Python — высокоуровневый язык программирования общего назначения. Его философия дизайна делает акцент на читаемости кода.
Релизный цикл, информация об уязвимостях
График релизов
Количество 870
CVE-2022-48565
An XML External Entity (XXE) issue was discovered in Python through 3. ...
CVE-2022-48564
read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format.
CVE-2022-48564
read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a po ...
CVE-2022-48560
A use-after-free exists in Python through 3.9 via heappushpop in heapq.
CVE-2022-48560
A use-after-free exists in Python through 3.9 via heappushpop in heapq ...
CVE-2022-48565
An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities.
CVE-2022-48566
An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1. Constant-time-defeating optimisations were possible in the accumulator variable in hmac.compare_digest.
CVE-2022-48560
A use-after-free exists in Python through 3.9 via heappushpop in heapq.
CVE-2022-48564
read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format.
CVE-2022-48564
read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2022-48565 An XML External Entity (XXE) issue was discovered in Python through 3. ... | CVSS3: 9.8 | 4% Низкий | почти 2 года назад |
 | CVE-2022-48564 read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format. | CVSS3: 6.5 | 0% Низкий | почти 2 года назад |
| CVE-2022-48564 read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a po ... | CVSS3: 6.5 | 0% Низкий | почти 2 года назад |
| CVE-2022-48560 A use-after-free exists in Python through 3.9 via heappushpop in heapq. | CVSS3: 7.5 | 0% Низкий | почти 2 года назад |
| CVE-2022-48560 A use-after-free exists in Python through 3.9 via heappushpop in heapq ... | CVSS3: 7.5 | 0% Низкий | почти 2 года назад |
 | CVE-2022-48565 An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities. | CVSS3: 9.8 | 4% Низкий | почти 2 года назад |
| CVE-2022-48566 An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1. Constant-time-defeating optimisations were possible in the accumulator variable in hmac.compare_digest. | CVSS3: 5.9 | 0% Низкий | почти 2 года назад |
| CVE-2022-48560 A use-after-free exists in Python through 3.9 via heappushpop in heapq. | CVSS3: 7.5 | 0% Низкий | почти 2 года назад |
| CVE-2022-48564 read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format. | CVSS3: 6.5 | 0% Низкий | почти 2 года назад |
 | CVE-2022-48564 read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format. | CVSS3: 6.5 | 0% Низкий | почти 2 года назад |
Уязвимостей на страницу