Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Python Number Of NVD 124 CRITICAL 17 HIGH 51 MEDIUM 51 LOW 5
URL https://www.python.org/
Explanation A universally usable scripting language that does not require compilation and is executed by an interpreter.
It can be programmed in a variety of formats such as object-oriented, imperative, procedural, and functional.
It can be programmed in various formats such as object-oriented, imperative, procedural, and functional, and can be easily used as it is initially installed on most Unix and Linux distributions.
The language specification is simple and designed so that anyone can write the same kind of code, and it is the language of choice for many projects and companies.

It is widely used in the following applications due to its rich library.

AI (Deep Learning, Machine Learning, Deep Learning)
Web applications
Scripts for server administration

It is my personal favorite language.

Basically, it is supported for 5 years after its release.
Tag
  • Python Software Foundation License
  • オープンソース
Add Information URL
No Type Name URL
1 https://www.python.org/downloads/
2 https://devguide.python.org/devcycle/#end-of-life-branches
3 https://devguide.python.org/
4 https://github.com/python
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
91 Python3.12 3.12.12 Oct. 9, 2025 Oct. 2, 2023 Oct. 31, 2028 0 2 2 0
92 Python3.11 3.11.14 Oct. 9, 2025 Oct. 24, 2022 Oct. 31, 2027 0 9 3 0
93 Python3.10 3.10.19 Oct. 9, 2025 Oct. 4, 2021 Oct. 31, 2026 2 12 7 0
94 Python3.9 3.9.25 Oct. 31, 2025 Oct. 5, 2020 Oct. 5, 2025 6 15 11 0
95 Python3.8 3.8.20 Sept. 6, 2024 Oct. 14, 2019 Oct. 14, 2024 8 18 15 0
96 Python3.7 3.7.17 June 6, 2023 June 27, 2018 June 27, 2023 9 25 20 0
97 Python3.6 3.6.15 Sept. 3, 2021 Dec. 23, 2016 Dec. 23, 2021 9 24 20 0
98 Python3.5 3.5.10 Sept. 5, 2020 Sept. 13, 2015 Sept. 13, 2020 9 25 19 0
99 Python3.4 3.4.10 March 18, 2019 March 17, 2014 March 18, 2019 8 26 20 1
100 Python3.3 3.3.7 Sept. 19, 2017 Sept. 29, 2012 Sept. 29, 2017 7 22 24 1
101 Python3.2 3.2.6 Oct. 12, 2014 Feb. 20, 2011 Feb. 20, 2016 5 19 27 2
102 Python2.7 2.7.18 April 20, 2020 July 3, 2010 Jan. 1, 2020 10 25 31 3
103 Python3.1 3.1.5 Aug. 17, 2009 June 26, 2009 April 9, 2012 4 19 33 1
104 Python3.0 3.0.1 Feb. 13, 2009 Dec. 19, 2008 June 27, 2009 4 18 24 1
105 Python2.6 2.6.9 Jan. 29, 2013 4 15 26 3
106 Python2.5 2.5.6 Jan. 1, 2000 4 25 29 2
107 Python2.4 2.4.6 Jan. 1, 2000 4 24 26 3
108 Python2.3 2.3.7 Jan. 1, 2000 4 23 25 3
109 Python2.2 2.2.3 Jan. 1, 2000 4 24 26 3
110 Python2.1 2.1.3 Jan. 1, 2000 4 22 26 3
111 Python2.0 2.0.1 Jan. 1, 2000 4 22 26 3
112 Python1.6 1.6.1 Jan. 1, 2000 3 22 21 3
113 Python1.5 1.5.2 Jan. 1, 2000 3 22 21 3
114 Python1.4 1.4 Jan. 1, 2000 3 21 21 3
115 Python1.3 1.3 Jan. 1, 2000 3 21 21 3
116 Python1.2 1.2 Jan. 1, 2000 3 21 21 3
117 Python1.1 1.1.1 Jan. 1, 2000 3 21 21 3
118 Python1.0 1.0.2 Jan. 1, 2000 3 21 21 3
119 Python0.9 0.9.9 Jan. 1, 2000 3 21 21 3
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
91 -
5.0 		MEDIUM Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dep… CWE-310
Cryptographic Issues 		CVE-2012-1150 cpe:2.3:a:python:python:3.2:alpha
cpe:2.3:a:python:python:3.2:*
cpe:2.3:a:python:python:3.2.2150:*
cpe:2.3:a:p… 		2.6.7 2024-11-21 10:36
2012-10-6 		Show GitHub Exploit DB Packet Storm
92 -
5.0 		MEDIUM SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows remote attackers to cause a denial of service (infinite loop an… CWE-399
 Resource Management Errors 		CVE-2012-0845 cpe:2.3:a:python:python:3.2:alpha
cpe:2.3:a:python:python:3.2:*
cpe:2.3:a:python:python:3.2.2150:*
cpe:2.3:a:p… 		2.6.7 2024-11-21 10:35
2012-10-6 		Show GitHub Exploit DB Packet Storm
93 -
1.9 		LOW Python 2.6 through 3.2 creates ~/.pypirc with world-readable permissions before changing them after data has been written, which introduces a race condition that allows local users to obtain a userna… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2011-4944 cpe:2.3:a:python:python:3.2:alpha
cpe:2.3:a:python:python:3.2:*
cpe:2.3:a:python:python:3.1:*
cpe:2.3:a:python… 		2024-11-21 10:33
2012-08-28 		Show GitHub Exploit DB Packet Storm
94 -
6.4 		MEDIUM The utf-16 decoder in Python 3.1 through 3.3 does not update the aligned_end variable after calling the unicode_decode_call_errorhandler function, which allows remote attackers to obtain sensitive in… NVD-CWE-Other
CVE-2012-2135 cpe:2.3:a:python:python:*:* 3.3.0
3.2.0
2.7.0



3.3.3
3.2.4
2.7.4 		2024-11-21 10:38
2012-08-15 		Show GitHub Exploit DB Packet Storm
95 -
4.3 		MEDIUM The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a deni… CWE-400
 Uncontrolled Resource Consumption 		CVE-2012-0876 cpe:2.3:a:python:python:*:* 3.2.0
3.1.0
2.7.0
2.6.0





3.2.3
3.1.5
2.7.3
2.6.8 		2024-11-21 10:35
2012-07-4 		Show GitHub Exploit DB Packet Storm
96 -
2.6 		LOW The list_directory function in Lib/SimpleHTTPServer.py in SimpleHTTPServer in Python before 2.5.6c1, 2.6.x before 2.6.7 rc2, and 2.7.x before 2.7.2 does not place a charset parameter in the Content-T… CWE-79
Cross-site Scripting 		CVE-2011-4940 cpe:2.3:a:python:python:2.7.2:rc1
cpe:2.3:a:python:python:2.7.1:rc1
cpe:2.3:a:python:python:2.7.1:*
cpe:2.3:a:… 		2.5.6 2024-11-21 10:33
2012-06-27 		Show GitHub Exploit DB Packet Storm
97 -
6.4 		MEDIUM The urllib and urllib2 modules in Python 2.x before 2.7.2 and 3.x before 3.2.1 process Location headers that specify redirection to file: URLs, which makes it easier for remote attackers to obtain se… CWE-399
 Resource Management Errors 		CVE-2011-1521 cpe:2.3:a:python:python:3.2:alpha
cpe:2.3:a:python:python:3.2:*
cpe:2.3:a:python:python:3.1:*
cpe:2.3:a:python… 		2024-11-21 10:26
2011-05-25 		Show GitHub Exploit DB Packet Storm
98 -
5.0 		MEDIUM The is_cgi method in CGIHTTPServer.py in the CGIHTTPServer module in Python 2.5, 2.6, and 3.0 allows remote attackers to read script source code via an HTTP GET request that lacks a / (slash) charact… CWE-200
Information Exposure 		CVE-2011-1015 cpe:2.3:a:python:python:3.0:* 2024-11-21 10:25
2011-05-10 		Show GitHub Exploit DB Packet Storm
99 -
4.3 		MEDIUM Multiple race conditions in smtpd.py in the smtpd module in Python 2.6, 2.7, 3.1, and 3.2 alpha allow remote attackers to cause a denial of service (daemon outage) by establishing and then immediatel… CWE-362
Race Condition 		CVE-2010-3493 cpe:2.3:a:python:python:3.2:alpha
cpe:2.3:a:python:python:3.1:* 		2024-11-21 10:18
2010-10-20 		Show GitHub Exploit DB Packet Storm
100 -
5.0 		MEDIUM The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should han… NVD-CWE-Other
CVE-2010-3492 cpe:2.3:a:python:python:*:*
3.0 		2.7

3.1.2 		2024-11-21 10:18
2010-10-20 		Show GitHub Exploit DB Packet Storm