Software Detail

Software Informaton Top

Programming

Software Detail

Python

Number Of NVD

124

CRITICAL

HIGH

MEDIUM

LOW

URL	https://www.python.org/
Explanation	A universally usable scripting language that does not require compilation and is executed by an interpreter. It can be programmed in a variety of formats such as object-oriented, imperative, procedural, and functional. It can be programmed in various formats such as object-oriented, imperative, procedural, and functional, and can be easily used as it is initially installed on most Unix and Linux distributions. The language specification is simple and designed so that anyone can write the same kind of code, and it is the language of choice for many projects and companies. It is widely used in the following applications due to its rich library. AI (Deep Learning, Machine Learning, Deep Learning) Web applications Scripts for server administration It is my personal favorite language. Basically, it is supported for 5 years after its release.
Tag	Python Software Foundation License オープンソース

Add Information URL

No	Type	Name	URL
1			https://www.python.org/downloads/
2			https://devguide.python.org/devcycle/#end-of-life-branches
3			https://devguide.python.org/
4			https://github.com/python

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Normal Support	Critical	High	Medium	Low
81	Python3.12	3.12.12	Oct. 9, 2025	Oct. 2, 2023	Oct. 31, 2028	0	2	2	0
82	Python3.11	3.11.14	Oct. 9, 2025	Oct. 24, 2022	Oct. 31, 2027	0	9	3	0
83	Python3.10	3.10.19	Oct. 9, 2025	Oct. 4, 2021	Oct. 31, 2026	2	12	7	0
84	Python3.9	3.9.25	Oct. 31, 2025	Oct. 5, 2020	Oct. 5, 2025	6	15	11	0
85	Python3.8	3.8.20	Sept. 6, 2024	Oct. 14, 2019	Oct. 14, 2024	8	18	15	0
86	Python3.7	3.7.17	June 6, 2023	June 27, 2018	June 27, 2023	9	25	20	0
87	Python3.6	3.6.15	Sept. 3, 2021	Dec. 23, 2016	Dec. 23, 2021	9	24	20	0
88	Python3.5	3.5.10	Sept. 5, 2020	Sept. 13, 2015	Sept. 13, 2020	9	25	19	0
89	Python3.4	3.4.10	March 18, 2019	March 17, 2014	March 18, 2019	8	26	20	1
90	Python3.3	3.3.7	Sept. 19, 2017	Sept. 29, 2012	Sept. 29, 2017	7	22	24	1
91	Python3.2	3.2.6	Oct. 12, 2014	Feb. 20, 2011	Feb. 20, 2016	5	19	27	2
92	Python2.7	2.7.18	April 20, 2020	July 3, 2010	Jan. 1, 2020	10	25	31	3
93	Python3.1	3.1.5	Aug. 17, 2009	June 26, 2009	April 9, 2012	4	19	33	1
94	Python3.0	3.0.1	Feb. 13, 2009	Dec. 19, 2008	June 27, 2009	4	18	24	1
95	Python2.6	2.6.9			Jan. 29, 2013	4	15	26	3
96	Python2.5	2.5.6			Jan. 1, 2000	4	25	29	2
97	Python2.4	2.4.6			Jan. 1, 2000	4	24	26	3
98	Python2.3	2.3.7			Jan. 1, 2000	4	23	25	3
99	Python2.2	2.2.3			Jan. 1, 2000	4	24	26	3
100	Python2.1	2.1.3			Jan. 1, 2000	4	22	26	3
101	Python2.0	2.0.1			Jan. 1, 2000	4	22	26	3
102	Python1.6	1.6.1			Jan. 1, 2000	3	22	21	3
103	Python1.5	1.5.2			Jan. 1, 2000	3	22	21	3
104	Python1.4	1.4			Jan. 1, 2000	3	21	21	3
105	Python1.3	1.3			Jan. 1, 2000	3	21	21	3
106	Python1.2	1.2			Jan. 1, 2000	3	21	21	3
107	Python1.1	1.1.1			Jan. 1, 2000	3	21	21	3
108	Python1.0	1.0.2			Jan. 1, 2000	3	21	21	3
109	Python0.9	0.9.9			Jan. 1, 2000	3	21	21	3

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	or higher	or less	less than	Update date Published date	Show Affected	Exploit PoC Search
81	- 5.8	MEDIUM	The HTTP clients in the (1) httplib, (2) urllib, (3) urllib2, and (4) xmlrpclib libraries in CPython (aka Python) 2.x before 2.7.9 and 3.x before 3.4.3, when accessing an HTTPS URL, do not (a) check …	NVD-CWE-Other	CVE-2014-9365	cpe:2.3:a:python:python:3.4:alpha1 cpe:2.3:a:python:python:3.4.2:* cpe:2.3:a:python:python:3.4.1:* cpe:2.3:a:p…				2024-11-21 11:20 2014-12-12	Show	GitHub Exploit DB Packet Storm

82	- 3.3	LOW	Race condition in the _get_masked_mode function in Lib/os.py in Python 3.2 through 3.5, when exist_ok is set to true and multiple threads are used, might allow local users to bypass intended file per…	CWE-362 Race Condition	CVE-2014-2667	cpe:2.3:a:python:python:3.4.2:* cpe:2.3:a:python:python:3.4.1:* cpe:2.3:a:python:python:3.4.0:* cpe:2.3:a:pyth…				2024-11-21 11:06 2014-11-16	Show	GitHub Exploit DB Packet Storm

83	- 6.4	MEDIUM	Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function.	CWE-189 Numeric Errors	CVE-2014-7185	cpe:2.3:a:python:python:2.7.6:* cpe:2.3:a:python:python:2.7.5:* cpe:2.3:a:python:python:2.7.4:* cpe:2.3:a:pyth…		2.7.7		2024-11-21 11:16 2014-10-9	Show	GitHub Exploit DB Packet Storm

84	7.4 5.8	HIGH Network	OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a z…	CWE-326 Inadequate Encryption Strength	CVE-2014-0224	cpe:2.3:a:python:python::	3.4.0 2.7.0		3.4.2 2.7.8	2024-11-21 11:01 2014-06-6	Show	GitHub Exploit DB Packet Storm

85	- 4.3	MEDIUM	Python 2.7 before 3.4 only uses the last eight bits of the prefix to randomize hash values, which causes it to compute hash values without restricting the ability to trigger hash collisions predictab…	CWE-310 Cryptographic Issues	CVE-2013-7040	cpe:2.3:a:python:python:3.3:beta2 cpe:2.3:a:python:python:3.3:* cpe:2.3:a:python:python:3.3.5:rc2 cpe:2.3:a:py…				2024-11-21 11:00 2014-05-19	Show	GitHub Exploit DB Packet Storm

86	- 7.1	HIGH	Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read,…	CWE-20 Improper Input Validation	CVE-2013-7338	cpe:2.3:a:python:python:3.3.3:rc2 cpe:2.3:a:python:python:3.3.3:rc1 cpe:2.3:a:python:python:3.3.3:* cpe:2.3:a:…				2024-11-21 11:00 2014-04-22	Show	GitHub Exploit DB Packet Storm

87	- 7.5	HIGH	Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code …	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2014-1912	cpe:2.3:a:python:python:3.4:alpha1 cpe:2.3:a:python:python:3.3:beta2 cpe:2.3:a:python:python:3.3:* cpe:2.3:a:p…				2024-11-21 11:05 2014-03-1	Show	GitHub Exploit DB Packet Storm

88	- 6.8	MEDIUM	expat 2.1.0 and earlier does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of serv…	CWE-611 XXE	CVE-2013-0340	cpe:2.3:a:python:python::	3.8.0 3.9.0 3.7.0 3.6.0		3.8.12 3.9.7 3.7.12 3.6.15	2024-11-21 10:47 2014-01-22	Show	GitHub Exploit DB Packet Storm

89	- 4.3	MEDIUM	Algorithmic complexity vulnerability in the ssl.match_hostname function in Python 3.2.x, 3.3.x, and earlier, and unspecified versions of python-backports-ssl_match_hostname as used for older Python v…	CWE-399 Resource Management Errors	CVE-2013-2099	cpe:2.3:a:python:python:3.3.2:* cpe:2.3:a:python:python:3.3.1:* cpe:2.3:a:python:python:3.3.0:* cpe:2.3:a:pyth…				2024-11-21 10:51 2013-10-9	Show	GitHub Exploit DB Packet Storm

90	- 4.3	MEDIUM	The ssl.match_hostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, w…	CWE-20 Improper Input Validation	CVE-2013-4238	cpe:2.3:a:python:python:3.4:alpha1 cpe:2.3:a:python:python:3.3:beta2 cpe:2.3:a:python:python:3.3:* cpe:2.3:a:p…				2024-11-21 10:55 2013-08-18	Show	GitHub Exploit DB Packet Storm