CPython - CVE CyberSecurity Database News

Mar 19, 2024 Python Software Foundation CPython

CVE-2024-0450: Patch for CPython `zipfile` module fixing "quoted-overlap" zip-bombs vulnerability

A recent security issue has been discovered in the CPython zipfile module, affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.

Mar 19, 2024 Exploit Python Software Foundation CPython

CVE-2023-6597 - `tempfile.TemporaryDirectory` Symlink Dereference Vulnerability in CPython

A new security vulnerability (CVE-2023-6597) was discovered in the CPython tempfile.TemporaryDirectory class, affecting several versions, including 3.12.1, 3.11.7, 3.10.

CVE-2023-33595 - CPython v3.12. alpha 7 Heap Use-After-Free Vulnerability in ascii_decode Function

Jun 7, 2023 RCE Exploit Python CPython

CVE-2023-33595 - CPython v3.12. alpha 7 Heap Use-After-Free Vulnerability in ascii_decode Function

A serious security vulnerability has been discovered affecting the CPython implementation (version 3.12. alpha 7) of the widely-used Python programming language. This vulnerability, registered