Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

21 – 24 of 24 results


CVE-2023-36632

Medium priority
Not affected

** DISPUTED ** The legacy email.utils.parseaddr function in Python through 3.11.4 allows attackers to trigger "RecursionError: maximum recursion depth exceeded while calling a Python object" via a crafted argument. This argument...

11 affected packages

python, python2.7, python3.10, python3.11, python3.12...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python Not in release Not in release Ignored Ignored
python2.7 Not affected Not affected Not affected Not affected
python3.10 Not affected Not in release Not in release Not in release
python3.11 Not affected Not in release Not in release Not in release
python3.12 Not in release Not in release Not in release Not in release
python3.4 Not in release Not in release Not in release Not in release
python3.5 Not in release Not in release Not in release Not affected
python3.6 Not in release Not in release Not affected Not in release
python3.7 Not in release Not in release Not affected Not in release
python3.8 Not in release Not affected Not affected Not in release
python3.9 Not in release Not affected Not in release Not in release
Show all 11 packages Show less packages

CVE-2023-33595

Medium priority
Not affected

CPython v3.12.0 alpha 7 was discovered to contain a heap use-after-free via the function ascii_decode at /Objects/unicodeobject.c.

11 affected packages

python, python2.7, python3.10, python3.11, python3.12...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python Not in release Not in release Ignored Ignored
python2.7 Not affected Not affected Not affected Not affected
python3.10 Not affected Not in release Not in release Not in release
python3.11 Not affected Not in release Not in release Not in release
python3.12 Not in release Not in release Not in release Not in release
python3.4 Not in release Not in release Not in release Not in release
python3.5 Not in release Not in release Not in release Not affected
python3.6 Not in release Not in release Not affected Not in release
python3.7 Not in release Not in release Not affected Not in release
python3.8 Not in release Not affected Not affected Not in release
python3.9 Not in release Not affected Not in release Not in release
Show all 11 packages Show less packages

CVE-2023-27043

Medium priority

Some fixes available 10 of 21

The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker...

11 affected packages

python2.7, python3.10, python3.11, python3.12, python3.13...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python2.7 Not in release Fixed Fixed Fixed Fixed
python3.10 Not in release Fixed Not in release Not in release Not in release
python3.11 Not in release Vulnerable Not in release Not in release Not in release
python3.12 Fixed Not in release Not in release Not in release Not in release
python3.13 Not in release Not in release Not in release Not in release Not in release
python3.4 Not in release Not in release Not in release Not in release Not in release
python3.5 Not in release Not in release Not in release Not in release Fixed
python3.6 Not in release Not in release Not in release Vulnerable Not in release
python3.7 Not in release Not in release Not in release Vulnerable Not in release
python3.8 Not in release Not in release Fixed Vulnerable Not in release
python3.9 Not in release Not in release Vulnerable Not in release Not in release
Show all 11 packages Show less packages

CVE-2007-4559

Medium priority

Some fixes available 2 of 30

Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR...

16 affected packages

python2.3, python2.4, python2.5, python2.6, python2.7...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python2.3
python2.4
python2.5
python2.6
python2.7 Ignored Ignored Ignored Ignored
python3.0
python3.1
python3.10 Fixed Not in release Not in release Not in release
python3.11 Ignored Not in release Not in release Not in release
python3.12 Not in release Not in release Not in release Not in release
python3.4 Not in release Not in release Not in release Not in release
python3.5 Not in release Not in release Not in release Ignored
python3.6 Not in release Not in release Ignored Not in release
python3.7 Not in release Not in release Ignored Not in release
python3.8 Not in release Ignored Ignored Not in release
python3.9 Not in release Ignored Not in release Not in release
Show all 16 packages Show less packages