Python — высокоуровневый язык программирования общего назначения. Его философия дизайна делает акцент на читаемости кода.
Релизный цикл, информация об уязвимостях
График релизов
Количество 910
CVE-2021-4189
A flaw was found in Python, specifically in the FTP (File Transfer Pro ...
CVE-2021-4189
A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connecting back to a given IP address and port. This vulnerability could lead to FTP client scanning ports, which otherwise would not have been possible.
GHSA-h7f6-hc46-frrv
Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure.
CVE-2021-28861
Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation page states "Warning: http.server is not recommended for production. It only implements basic security checks."
CVE-2021-28861
Python 3.x through 3.10 has an open redirection vulnerability in lib/h ...
CVE-2021-28861
Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation page states "Warning: http.server is not recommended for production. It only implements basic security checks."
CVE-2021-28861
Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation page states "Warning: http.server is not recommended for production. It only implements basic security checks."
SUSE-SU-2022:2357-1
Security update for python3
SUSE-SU-2022:2344-1
Security update for python
SUSE-SU-2022:2291-1
Security update for python310
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2021-4189 A flaw was found in Python, specifically in the FTP (File Transfer Pro ... | CVSS3: 5.3 | 1% Низкий | больше 3 лет назад |
 | CVE-2021-4189 A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connecting back to a given IP address and port. This vulnerability could lead to FTP client scanning ports, which otherwise would not have been possible. | CVSS3: 5.3 | 1% Низкий | больше 3 лет назад |
| GHSA-h7f6-hc46-frrv Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. | CVSS3: 7.4 | 1% Низкий | больше 3 лет назад |
 | CVE-2021-28861 Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation page states "Warning: http.server is not recommended for production. It only implements basic security checks." | CVSS3: 7.4 | 1% Низкий | больше 3 лет назад |
| CVE-2021-28861 Python 3.x through 3.10 has an open redirection vulnerability in lib/h ... | CVSS3: 7.4 | 1% Низкий | больше 3 лет назад |
| CVE-2021-28861 Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation page states "Warning: http.server is not recommended for production. It only implements basic security checks." | CVSS3: 7.4 | 1% Низкий | больше 3 лет назад |
 | CVE-2021-28861 Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation page states "Warning: http.server is not recommended for production. It only implements basic security checks." | CVSS3: 7.4 | 1% Низкий | больше 3 лет назад |
 | SUSE-SU-2022:2357-1 Security update for python3 | 1% Низкий | больше 3 лет назад | |
| SUSE-SU-2022:2344-1 Security update for python | 1% Низкий | больше 3 лет назад | |
| SUSE-SU-2022:2291-1 Security update for python310 | 1% Низкий | больше 3 лет назад |
Уязвимостей на страницу