests. An attacker can stop the application from serving requests after sending a single request. This issue has been addressed in version 3.9.4. Users are advised to upgrade. Users unable to upgrade may manually apply a patch to their systems. Please see the linked GHSA for instructions.

EPSS: 0.3%
🔒 CVE HIGH CVSS: 7.5 April 10, 2024

CVE-2024-31871

IBM Security Verify Access Appliance 10.0.0 through 10.0.7 could allow a malicious actor to conduct a man in the middle attack when deploying python scripts due to improper certificate validation. IBM X-Force ID: 287306.

EPSS: 0.1%
🔒 CVE HIGH CVSS: 7.5 February 05, 2024

CVE-2023-50782

A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data.

EPSS: 0.9%
🔒 CVE HIGH CVSS: 7.5 September 13, 2023

CVE-2023-4785

Lack of error handling in the TCP server in Google's gRPC starting version 1.23 on posix-compatible platforms (ex. Linux) allows an attacker to cause a denial of service by initiating a significant number of connections with the server. Note that gRPC C++ python, and Ruby are affected, but gRPC Java, and Go are NOT affected.

EPSS: 0.0%
🔒 CVE HIGH CVSS: 7.5 July 13, 2023

CVE-2023-37274

Auto-GPT is an experimental open-source application showcasing the capabilities of the GPT-4 language model. When Auto-GPT is executed directly on the host system via the provided run.sh or run.bat files, custom python code execution is sandboxed using a temporary dedicated docker container which should not have access to any files outside of the Auto-GPT workspace directory. Before v0.4.3, the `execute_python_code` command (introduced in v0.4.1) does not sanitize the `basename` arg before writing LLM-supplied code to a file with an LLM-supplied name. This allows for a path traversal attack that can overwrite any .py file outside the workspace directory by specifying a `basename` such as `../../../main.py`. This can further be abused to achieve arbitrary code execution on the host running Auto-GPT by e.g. overwriting autogpt/main.py which will be executed outside of the docker environment meant to sandbox custom python code execution the next time Auto-GPT is started. The issue has been patched in version 0.4.3. As a workaround, the risk introduced by this vulnerability can be remediated by running Auto-GPT in a virtual machine, or another environment in which damage to files or corruption of the program is not a critical problem.

EPSS: 0.1%
🔒 CVE HIGH CVSS: 7.5 May 15, 2023

CVE-2023-32309

PyMdown Extensions is a set of extensions for the `python-Markdown` markdown project. In affected versions an arbitrary file read is possible when using include file syntax. By using the syntax `--8<--"/etc/passwd"` or `--8<--"/proc/self/environ"` the content of these files will be rendered in the generated documentation. Additionally, a path relative to a specified, allowed base path can also be used to render the content of a file outside the specified base paths: `--8<-- "../../../../etc/passwd"`. Within the Snippets extension, there exists a `base_path` option but the implementation is vulnerable to Directory Traversal. The vulnerable section exists in `get_snippet_path(self, path)` lines 155 to 174 in snippets.py. Any readable file on the host where the plugin is executing may have its content exposed. This can impact any use of Snippets that exposes the use of Snippets to external users. It is never recommended to use Snippets to process user-facing, dynamic content. It is designed to process known content on the backend under the control of the host, but if someone were to accidentally enable it for user-facing content, undesired information could be exposed. This issue has been addressed in version 10.0. Users are advised to upgrade. Users unable to upgrade may restrict relative paths by filtering input.

EPSS: 1.2%
🔒 CVE HIGH CVSS: 7.5 February 17, 2023

CVE-2023-24329

An issue in the urllib.parse component of python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.

EPSS: 1.4%
🔒 CVE HIGH CVSS: 7.5 November 09, 2022

CVE-2022-45061

An issue was discovered in python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor; in such a scenario, they could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied supposed hostname. For example, the attack payload could be placed in the Location header of an HTTP response with status code 302. A fix is planned in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16.

EPSS: 0.1%
🔒 CVE HIGH CVSS: 7.5 September 09, 2022

CVE-2020-10735

A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int("text"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability.

EPSS: 0.4%
🔒 CVE HIGH CVSS: 7.5 March 04, 2022

CVE-2021-3737

A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability.

EPSS: 0.1%
🔒 CVE HIGH CVSS: 7.5 February 09, 2022

CVE-2022-0391

A flaw was found in python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14.

EPSS: 1.2%
🔒 CVE HIGH CVSS: 7.5 September 20, 2021

CVE-2021-32839

sqlparse is a non-validating SQL parser module for python. In sqlparse versions 0.4.0 and 0.4.1 there is a regular Expression Denial of Service in sqlparse vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of '\r\n' in SQL comments. Only the formatting feature that removes comments from SQL statements is affected by this regular expression. As a workaround don't use the sqlformat.format function with keyword strip_comments=True or the --strip-comments command line flag when using the sqlformat command line tool. The issues has been fixed in sqlparse 0.4.2.

EPSS: 0.1%
🔒 CVE HIGH CVSS: 7.5 December 09, 2020

CVE-2020-29651

A denial of service via regular expression in the py.path.svnwc component of py (aka python-py) through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality.

EPSS: 0.8%
🔒 CVE HIGH CVSS: 7.5 February 04, 2020

CVE-2019-9674

Lib/zipfile.py in python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.

EPSS: 1.4%
🔒 CVE HIGH CVSS: 7.5 September 14, 2017

CVE-2017-2809

An exploitable vulnerability exists in the yaml loading functionality of ansible-vault before 1.0.5. A specially crafted vault can execute arbitrary python commands resulting in command execution. An attacker can insert python into the vault to trigger this vulnerability.

EPSS: 0.5%
🔒 CVE HIGH CVSS: 7.5 June 14, 2017

CVE-2017-2810

An exploitable vulnerability exists in the Databook loading functionality of Tablib 0.11.4. A yaml loaded Databook can execute arbitrary python commands resulting in command execution. An attacker can insert python into loaded yaml to trigger this vulnerability.

EPSS: 1.4%
🔒 CVE HIGH CVSS: 7.5 June 13, 2017

CVE-2015-3220

The tlslite library before 0.4.9 for python allows remote attackers to trigger a denial of service (runtime exception and process crash).

EPSS: 0.8%
🔒 CVE HIGH CVSS: 7.5 January 10, 2017

CVE-2016-6581

A HTTP/2 implementation built using any version of the python HPACK library between v1.0.0 and v2.2.0 could be targeted for a denial of service attack, specifically a so-called "HPACK Bomb" attack. This attack occurs when an attacker inserts a header field that is exactly the size of the HPACK dynamic header table into the dynamic header table. The attacker can then send a header block that is simply repeated requests to expand that field in the dynamic table. This can lead to a gigantic compression ratio of 4,096 or better, meaning that 16kB of data can decompress to 64MB of data on the target machine.

EPSS: 0.4%
🔒 CVE HIGH CVSS: 7.5 January 10, 2017

CVE-2016-6580

A HTTP/2 implementation built using any version of the python priority library prior to version 1.2.0 could be targeted by a malicious peer by having that peer assign priority information for every possible HTTP/2 stream ID. The priority tree would happily continue to store the priority information for each stream, and would therefore allocate unbounded amounts of memory. Attempting to actually use a tree like this would also cause extremely high CPU usage to maintain the tree.

EPSS: 0.5%
🔒 CVE HIGH CVSS: 7.5 May 16, 2016

CVE-2015-4605

The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly restrict a certain offset value, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a "python script text executable" rule.

EPSS: 9.1%