Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Python Number Of NVD 124 CRITICAL 17 HIGH 51 MEDIUM 51 LOW 5
URL https://www.python.org/
Explanation A universally usable scripting language that does not require compilation and is executed by an interpreter.
It can be programmed in a variety of formats such as object-oriented, imperative, procedural, and functional.
It can be programmed in various formats such as object-oriented, imperative, procedural, and functional, and can be easily used as it is initially installed on most Unix and Linux distributions.
The language specification is simple and designed so that anyone can write the same kind of code, and it is the language of choice for many projects and companies.

It is widely used in the following applications due to its rich library.

AI (Deep Learning, Machine Learning, Deep Learning)
Web applications
Scripts for server administration

It is my personal favorite language.

Basically, it is supported for 5 years after its release.
Tag
  • Python Software Foundation License
  • オープンソース
Add Information URL
No Type Name URL
1 https://www.python.org/downloads/
2 https://devguide.python.org/devcycle/#end-of-life-branches
3 https://devguide.python.org/
4 https://github.com/python
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
41 Python3.12 3.12.12 Oct. 9, 2025 Oct. 2, 2023 Oct. 31, 2028 0 2 2 0
42 Python3.11 3.11.14 Oct. 9, 2025 Oct. 24, 2022 Oct. 31, 2027 0 9 3 0
43 Python3.10 3.10.19 Oct. 9, 2025 Oct. 4, 2021 Oct. 31, 2026 2 12 7 0
44 Python3.9 3.9.25 Oct. 31, 2025 Oct. 5, 2020 Oct. 5, 2025 6 15 11 0
45 Python3.8 3.8.20 Sept. 6, 2024 Oct. 14, 2019 Oct. 14, 2024 8 18 15 0
46 Python3.7 3.7.17 June 6, 2023 June 27, 2018 June 27, 2023 9 25 20 0
47 Python3.6 3.6.15 Sept. 3, 2021 Dec. 23, 2016 Dec. 23, 2021 9 24 20 0
48 Python3.5 3.5.10 Sept. 5, 2020 Sept. 13, 2015 Sept. 13, 2020 9 25 19 0
49 Python3.4 3.4.10 March 18, 2019 March 17, 2014 March 18, 2019 8 26 20 1
50 Python3.3 3.3.7 Sept. 19, 2017 Sept. 29, 2012 Sept. 29, 2017 7 22 24 1
51 Python3.2 3.2.6 Oct. 12, 2014 Feb. 20, 2011 Feb. 20, 2016 5 19 27 2
52 Python2.7 2.7.18 April 20, 2020 July 3, 2010 Jan. 1, 2020 10 25 31 3
53 Python3.1 3.1.5 Aug. 17, 2009 June 26, 2009 April 9, 2012 4 19 33 1
54 Python3.0 3.0.1 Feb. 13, 2009 Dec. 19, 2008 June 27, 2009 4 18 24 1
55 Python2.6 2.6.9 Jan. 29, 2013 4 15 26 3
56 Python2.5 2.5.6 Jan. 1, 2000 4 25 29 2
57 Python2.4 2.4.6 Jan. 1, 2000 4 24 26 3
58 Python2.3 2.3.7 Jan. 1, 2000 4 23 25 3
59 Python2.2 2.2.3 Jan. 1, 2000 4 24 26 3
60 Python2.1 2.1.3 Jan. 1, 2000 4 22 26 3
61 Python2.0 2.0.1 Jan. 1, 2000 4 22 26 3
62 Python1.6 1.6.1 Jan. 1, 2000 3 22 21 3
63 Python1.5 1.5.2 Jan. 1, 2000 3 22 21 3
64 Python1.4 1.4 Jan. 1, 2000 3 21 21 3
65 Python1.3 1.3 Jan. 1, 2000 3 21 21 3
66 Python1.2 1.2 Jan. 1, 2000 3 21 21 3
67 Python1.1 1.1.1 Jan. 1, 2000 3 21 21 3
68 Python1.0 1.0.2 Jan. 1, 2000 3 21 21 3
69 Python0.9 0.9.9 Jan. 1, 2000 3 21 21 3
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
41 6.5
7.1 		MEDIUM
Network 		Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks agains… CWE-400
 Uncontrolled Resource Consumption 		CVE-2020-8492 cpe:2.3:a:python:python:*:* 3.8.0
3.7.0
3.6.0
3.5.0
2.7.0 		3.8.1
3.7.6
3.6.10
3.5.9
2.7.17







2024-11-21 14:38
2020-01-31 		Show GitHub Exploit DB Packet Storm
42 5.5
4.3 		MEDIUM
Local 		In Python (CPython) 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1, an insecure dependency load upon launch on Windows 7 may result in an attacker's copy of api-ms-win-core-path-l1-1-0.… CWE-427
 Uncontrolled Search Path Element 		CVE-2020-8315 cpe:2.3:a:python:python:*:* 3.8.0
3.7.0
3.6.0 		3.8.1
3.7.6
3.6.10



2024-11-21 14:38
2020-01-29 		Show GitHub Exploit DB Packet Storm
43 6.1
5.8 		MEDIUM
Network 		The CGIHandler class in Python before 2.7.12 does not protect against the HTTP_PROXY variable name clash in a CGI script, which could allow a remote attacker to redirect HTTP requests. CWE-601
Open Redirect 		CVE-2016-1000110 cpe:2.3:a:python:python:*:* 3.3.0
3.5.0
2.7.0
3.4.0





3.3.7
3.5.3
2.7.13
3.4.6 		2024-11-21 11:42
2019-11-28 		Show GitHub Exploit DB Packet Storm
44 7.5
5.0 		HIGH
Network 		An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, re… CWE-476
 NULL Pointer Dereference 		CVE-2019-5010 cpe:2.3:a:python:python:*:* 3.7.0
3.6.0
3.5.0
2.7.0
3.4.0







3.7.3
3.6.9
3.5.7
2.7.16
3.4.10 		2024-11-21 13:44
2019-11-1 		Show GitHub Exploit DB Packet Storm
45 6.1
4.3 		MEDIUM
Network 		An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the fir… CWE-74
Injection 		CVE-2019-18348 cpe:2.3:a:python:python:*:* 2.0
3.8.0
3.0
3.6.0
3.7.0 		2.7.17




3.8.3
3.5.10
3.6.11
3.7.8 		2024-11-21 13:33
2019-10-24 		Show GitHub Exploit DB Packet Storm
46 7.5
5.0 		HIGH
Network 		library/glob.html in the Python 2 and 3 documentation before 2016 has potentially misleading information about whether sorting occurs, as demonstrated by irreproducible cancer-research results. NOTE:… NVD-CWE-noinfo
CWE-682
 Incorrect Calculation 		CVE-2019-17514 cpe:2.3:a:python:python:3.8.0:-
cpe:2.3:a:python:python:3.7.0:-
cpe:2.3:a:python:python:3.6.0:- 		2024-11-21 13:32
2019-10-12 		Show GitHub Exploit DB Packet Storm
47 6.1
4.3 		MEDIUM
Network 		The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in L… CWE-79
Cross-site Scripting 		CVE-2019-16935 cpe:2.3:a:python:python:*:* 2.7.0
3.7.0
3.6.0
3.0.0





2.7.17
3.7.5
3.6.10
3.5.8 		2024-11-21 13:31
2019-09-28 		Show GitHub Exploit DB Packet Storm
48 7.5
5.0 		HIGH
Network 		An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. … NVD-CWE-noinfo
CVE-2019-16056 cpe:2.3:a:python:python:*:*
3.5.0
3.6.0
3.7.0
3.0.0
3.1.0
3.2.0
3.3.0
3.4.0 		2.7.16
3.5.7
3.6.9
3.7.4
3.0.1
3.1.5
3.2.6
3.3.7
3.4.10















2024-11-21 13:29
2019-09-7 		Show GitHub Exploit DB Packet Storm
49 7.5
5.0 		HIGH
Network 		In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumn… CWE-125
CWE-776
Out-of-bounds Read
XML Entity Expansion 		CVE-2019-15903 cpe:2.3:a:python:python:*:* 3.5.0
2.7.0
3.7.0
3.6.0





3.5.8
2.7.17
3.7.5
3.6.10 		2024-11-21 13:29
2019-09-4 		Show GitHub Exploit DB Packet Storm
50 5.3
5.0 		MEDIUM
Network 		http.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong serv… CWE-20
 Improper Input Validation  		CVE-2018-20852 cpe:2.3:a:python:python:*:* 2.0
3.7.0
3.6.0
3.5.0
3.0.0 		2.7.16




3.7.3
3.6.9
3.5.7
3.4.10 		2024-11-21 13:02
2019-07-14 		Show GitHub Exploit DB Packet Storm