Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Python Number Of NVD 124 CRITICAL 17 HIGH 51 MEDIUM 51 LOW 5
URL https://www.python.org/
Explanation A universally usable scripting language that does not require compilation and is executed by an interpreter.
It can be programmed in a variety of formats such as object-oriented, imperative, procedural, and functional.
It can be programmed in various formats such as object-oriented, imperative, procedural, and functional, and can be easily used as it is initially installed on most Unix and Linux distributions.
The language specification is simple and designed so that anyone can write the same kind of code, and it is the language of choice for many projects and companies.

It is widely used in the following applications due to its rich library.

AI (Deep Learning, Machine Learning, Deep Learning)
Web applications
Scripts for server administration

It is my personal favorite language.

Basically, it is supported for 5 years after its release.
Tag
  • Python Software Foundation License
  • オープンソース
Add Information URL
No Type Name URL
1 https://www.python.org/downloads/
2 https://devguide.python.org/devcycle/#end-of-life-branches
3 https://devguide.python.org/
4 https://github.com/python
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
71 Python3.12 3.12.12 Oct. 9, 2025 Oct. 2, 2023 Oct. 31, 2028 0 2 2 0
72 Python3.11 3.11.14 Oct. 9, 2025 Oct. 24, 2022 Oct. 31, 2027 0 9 3 0
73 Python3.10 3.10.19 Oct. 9, 2025 Oct. 4, 2021 Oct. 31, 2026 2 12 7 0
74 Python3.9 3.9.25 Oct. 31, 2025 Oct. 5, 2020 Oct. 5, 2025 6 15 11 0
75 Python3.8 3.8.20 Sept. 6, 2024 Oct. 14, 2019 Oct. 14, 2024 8 18 15 0
76 Python3.7 3.7.17 June 6, 2023 June 27, 2018 June 27, 2023 9 25 20 0
77 Python3.6 3.6.15 Sept. 3, 2021 Dec. 23, 2016 Dec. 23, 2021 9 24 20 0
78 Python3.5 3.5.10 Sept. 5, 2020 Sept. 13, 2015 Sept. 13, 2020 9 25 19 0
79 Python3.4 3.4.10 March 18, 2019 March 17, 2014 March 18, 2019 8 26 20 1
80 Python3.3 3.3.7 Sept. 19, 2017 Sept. 29, 2012 Sept. 29, 2017 7 22 24 1
81 Python3.2 3.2.6 Oct. 12, 2014 Feb. 20, 2011 Feb. 20, 2016 5 19 27 2
82 Python2.7 2.7.18 April 20, 2020 July 3, 2010 Jan. 1, 2020 10 25 31 3
83 Python3.1 3.1.5 Aug. 17, 2009 June 26, 2009 April 9, 2012 4 19 33 1
84 Python3.0 3.0.1 Feb. 13, 2009 Dec. 19, 2008 June 27, 2009 4 18 24 1
85 Python2.6 2.6.9 Jan. 29, 2013 4 15 26 3
86 Python2.5 2.5.6 Jan. 1, 2000 4 25 29 2
87 Python2.4 2.4.6 Jan. 1, 2000 4 24 26 3
88 Python2.3 2.3.7 Jan. 1, 2000 4 23 25 3
89 Python2.2 2.2.3 Jan. 1, 2000 4 24 26 3
90 Python2.1 2.1.3 Jan. 1, 2000 4 22 26 3
91 Python2.0 2.0.1 Jan. 1, 2000 4 22 26 3
92 Python1.6 1.6.1 Jan. 1, 2000 3 22 21 3
93 Python1.5 1.5.2 Jan. 1, 2000 3 22 21 3
94 Python1.4 1.4 Jan. 1, 2000 3 21 21 3
95 Python1.3 1.3 Jan. 1, 2000 3 21 21 3
96 Python1.2 1.2 Jan. 1, 2000 3 21 21 3
97 Python1.1 1.1.1 Jan. 1, 2000 3 21 21 3
98 Python1.0 1.0.2 Jan. 1, 2000 3 21 21 3
99 Python0.9 0.9.9 Jan. 1, 2000 3 21 21 3
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
71 6.1
4.3 		MEDIUM
Network 		CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP… CWE-113
HTTP Response Splitting 		CVE-2016-5699 cpe:2.3:a:python:python:3.4.3:*
cpe:2.3:a:python:python:3.4.2:*
cpe:2.3:a:python:python:3.4.1:*
cpe:2.3:a:pyth… 		2.7.9 2024-11-21 11:54
2016-09-2 		Show GitHub Exploit DB Packet Storm
72 9.8
10.0 		CRITICAL
Network 		Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negat… CWE-190
 Integer Overflow or Wraparound 		CVE-2016-5636 cpe:2.3:a:python:python:3.5.1:*
cpe:2.3:a:python:python:3.5.0:*
cpe:2.3:a:python:python:3.4.4:*
cpe:2.3:a:pyth… 		2.7.11 2024-11-21 11:54
2016-09-2 		Show GitHub Exploit DB Packet Storm
73 6.5
5.8 		MEDIUM
Network 		The smtplib library in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 does not return an error when StartTLS fails, which might allow man-in-the-middle attackers to bypa… CWE-693
 Protection Mechanism Failure 		CVE-2016-0772 cpe:2.3:a:python:python:3.5.1:*
cpe:2.3:a:python:python:3.5.0:*
cpe:2.3:a:python:python:3.4.4:*
cpe:2.3:a:pyth… 		2.7.11 2024-11-21 11:42
2016-09-2 		Show GitHub Exploit DB Packet Storm
74 7.5
5.0 		HIGH
Network 		The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for re… CWE-200
Information Exposure 		CVE-2016-2183 cpe:2.3:a:python:python:*:* 3.4.0
3.5.0
2.7.0



3.4.7
3.5.3
2.7.13 		2024-11-21 11:47
2016-09-1 		Show GitHub Exploit DB Packet Storm
75 8.1
6.8 		HIGH
Network 		The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-4472 cpe:2.3:a:python:python:*:* 3.6.0
3.5.0
3.4.0
3.3.0
2.7.0







3.6.2
3.5.4
3.4.7
3.3.7
2.7.15 		2024-11-21 11:52
2016-07-1 		Show GitHub Exploit DB Packet Storm
76 6.5
4.3 		MEDIUM
Network 		Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the… NVD-CWE-Other
CVE-2016-3189 cpe:2.3:a:python:python:*:* 3.10.0
3.9.0
3.8.0
3.7.0





3.10.3
3.9.11
3.8.13
3.7.13 		2024-11-21 11:49
2016-07-1 		Show GitHub Exploit DB Packet Storm
77 5.9
4.3 		MEDIUM
Network 		The ssl.match_hostname function in CPython (aka Python) before 2.7.9 and 3.x before 3.3.3 does not properly handle wildcards in hostnames, which might allow man-in-the-middle attackers to spoof serve… CWE-19
 Data Processing Errors 		CVE-2013-7440 cpe:2.3:a:python:python:3.3:beta2
cpe:2.3:a:python:python:3.3:*
cpe:2.3:a:python:python:3.3.2:*
cpe:2.3:a:pyth… 		2.7.8 2024-11-21 11:01
2016-06-8 		Show GitHub Exploit DB Packet Storm
78 9.8
7.5 		CRITICAL
Network 		Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2016-0718 cpe:2.3:a:python:python:*:* 3.6.0
3.5.0
3.4.0
3.3.0
2.7.0







3.6.2
3.5.4
3.4.7
3.3.7
2.7.15 		2024-11-21 11:42
2016-05-27 		Show GitHub Exploit DB Packet Storm
79 -
7.2 		HIGH Untrusted search path vulnerability in python.exe in Python through 3.5.0 on Windows allows local users to gain privileges via a Trojan horse readline.pyd file in the current working directory. NOTE… NVD-CWE-Other
CVE-2015-5652 cpe:2.3:a:python:python:*:* 3.5.0 2024-11-21 11:33
2015-10-6 		Show GitHub Exploit DB Packet Storm
80 -
6.8 		MEDIUM Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (… CWE-190
 Integer Overflow or Wraparound 		CVE-2015-1283 cpe:2.3:a:python:python:*:* 3.3.0
3.5.0
3.4.0
2.7.0





3.3.7
3.5.2
3.4.5
2.7.12 		2024-11-21 11:25
2015-07-23 		Show GitHub Exploit DB Packet Storm