python3-tkinter vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the python3-tkinter package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M Improper Handling of Length Parameter Inconsistency	<0:3.7.16-1.amzn2.0.20
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:3.7.16-1.amzn2.0.19
M Inefficient Regular Expression Complexity	<0:3.7.16-1.amzn2.0.18
M Use After Free	<0:3.7.16-1.amzn2.0.18
H Race Condition	<0:3.7.10-1.amzn2.0.1
M Unquoted Search Path or Element	<0:3.7.16-1.amzn2.0.17
L Improper Handling of Inconsistent Special Elements	<0:3.7.16-1.amzn2.0.15
M Directory Traversal	<0:3.7.16-1.amzn2.0.14
M Improper Input Validation	<0:3.7.16-1.amzn2.0.14
M CVE-2024-6923	<0:3.7.16-1.amzn2.0.12
L Expected Behavior Violation	<0:3.7.16-1.amzn2.0.11
M Resource Exhaustion	<0:3.7.16-1.amzn2.0.12
M Race Condition	<0:3.7.16-1.amzn2.0.13
M Improper Validation of Specified Type of Input	<0:3.7.16-1.amzn2.0.12
M Open Redirect	<0:3.7.15-1.amzn2.0.1
M Improper Input Validation	<0:3.7.16-1.amzn2.0.9
H Inefficient Regular Expression Complexity	<0:3.7.16-1.amzn2.0.8
M Improper Input Validation	<0:3.7.16-1.amzn2.0.7
H Resource Exhaustion	<0:3.7.10-1.amzn2.0.1
H Symlink Following	<0:3.7.16-1.amzn2.0.6
M Multiple Interpretations of UI Input	<0:3.7.16-1.amzn2.0.5
H Eval Injection	<0:3.7.10-1.amzn2.0.1
H HTTP Response Splitting	<0:3.7.10-1.amzn2.0.1
H XML External Entity (XXE) Injection	<0:3.7.10-1.amzn2.0.1
M Use After Free	<0:3.7.8-1.amzn2.0.1
H Authentication Bypass by Primary Weakness	<0:3.7.16-1.amzn2.0.4
M Improper Input Validation	<0:3.7.16-1.amzn2.0.2
H Resource Exhaustion	<0:3.7.16-1.amzn2.0.1
H Integer Overflow to Buffer Overflow	<0:3.7.15-1.amzn2.0.2
M Incorrect Type Conversion or Cast	<0:3.7.15-1.amzn2.0.1
M Improper Encoding or Escaping of Output	<0:3.7.10-1.amzn2.0.1
M CVE-2020-27619	<0:3.7.10-1.amzn2.0.1
M Information Exposure	<0:3.7.9-1.amzn2.0.3
M HTTP Request Smuggling	<0:3.7.9-1.amzn2.0.3
M Buffer Overflow	<0:3.7.9-1.amzn2.0.2
M Incorrect Calculation	<0:3.7.9-1.amzn2.0.1
M Improper Input Validation	<0:3.7.9-1.amzn2.0.1
M Resource Exhaustion	<0:3.7.8-1.amzn2.0.1
M CVE-2019-16056	<0:3.7.4-1.amzn2.0.3
H Credentials Management	<0:3.7.4-1.amzn2.0.1
H CRLF Injection	<0:3.7.3-1.amzn2.0.2
H CRLF Injection	<0:3.7.3-1.amzn2.0.2
H Integer Overflow or Wraparound	<0:3.7.3-1.amzn2.0.1
H CVE-2019-9636	<0:3.7.3-1.amzn2.0.1
M NULL Pointer Dereference	<0:3.7.2-4.amzn2.0.1
M Missing Initialization of Resource	<0:3.7.1-9.amzn2.0.1

Vulnerability

Vulnerable Version

Improper Handling of Length Parameter Inconsistency

<0:3.7.16-1.amzn2.0.20