Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Python Number Of NVD 124 CRITICAL 17 HIGH 51 MEDIUM 51 LOW 5
URL https://www.python.org/
Explanation A universally usable scripting language that does not require compilation and is executed by an interpreter.
It can be programmed in a variety of formats such as object-oriented, imperative, procedural, and functional.
It can be programmed in various formats such as object-oriented, imperative, procedural, and functional, and can be easily used as it is initially installed on most Unix and Linux distributions.
The language specification is simple and designed so that anyone can write the same kind of code, and it is the language of choice for many projects and companies.

It is widely used in the following applications due to its rich library.

AI (Deep Learning, Machine Learning, Deep Learning)
Web applications
Scripts for server administration

It is my personal favorite language.

Basically, it is supported for 5 years after its release.
Tag
  • Python Software Foundation License
  • オープンソース
Add Information URL
No Type Name URL
1 https://www.python.org/downloads/
2 https://devguide.python.org/devcycle/#end-of-life-branches
3 https://devguide.python.org/
4 https://github.com/python
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
21 Python3.12 3.12.12 Oct. 9, 2025 Oct. 2, 2023 Oct. 31, 2028 0 2 2 0
22 Python3.11 3.11.14 Oct. 9, 2025 Oct. 24, 2022 Oct. 31, 2027 0 9 3 0
23 Python3.10 3.10.19 Oct. 9, 2025 Oct. 4, 2021 Oct. 31, 2026 2 12 7 0
24 Python3.9 3.9.25 Oct. 31, 2025 Oct. 5, 2020 Oct. 5, 2025 6 15 11 0
25 Python3.8 3.8.20 Sept. 6, 2024 Oct. 14, 2019 Oct. 14, 2024 8 18 15 0
26 Python3.7 3.7.17 June 6, 2023 June 27, 2018 June 27, 2023 9 25 20 0
27 Python3.6 3.6.15 Sept. 3, 2021 Dec. 23, 2016 Dec. 23, 2021 9 24 20 0
28 Python3.5 3.5.10 Sept. 5, 2020 Sept. 13, 2015 Sept. 13, 2020 9 25 19 0
29 Python3.4 3.4.10 March 18, 2019 March 17, 2014 March 18, 2019 8 26 20 1
30 Python3.3 3.3.7 Sept. 19, 2017 Sept. 29, 2012 Sept. 29, 2017 7 22 24 1
31 Python3.2 3.2.6 Oct. 12, 2014 Feb. 20, 2011 Feb. 20, 2016 5 19 27 2
32 Python2.7 2.7.18 April 20, 2020 July 3, 2010 Jan. 1, 2020 10 25 31 3
33 Python3.1 3.1.5 Aug. 17, 2009 June 26, 2009 April 9, 2012 4 19 33 1
34 Python3.0 3.0.1 Feb. 13, 2009 Dec. 19, 2008 June 27, 2009 4 18 24 1
35 Python2.6 2.6.9 Jan. 29, 2013 4 15 26 3
36 Python2.5 2.5.6 Jan. 1, 2000 4 25 29 2
37 Python2.4 2.4.6 Jan. 1, 2000 4 24 26 3
38 Python2.3 2.3.7 Jan. 1, 2000 4 23 25 3
39 Python2.2 2.2.3 Jan. 1, 2000 4 24 26 3
40 Python2.1 2.1.3 Jan. 1, 2000 4 22 26 3
41 Python2.0 2.0.1 Jan. 1, 2000 4 22 26 3
42 Python1.6 1.6.1 Jan. 1, 2000 3 22 21 3
43 Python1.5 1.5.2 Jan. 1, 2000 3 22 21 3
44 Python1.4 1.4 Jan. 1, 2000 3 21 21 3
45 Python1.3 1.3 Jan. 1, 2000 3 21 21 3
46 Python1.2 1.2 Jan. 1, 2000 3 21 21 3
47 Python1.1 1.1.1 Jan. 1, 2000 3 21 21 3
48 Python1.0 1.0.2 Jan. 1, 2000 3 21 21 3
49 Python0.9 0.9.9 Jan. 1, 2000 3 21 21 3
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
21 7.8
4.4 		HIGH
Local 		A vulnerability classified as problematic was found in Python 2.7.13. This vulnerability affects unknown code of the component pgAdmin4. The manipulation leads to uncontrolled search path. The attack… - CVE-2017-20052 cpe:2.3:a:python:python:2.7.13:* 2024-11-21 12:22
2022-06-16 		Show GitHub Exploit DB Packet Storm
22 7.6
8.0 		HIGH
Network 		In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into app… CWE-77
Command Injection 		CVE-2015-20107 cpe:2.3:a:python:python:*:* 3.8.0
3.9.0
3.10.0
3.7.0 		3.8.15
3.9.15

3.7.15




3.10.8
 2024-11-21 11:26
2022-04-14 		Show GitHub Exploit DB Packet Storm
23 7.5
5.0 		HIGH
Network 		zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. CWE-787
 Out-of-bounds Write 		CVE-2018-25032 cpe:2.3:a:python:python:*:* 3.10.0
3.9.0
3.7.0
3.8.0





3.10.5
3.9.13
3.7.14
3.8.14 		2024-11-21 13:03
2022-03-25 		Show GitHub Exploit DB Packet Storm
24 7.0
4.4 		HIGH
Local 		In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local attacker to add user-writable directories to the s… CWE-426
 Untrusted Search Path 		CVE-2022-26488 cpe:2.3:a:python:python:3.11.0:alpha6
cpe:2.3:a:python:python:3.11.0:alpha5
cpe:2.3:a:python:python:3.11.0:alpha4…
3.8.0
3.9.0
3.10.0 		3.7.12
3.8.12
3.9.10
3.10.2





2024-11-21 15:54
2022-03-11 		Show GitHub Exploit DB Packet Storm
25 6.5
4.0 		MEDIUM
Network 		There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression D… CWE-400
 Uncontrolled Resource Consumption 		CVE-2021-3733 cpe:2.3:a:python:python:3.10.0:-
cpe:2.3:a:python:python:*:* 		3.9.0
3.7.0

3.8.0





3.9.5
3.7.11
3.6.14
3.8.10 		2024-11-21 15:22
2022-03-11 		Show GitHub Exploit DB Packet Storm
26 7.5
7.1 		HIGH
Network 		A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinit… CWE-400
CWE-835
 Uncontrolled Resource Consumption
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2021-3737 cpe:2.3:a:python:python:*:* 3.8.0
3.7.0
3.9.0
3.6.0





3.8.11
3.7.11
3.9.6
3.6.14 		2024-11-21 15:22
2022-03-5 		Show GitHub Exploit DB Packet Storm
27 7.5
5.0 		HIGH
Network 		A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method doe… CWE-74
Injection 		CVE-2022-0391 cpe:2.3:a:python:python:3.10.0:alpha6
cpe:2.3:a:python:python:3.10.0:alpha5
cpe:2.3:a:python:python:3.10.0:alpha4… 		3.9.0
3.8.0
3.7.0





3.9.5
3.8.11
3.7.11
3.6.14 		2024-11-21 15:38
2022-02-10 		Show GitHub Exploit DB Packet Storm
28 5.7
2.7 		MEDIUM
Adjacent 		There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disc… CWE-22
Path Traversal 		CVE-2021-3426 cpe:2.3:a:python:python:3.10.0:alpha6
cpe:2.3:a:python:python:3.10.0:alpha5
cpe:2.3:a:python:python:3.10.0:alpha4… 		3.8.0
3.7.0
3.6.0
3.9.0







3.8.8
3.7.10
3.6.13
3.9.3
2.7.18 		2024-11-21 15:21
2021-05-20 		Show GitHub Exploit DB Packet Storm
29 9.8
7.5 		CRITICAL
Network 		In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This (in some situations) allows attackers to bypass access control that is bas… NVD-CWE-Other
CVE-2021-29921 cpe:2.3:a:python:python:*:* 3.9.0
3.8.0

3.9.5
3.8.12 		2024-11-21 15:01
2021-05-6 		Show GitHub Exploit DB Packet Storm
30 5.9
4.0 		MEDIUM
Network 		The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.pars… CWE-444
HTTP Request Smuggling 		CVE-2021-23336 cpe:2.3:a:python:python:*:* 3.9.0
3.8.0
3.7.0





3.9.2
3.8.8
3.7.10
3.6.13 		2024-11-21 14:51
2021-02-15 		Show GitHub Exploit DB Packet Storm