Lucene search
K
PypaMost viewed

5616 matches found

PyPA
PyPA
•added 2021/12/08 11:15 p.m.•11 views

PYSEC-2021-848

Sockeye is an open-source sequence-to-sequence framework for Neural Machine Translation built on PyTorch. Sockeye uses YAML to store model and data configurations on disk. Versions below 2.3.24 use unsafe YAML loading, which can be made to execute arbitrary code embedded in config files. An...

7.8CVSS7.8AI score0.02415EPSS
Exploits0References3Affected Software1
PyPA
PyPA
•added 2021/07/06 12:15 p.m.•11 views

PYSEC-2021-112

An integer overflow exists in pywin32 prior to version b301 when adding an access control entry ACE to an access control list ACL that would cause the size to be greater than 65535 bytes. An attacker who successfully exploited this vulnerability could crash the vulnerable process...

6.5CVSS7AI score0.01729EPSS
Exploits0References3Affected Software1
PyPA
PyPA
•added 2021/05/14 8:15 p.m.•11 views

PYSEC-2021-481

TensorFlow is an end-to-end open source platform for machine learning. An attacker can read data outside of bounds of heap allocated buffer in tf.rawops.QuantizeAndDequantizeV3. This is because the...

7.1CVSS7.1AI score0.00198EPSS
Exploits1References2Affected Software1
PyPA
PyPA
•added 2021/02/02 7:15 a.m.•11 views

PYSEC-2021-9

In Django 2.2 before 2.2.18, 3.0 before 3.0.12, and 3.1 before 3.1.6, the django.utils.archive.extract method used by "startapp --template" and "startproject --template" allows directory traversal via an archive with absolute paths or relative paths with dot segments...

5.3CVSS7AI score0.07605EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2020/11/18 10:15 p.m.•11 views

PYSEC-2020-215

Jupyter Notebook before version 6.1.5 has an Open redirect vulnerability. A maliciously crafted link to a notebook server could redirect the browser to a different website. All notebook servers are technically affected, however, these maliciously crafted links can only be reasonably made for know...

6.1CVSS6.8AI score0.01213EPSS
Exploits0References3Affected Software1
PyPA
PyPA
•added 2020/10/17 8:15 p.m.•11 views

PYSEC-2020-59

DISPUTED TAXII libtaxii through 1.1.117, as used in EclecticIQ OpenTAXII through 0.2.0 and other products, allows SSRF via an initial http:// substring to the parse method, even when the nonetwork setting is used for the XML parser. NOTE: the vendor points out that the parse method "wraps the lxm...

9.8CVSS7AI score0.0225EPSS
Exploits2References4Affected Software1
PyPA
PyPA
•added 2020/09/30 8:15 p.m.•11 views

PYSEC-2020-263

A flaw was found in Django REST Framework versions before 3.12.0 and before 3.11.2. When using the browseable API viewer, Django REST Framework fails to properly escape certain strings that can come from user input. This allows a user who can control those strings to inject malicious...

6.1CVSS6.5AI score0.01286EPSS
Exploits0References3Affected Software1
PyPA
PyPA
•added 2020/08/05 2:15 p.m.•11 views

PYSEC-2020-342

Resolved Only when using H2/MySQL/TiDB as Apache SkyWalking storage, there is a SQL injection vulnerability in the wildcard query cases...

9.8CVSS8.1AI score0.33478EPSS
Exploits0References4Affected Software1
PyPA
PyPA
•added 2020/07/29 1:15 p.m.•11 views

PYSEC-2020-44

This affects the package Gerapy from 0 and before 0.9.3. The input being passed to Popen, via the projectconfigure endpoint, isn’t being sanitized...

9.8CVSS7AI score0.01694EPSS
Exploits0References3Affected Software1
PyPA
PyPA
•added 2019/12/26 5:15 p.m.•11 views

PYSEC-2019-138

In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests containing special...

8.2CVSS6.5AI score0.02587EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2019/04/10 8:29 p.m.•11 views

PYSEC-2019-214

A malicious admin user could edit the state of objects in the Airflow metadata database to execute arbitrary javascript on certain page views...

4.8CVSS7.4AI score0.02767EPSS
Exploits0References4Affected Software1
PyPA
PyPA
•added 2019/04/02 7:29 p.m.•11 views

PYSEC-2019-166

The Serialize.deserialize method in CoAPthon3 1.0 and 1.0.1 mishandles certain exceptions, leading to a denial of service in applications that use this library e.g., the standard CoAP server, CoAP client, example collect CoAP server and client when they receive crafted CoAP messages...

7.5CVSS6.8AI score0.01446EPSS
Exploits1References2Affected Software1
PyPA
PyPA
•added 2019/02/25 3:29 p.m.•11 views

PYSEC-2019-249

An issue was discovered in Exiv2 0.27. There is infinite recursion at BigTiffImage::printIFD in the file bigtiffimage.cpp. This can be triggered by a crafted file. It allows an attacker to cause Denial of Service Segmentation fault or possibly have unspecified other impact...

8.8CVSS7.3AI score0.02783EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2018/04/18 7:29 p.m.•11 views

PYSEC-2018-75

OISF suricata-update version 1.0.0a1 contains an Insecure Deserialization vulnerability in the insecure yaml.load-Function as used in the following files: config.py:136, config.py:142, sources.py:99 and sources.py:131. The "list-sources"-command is affected by this bug. that can result in Remote...

9.3CVSS7.3AI score0.04159EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2017/09/21 9:29 p.m.•11 views

PYSEC-2017-152

A flaw was found in instack-undercloud 7.2.0 as packaged in Red Hat OpenStack Platform Pike, 6.1.0 as packaged in Red Hat OpenStack Platform Oacta, 5.3.0 as packaged in Red Hat OpenStack Newton, where pre-install and security policy scripts used insecure temporary files. A local user could exploi...

6.4CVSS6.6AI score0.00347EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2017/09/13 4:29 p.m.•11 views

PYSEC-2017-147

In Apache Spark 1.6.0 until 2.1.1, the launcher API performs unsafe deserialization of data received by its socket. This makes applications launched programmatically using the launcher API potentially vulnerable to arbitrary code execution by an attacker with access to any user account on the loc...

7.8CVSS8AI score0.00734EPSS
Exploits0References4Affected Software1
PyPA
PyPA
•added 2017/02/22 4:59 p.m.•11 views

PYSEC-2017-15

The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting XSS attacks by leveraging mishandling of special characters in attribute values, a different vulnerability than CVE-2016-9909...

6.1CVSS6.2AI score0.02141EPSS
Exploits0References8Affected Software1
PyPA
PyPA
•added 2015/08/24 2:59 p.m.•11 views

PYSEC-2015-22

contrib.sessions.middleware.SessionMiddleware in Django 1.8.x before 1.8.4, 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions allows remote attackers to cause a denial of service session store consumption or session record removal via a large number of requests to...

5CVSS6.9AI score0.05163EPSS
Exploits0References14Affected Software1
PyPA
PyPA
•added 2014/04/23 3:55 p.m.•11 views

PYSEC-2014-1

The django.core.urlresolvers.reverse function in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 allows remote attackers to import and execute arbitrary Python modules by leveraging a view that constructs URLs using user input and a "dotted Python path."...

5.1CVSS7.4AI score0.0565EPSS
Exploits0References8Affected Software1
PyPA
PyPA
•added 2014/03/11 7:37 p.m.•11 views

PYSEC-2014-55

zip.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly enforce access restrictions when including content in a zip archive, which allows remote attackers to obtain sensitive information by reading a generated archive...

5.8CVSS6.6AI score0.0119EPSS
Exploits0References5Affected Software1
PyPA
PyPA
•added 2014/03/11 7:37 p.m.•11 views

PYSEC-2014-57

typeswidget.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly enforce the immutable setting on unspecified content edit forms, which allows remote attackers to hide fields on the forms via a crafted URL...

4.3CVSS6.9AI score0.0119EPSS
Exploits0References5Affected Software1
PyPA
PyPA
•added 2013/03/22 9:55 p.m.•11 views

PYSEC-2013-46

The v1 API in OpenStack Glance Essex 2012.1, Folsom 2012.2, and Grizzly, when using the single-tenant Swift or S3 store, reports the location field, which allows remote authenticated users to obtain the operator's backend credentials via a request for a cached image...

3.5CVSS5.8AI score0.01356EPSS
Exploits0References12Affected Software1
PyPA
PyPA
•added 2011/06/06 7:55 p.m.•11 views

PYSEC-2011-16

plone.app.users in Plone 4.0 and 4.1 allows remote authenticated users to modify the properties of arbitrary accounts via unspecified vectors, as exploited in the wild in June 2011...

5.5CVSS7AI score0.01579EPSS
Exploits0References8Affected Software1
PyPA
PyPA
•added 2011/02/14 9:0 p.m.•11 views

PYSEC-2011-30

Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery CSRF attacks via forged AJAX requests that leverage a "combination of browser plugins...

6.8CVSS5.8AI score0.01589EPSS
Exploits1References18Affected Software1
PyPA
PyPA
•added 2008/12/17 6:30 p.m.•11 views

PYSEC-2008-6

Unspecified vulnerability in Trac before 0.11.2 allows attackers to cause a denial of service via unknown attack vectors related to "certain wiki markup."...

7.5CVSS6.7AI score0.01227EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2026/06/04 12:16 p.m.•10 views

PYSEC-0000-CVE-2026-10803

A flaw has been found in MLflow up to 3.10.0. This issue affects the function mlflow.data.digestutils of the file mlflow/data/digestutils.py of the component Dataset Digest Computation. This manipulation causes use of weak hash. It is possible to launch the attack on the local host. The attack is...

3.6CVSS4.7AI score0.00103EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2026/06/04 12:16 p.m.•10 views

PYSEC-2026-195

A flaw has been found in MLflow up to 3.10.0. This issue affects the function mlflow.data.digestutils of the file mlflow/data/digestutils.py of the component Dataset Digest Computation. This manipulation causes use of weak hash. It is possible to launch the attack on the local host. The attack is...

3.6CVSS4.7AI score0.00103EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2026/06/01 9:16 a.m.•10 views

PYSEC-0000-CVE-2026-42359

A bug in Apache Airflow's XCom PATCH endpoint PATCH /api/v2/xcomEntries/key allowed an authenticated UI/API user with XCom write permission on a Dag to set XCom entries under reserved key names e.g. returnvalue that the matching POST endpoint already validated against FORBIDDENXCOMKEYS. The...

8.8CVSS5.8AI score0.0055EPSS
Exploits0References3Affected Software1
PyPA
PyPA
•added 2026/06/01 9:16 a.m.•10 views

PYSEC-0000-CVE-2026-41014

The partitioneddagruns endpoints in the Airflow UI enforced only asset-level access control, not per-Dag authorization. An authenticated UI/API user with global Asset:read permission could enumerate partition run state, schedule configuration, and asset wiring for Dags they were not authorized to...

4.3CVSS5.8AI score0.00352EPSS
Exploits0References3Affected Software1
PyPA
PyPA
•added 2026/06/01 9:16 a.m.•10 views

PYSEC-2026-185

A bug in Apache Airflow's XCom PATCH endpoint PATCH /api/v2/xcomEntries/key allowed an authenticated UI/API user with XCom write permission on a Dag to set XCom entries under reserved key names e.g. returnvalue that the matching POST endpoint already validated against FORBIDDENXCOMKEYS. The...

8.8CVSS5.8AI score0.00592EPSS
Exploits0References3Affected Software1
PyPA
PyPA
•added 2026/05/28 4:16 p.m.•10 views

PYSEC-0000-CVE-2026-48522

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen which uses Python stdlib's default OpenerDirector registering HTTPHandler, HTTPSHandler, FTPHandler, FileHandler, and DataHandler. There is currently no...

4.2CVSS5.9AI score0.00181EPSS
Exploits1References1Affected Software1
PyPA
PyPA
•added 2026/05/27 6:16 p.m.•10 views

PYSEC-0000-CVE-2026-44345

BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.39, src/bentoml/internal/container/frontend/dockerfile/templates/basev2.j2 interpolates docker.baseimage raw with no escaping, newline filtering, or validation. A malicious...

8.8CVSS5.9AI score0.00317EPSS
Exploits1References1Affected Software1
PyPA
PyPA
•added 2026/05/27 6:16 p.m.•10 views

PYSEC-0000-CVE-2026-44346

BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.39, a malicious bentofile.yaml containing a newline-injected value in envs.name produces unquoted RUN directives in the BentoML-generated Dockerfile. When the victim runs bentom...

8.8CVSS5.9AI score0.00321EPSS
Exploits1References1Affected Software1
PyPA
PyPA
•added 2026/05/26 9:16 p.m.•10 views

PYSEC-0000-CVE-2026-44896

Mistune is a Python Markdown parser with renderers and plugins. In 3.2.0 and realier, in src/mistune/directives/image.py, the renderfigure function concatenates figclass and figwidth options directly into HTML attributes without escaping. This allows attribute injection and XSS even when...

6.1CVSS5.8AI score0.00198EPSS
Exploits0References1Affected Software1
PyPA
PyPA
•added 2026/05/01 9:16 a.m.•10 views

PYSEC-2026-205

An issue was discovered in OpenStack ironic-python-agent 1.0.0 through 11.5.0. Ironic Python Agent IPA sometimes executes grub-install from within a chroot of the deployed partition image, leading to code execution in the case of a malicious image...

8CVSS6AI score0.00837EPSS
Exploits0References3Affected Software1
PyPA
PyPA
•added 2026/04/18 7:16 a.m.•10 views

PYSEC-2026-18

In case of SQL errors, exception/stack trace of errors was exposed in API even if "api/exposestacktraces" was set to false. That could lead to exposing additional information to potential attacker. Users are recommended to upgrade to Apache Airflow 3.2.0, which fixes the issue...

7.5CVSS5.8AI score0.00449EPSS
Exploits0References3Affected Software1
PyPA
PyPA
•added 2026/04/08 9:17 p.m.•10 views

PYSEC-2026-36

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers e.g. Hash.update, this could lead to buffer overflows. This vulnerability is fixed in...

9.8CVSS5.9AI score0.00652EPSS
Exploits0References2Affected Software1
PyPA
PyPA
•added 2026/04/07 4:16 p.m.•10 views

PYSEC-2026-134

Strawberry GraphQL is a library for creating GraphQL APIs. Prior to 0.312.3, Strawberry GraphQL's WebSocket subscription handlers for both the graphql-transport-ws and legacy graphql-ws protocols allocate an asyncio.Task and associated Operation object for every incoming subscribe message without...

7.5CVSS5.8AI score0.00274EPSS
Exploits0References1Affected Software1
PyPA
PyPA
•added 2026/04/06 4:16 p.m.•10 views

PYSEC-2026-144

vLLM is an inference and serving engine for large language models LLMs. From 0.7.0 to before 0.19.0, the VideoMediaIO.loadbase64 method at vllm/multimodal/media/video.py splits video/jpeg data URLs by comma to extract individual JPEG frames, but does not enforce a frame count limit. The numframes...

6.5CVSS5.9AI score0.0035EPSS
Exploits0References1Affected Software1
PyPA
PyPA
•added 2026/03/29 6:16 p.m.•10 views

PYSEC-2026-204

A critical security vulnerability in parisneo/lollms versions up to 2.2.0 allows any authenticated user to accept or reject friend requests belonging to other users. The respondrequest function in backend/routers/friends.py does not implement proper authorization checks, enabling Insecure Direct...

8.3CVSS7.3AI score0.00268EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2026/03/27 1:16 a.m.•10 views

PYSEC-2026-157

BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.37, the docker.systempackages field in bentofile.yaml accepts arbitrary strings that are interpolated directly into Dockerfile RUN commands without sanitization. Since...

7.8CVSS6AI score0.00257EPSS
Exploits1References1Affected Software1
PyPA
PyPA
•added 2026/03/24 8:16 p.m.•10 views

PYSEC-2026-122

pyLoad is a free and open-source download manager written in Python. Prior to version 0.5.0b3.dev97, a Host Header Spoofing vulnerability in the @localcheck decorator allows unauthenticated external attackers to bypass local-only restrictions. This grants access to the Click'N'Load API endpoints,...

6.5CVSS5.9AI score0.00183EPSS
Exploits1References1Affected Software1
PyPA
PyPA
•added 2026/03/22 5:16 a.m.•10 views

PYSEC-2026-139

A vulnerability was identified in PyTorch 2.10.0. The affected element is an unknown function of the component pt2 Loading Handler. The manipulation leads to deserialization. The attack can only be performed from a local environment. The exploit is publicly available and might be used. The projec...

7.8CVSS5.6AI score0.00239EPSS
Exploits0References5Affected Software1
PyPA
PyPA
•added 2026/03/22 1:16 a.m.•10 views

PYSEC-2026-38

Deluge 1.3.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Webseeds field. Attackers can paste a buffer of 5000 bytes into the Webseeds field during torrent creation to trigger an application crash...

6.9CVSS6AI score0.00177EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2026/03/16 2:19 p.m.•10 views

PYSEC-2026-132

SimpleEval is a library for adding evaluatable expressions into python projects. Prior to 1.0.5, objects including modules can leak dangerous modules through to direct access inside the sandbox. If the objects you've passed in as names to SimpleEval have modules or other disallowed / dangerous...

9.8CVSS7.3AI score0.00512EPSS
Exploits0References2Affected Software1
PyPA
PyPA
•added 2026/03/11 8:16 p.m.•10 views

PYSEC-2026-140

Tornado is a Python web framework and asynchronous networking library. In versions of Tornado prior to 6.5.5, the only limit on the number of parts in multipart/form-data is the maxbodysize setting default 100MB. Since parsing occurs synchronously on the main thread, this creates the possibility ...

8.7CVSS7.3AI score0.00375EPSS
Exploits0References2Affected Software1
PyPA
PyPA
•added 2026/03/09 8:16 p.m.•10 views

PYSEC-2026-97

A vulnerability in the filestring function of the nltk.util module in nltk version 3.9.2 allows arbitrary file read due to improper validation of input paths. The function directly opens files specified by user input without sanitization, enabling attackers to access sensitive system files by...

8.6CVSS7.4AI score0.00428EPSS
Exploits1References2Affected Software1
PyPA
PyPA
•added 2026/03/09 4:16 p.m.•10 views

PYSEC-2026-84

An issue pertaining to CWE-312: Cleartext Storage of Sensitive Information was discovered in lesspass lesspass v9.6.9 which allows attackers to obtain sensitive information...

6.5CVSS5.8AI score0.00167EPSS
Exploits0References3Affected Software1
PyPA
PyPA
•added 2026/03/05 8:16 p.m.•10 views

PYSEC-2026-83

LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB both sync and async, via aiosqlite. In version 1.0.9 and prior, LangGraph checkpointers can load msgpack-encoded checkpoints that reconstruct Python objects during deserialization. If an attacker can...

7.2CVSS5.8AI score0.05219EPSS
Exploits0References1Affected Software1
PyPA
PyPA
•added 2026/03/04 7:16 p.m.•10 views

PYSEC-2026-98

A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in multiple CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and BracketParseCorpusReader. These classes fail to properly sanitize or validate file paths, enabling...

8.6CVSS7.8AI score0.00924EPSS
Exploits3References2Affected Software1
Total number of security vulnerabilities5000